Jump to content

Security Concerns - 445


Recommended Posts

I have attempted to edit the registry under NetBT to value 2 as well as block the port within firewall rules under ntoskrnl under 138, 137, 139, and 445. I've made the conclusion of this when syphoning through Details within task manager/file location. However, 445 is still listening. I've also tried turning off netbios, ipv6 on my network adapters. I've been having security concerns and would like to ask as well if anything seems off. Regards.

Capture.PNG

Capture2.PNG

Edited by JuWaJo
Link to comment
Share on other sites

  • Administrators

If you have marked your local network as home/office and not as public, sharing via SMB will be allowed within your network but blocked from outside.

https://www.thewindowsclub.com/smb-port-what-is-port-445-port-139-used-for

...it is in our interest to not expose Port 445 to the Internet but like Windows Port 135, Port 445 is deeply embedded in Windows and is hard to close safely. That said, its closure is possible, however, other dependent services such as DHCP (Dynamic Host Configuration Protocol) which is frequently used for automatically obtaining an IP address from the DHCP servers used by many corporations and ISPs, will stop functioning.

Link to comment
Share on other sites

Okay. All of my networks are marked as public. Everything else seems to be functioning. I have removed ntoskrnl.exe from the SMB rule considering it didn't seem to make a difference.

Link to comment
Share on other sites

  • Administrators

You can create a blocking rule and put it on top of pre-defined rules that are hidden by default to take precedence over them. Do it on your own risk and in case something stops working it might be because of that.

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...