Hello folks,can anyone advise me on a way to close ports 445 microsoft-ds for udp/tcp,or direct me to a site that has reasonably simple wording.
From doing some looking around i see that this is a sort of replacement for the process that used to open ports 135-139.I have found an article that tells you how to do it by using a registry tweak,but i am not yet at that level of competance to try it this way.
I am behind a router but do not share any info with anything else and these ports are allways open when i look using CPorts.
Am i better of just puting a rule in the firewall to stop any access to these ports,i`d much prefer getting to the root of this(ie m$)
Take a look at GRC | Port Authority, for Internet Port 445 and block it in CFP3 with a global rule if you don’t already have a block all in. Unless your router is responding and has a firewall where you need to block it also.
Thanks sded thats one of the places i looked at,i suppose its just one of those things you have to put up with if you use M$ windows.
As ive got 2 hard drives on my computer, my aim is to learn enough so i can put Linux on one of the drives but im still a fair way off that yet.
ps glad to say my router shows only 1 port closed(rest stealthed) and that is to do with IDENT
Hey guys,many thanks for your ideas/help that was a good bit of info there.
Goodbrazer i downloaded that utility nice one for the link.Now i know you need netbios when on a LAN
Gordon as i said im not gonna tinker with the registry yet(some time soon) but still some valuable learning there.Just wish i could understand Dutch as that utility looks top notch.
Gonna tries some of the leaktester programs tomorrow so that should be fun ;D
An open port is one with an application behind it that answers inquiries (much to be avoided, since port 445 is associated with remote operations, others provide control of your computer)
A closed port will not do anything with inquiries, but follows IANA protocols to tell you so (someone knows you are there and may decide to launch a more concerted attack)
A stealthed port (GRC term?) ignores IANA and ignores the inputs
The port that listens to port 445 in CFP3 terminology is “system”
The rules to stealth ports 445 and others listened to by “system” and allow other things out as necessary: Under the “system” application
allow/tcp&udp/out/any/any/any/any
block and log all else
If you are concerned about a sneaker program or are a complete Bozo and crash your firewall a lot, don’t use a router, then some of the other suggestions may help you. If you use a NAT router you are protected from most everyting incoming anyway, even without CFP.
Thanks sded :a0,i feel pretty secure with V3 behind a router,but could i just pick your brains for a few things that have been puzzling me ???
When i first installed V3 .268 i think,by default there was a rule in “Application Rules” by default called Windows system or something like that.Now the only rule is Windows Update Applications,which incorporates svchost etc.
What are your preferred referances in Application rules when it comes to the OS,as i know there has to be some output so i can connect with the router properly thus connect to the net.
Sorry if im asking daft questions but the name changing has threw me a bit :-[
This is the only rule i have regarding Windows.
My application rules for the system type stuff are attached. I don’t use any global rules, so some extra stuff ends up in WOS. WOS has grown a bit because of blocking log stuff and incorporating some global rules. Block and log at the end of each application, plus a block & log all incoming at the end of all the application rules keeps an eye out for anything new, although with custom mode they should cause popups.
