Jump to content

Archived

This topic is now archived and is closed to further replies.

JuWaJo

Security Concerns - 445

Recommended Posts

I have attempted to edit the registry under NetBT to value 2 as well as block the port within firewall rules under ntoskrnl under 138, 137, 139, and 445. I've made the conclusion of this when syphoning through Details within task manager/file location. However, 445 is still listening. I've also tried turning off netbios, ipv6 on my network adapters. I've been having security concerns and would like to ask as well if anything seems off. Regards.

Capture.PNG

Capture2.PNG

Share this post


Link to post
Share on other sites

If you have marked your local network as home/office and not as public, sharing via SMB will be allowed within your network but blocked from outside.

https://www.thewindowsclub.com/smb-port-what-is-port-445-port-139-used-for

...it is in our interest to not expose Port 445 to the Internet but like Windows Port 135, Port 445 is deeply embedded in Windows and is hard to close safely. That said, its closure is possible, however, other dependent services such as DHCP (Dynamic Host Configuration Protocol) which is frequently used for automatically obtaining an IP address from the DHCP servers used by many corporations and ISPs, will stop functioning.

Share this post


Link to post
Share on other sites

Okay. All of my networks are marked as public. Everything else seems to be functioning. I have removed ntoskrnl.exe from the SMB rule considering it didn't seem to make a difference.

Share this post


Link to post
Share on other sites

You can create a blocking rule and put it on top of pre-defined rules that are hidden by default to take precedence over them. Do it on your own risk and in case something stops working it might be because of that.

Share this post


Link to post
Share on other sites

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...