Jump to content

Recommended Posts

Posted (edited)

I have attempted to edit the registry under NetBT to value 2 as well as block the port within firewall rules under ntoskrnl under 138, 137, 139, and 445. I've made the conclusion of this when syphoning through Details within task manager/file location. However, 445 is still listening. I've also tried turning off netbios, ipv6 on my network adapters. I've been having security concerns and would like to ask as well if anything seems off. Regards.

Capture.PNG

Capture2.PNG

Edited by JuWaJo

Share this post


Link to post
Share on other sites

If you have marked your local network as home/office and not as public, sharing via SMB will be allowed within your network but blocked from outside.

https://www.thewindowsclub.com/smb-port-what-is-port-445-port-139-used-for

...it is in our interest to not expose Port 445 to the Internet but like Windows Port 135, Port 445 is deeply embedded in Windows and is hard to close safely. That said, its closure is possible, however, other dependent services such as DHCP (Dynamic Host Configuration Protocol) which is frequently used for automatically obtaining an IP address from the DHCP servers used by many corporations and ISPs, will stop functioning.

Share this post


Link to post
Share on other sites

Okay. All of my networks are marked as public. Everything else seems to be functioning. I have removed ntoskrnl.exe from the SMB rule considering it didn't seem to make a difference.

Share this post


Link to post
Share on other sites

You can create a blocking rule and put it on top of pre-defined rules that are hidden by default to take precedence over them. Do it on your own risk and in case something stops working it might be because of that.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...