Windows 7: need to close NetBIOS ports?

[Guest]

[abr]

In earlier versions i completely disabled NetBIOS in the hardware manager, so a port monitoring tool wouldn´t have showed ports 135-137, 445 to be listening. Although Comodo blocks that ports, would you recommend to close them in windows 7, as an additional security feature? If so, does anyone know hot this can be done in Windows 7?

[bulgroz]

You can disable NetBios over TCPIP, which is the default in W7 for a static IP address. The setting can be found in Netwrok and Sharing Center, Change adapter Settings, Properties of the NIC, highlight the IP protocol, Properties, Advanced, WINS.

Hope this helps

[abr]

No, sorry, this won´t really close NetBIOS. The appropriate checkbox is selected, but CPorts clearly shows ports 137 & 445 still listening. In XP it has to be additionally deactivated or even uninstalled in the hardware manager under non-PNP devices. But there is no such entry in Windows 7 now.

[Creasy]

In earlier versions i completely disabled NetBIOS in the hardware manager, so a port monitoring tool wouldn´t have showed ports 135-137, 445 to be listening. Although Comodo blocks that ports, would you recommend to close them in windows 7, as an additional security feature? If so, does anyone know hot this can be done in Windows 7?

Windows 7 is little bit different from other Windows.
Follow my process please.

1.go to Local Area Connection Properties
2.uninstall 'File and printer sharing'
3.and follow my screen shots.








Reboot.
Run 'cmd' and type following command to check closed or not.
netstat -an
You will see 137 and 445 ports are disappeared.

About 'TCP/IP NETBIOS Helper'
Some DRM websites and services require 'TCP/IP NETBIOS Helper'.
If you can't use those websites properly change it to 'manual'.

About 'Network and Sharing Center'
Network and Sharing Center.
I recommend you use 'Public network' instead of 'Home network', 'work network'
for the security.
If you completely disable 'Windows Firewall', you can't change advanced sharing settings.
Don'worry about it, because all of sharing functions are dead.
That's why you can't change the settings.
You are safe.
Also you don't need to use Windows firewall if you use CIS.

[abr]

Yeah thx, but the two ports are still open, although i configured Comodo to stealth them (funny, wasn´t that supposed to be set by default? At least in older versions it was), so they show both 0.0.0.0 as destination & source IP. Besides of that, i followed your instructions, except for "Remote Desktop Services UserMode Port", which i simply couldn´t find (this is a german version here, the names are a bit different).

Anyway, with the two ports (135, 445) stealthed it´s quite bearable, i hope.

[bulgroz]

Try NETBT under your device manager, non-plug and play, that may be the equivalent.

[Tags:]