First of all, Congratulations on your products, because I like very much “Comodo Firewall” though I haven´t tried the others, but I will because they seem very interesting to test since my firewall works very good, I mean, “Comodo Firewall” and “Comodo Internet Security”.
Secondly: Sorry for my English, I´m from Spain, I´ll try, hehe
My question:
Doing a “netstat -an -p tcp” in a Windows PC, the port TCP 445 (CIFS) appear and I disabled “File and Printer Sharing for Microsoft Network” .
As far as I knew , if I disabled that service (Server service if I´m not mistaken) then it hadn´t to appear in the netstat utility, like a port listening, but it seems that not to be the case.
Moreover I disabled the service “Server” in the pc with the same result: TCP 445 is still listening !!
I´m a beginner so, I can´t figure out why this is happening
Disabling “File and Printer Sharing for Microsoft Network” won’t stop the port reporting a status of listening, however, if you choose to uninstall the service and reboot, the port will no longer appear. Likewise if you disable and stop the ‘Server’ service from services.msc
But then, what´s the point about disabling "Sharing files and computers" that I see in many places as a good security advice ?. I can´t understand this because, instead, in these place I read, they should say: You have just to disable the service "Server" and restart the computer , and then the port 445 is not available any longer.
Actually I installed a firewall between three networks (internet, lan and dmz) some time ago and they say as a good advice to disable that in the TCP/IP options of the network card attach to the internet.
I´ve tested another computer just in case, with the same results, so, it´s not an issue in my computer, is it ?
I edit the post:
I´d like to attach a picture so you can see I´ve just disabled the service “Server” and still the port appears in the netstat utility, so, why is my computer listening at port 445, I mean, what is it listening for ?. Sorry if this a very basic question, but I don´t get it.
To looreed4, you can disable SMB transport and hence stop the listening on port 445 by doing the following manip in the registry :
run
regedit
HKEY_LocalMachine\SYSTEm\Current Control Set\Services\NetBT\Parameters
left clic on Parameters
right clic on TransportBind > modify > delete " \Device"
reboot the PC
Apologies, for some reason I though you were running Windows 7, but then I looked again at the images you posted and I can see you’re running XP, which unfortunately means, you’ll have to use the method proposed by Boris - thanks Boris :-TU - as this is the only way to close the port on XP. Things are somewhat different on 7.
So, Why all those sites and even people I know tell me: Disable “Sharing Files and printers” in TCP/IP Options, so that your computer is safer, if anyway 445 is going to be still opened !!