PORT 445 In WIN XP (HOME)

Discussion in 'other firewalls' started by FireDancer, Apr 1, 2004.

Thread Status:
Not open for further replies.
  1. FireDancer

    FireDancer Registered Member

    Joined:
    Jul 24, 2003
    Posts:
    316
    Hello all ,

    It has been a long time since I last posted. I just recently purchased my first lap top and it has WIN XP home on it.

    I have configured my firewall I belive to a comfortable level useing my rules AS A TEMPLATE (for my internet connection rules and programs accses) from WIN98SE platform, of course most of the running services are very differant but all is running well.

    After a little bit of reading and hopefully I understand right, in my old rules for win98 I had ports 137-139 blocked both ways for net bios. In my new rules for win xp
    I have blocked 135-139 and currently havce a seperate rule for port 445. Is this nessecary? Is port 445 in xp importaint to block for any reason?

    Best Regards,
    ~FIREDANCER~
     
  2. Robyn

    Robyn Registered Member

    Joined:
    Feb 1, 2004
    Posts:
    1,189
    Hi

    Port 445 (TCP) is very important to have stealth blocked as it is the next port of call when 135-139 are not responding, in fact more and more NetBT attacks are to this very port.

    In Windows 2000/XP/2003, Microsoft added the possibility to run SMB directly over TCP/IP, without the extra layer of NetBT. For this they use TCP port 445.

    HTH
     
  3. gkweb

    gkweb Expert Firewall Tester

    Joined:
    Aug 29, 2003
    Posts:
    1,932
    Location:
    FRANCE, Rouen (76)
    You can tighten up your security by disabling RPC Locator listening on 445, and so, close this port, with the following tool :

    http://perso.wanadoo.fr/jugesoftware/firewallleaktester/eng/wwdc.htm

    you can disable too DCOM RPC while you are in, it can't hurt.

    However take a look at the bottom of page regarding Kerio firewall.

    regards,

    gkweb.
     
  4. FireDancer

    FireDancer Registered Member

    Joined:
    Jul 24, 2003
    Posts:
    316
    Thank you for your replies, I have disabled DCOM as well as use Kerio 2.1.5. I also have port 445 protected and am currently stealthed on all ports 100%. I have set up and continue to tweak my FW rules just a bit tighter everyday with XP.

    So far I am enjoying my new lap top and learning more and more everyday about XP I am still a HARD CORE 98 FAN!!!! Thanks again for the quick replies it is always good to come to Wilders :)

    Very Best Regards,
    ~FIREDANCER~
     
  5. Robyn

    Robyn Registered Member

    Joined:
    Feb 1, 2004
    Posts:
    1,189
    I must admit I like XP but there is more tweaking in order to make it run securely and smoothly. Services need to be looked at as you will be able to stop Messenger spam plus UPNP on Port 5000 via the admin tools - services, plus a lot of tuning to the unecessary services set to run by default.

    I know I didn't have to think about a lot of these things when I had 98se for 3yrs but running XP approx. 1year I have learned a lot more about the OS than I ever knew about 98se.

    SP2 will certainly be more security orientated when it is released in June (we will all have more fun then with our applications :rolleyes:)
     
  6. controler

    controler Guest

    Hi


    Here is located a tool for XP.
    I am sure it is just one of many out there but I like it.
    Called Safe XP

    http://theorica.mirrorz.com/

    controler
     
Loading...
Thread Status:
Not open for further replies.