I"ve had constant warnings of blocking vulnerability CVE-2017-0144 in SMB exploited by the WannaCryptor ransomeware by Avast Premier. I"m aware this first occurred back in 2017 and since then everyone has since patched up their computer"s, me included, & supposedly successfully blocked port 445. I"ve not had this security warning for a long time until a couple of days ago. Furthermore, on checking the command prompt using netstat -na I"ve found that port 445 is in fact open and still listening. So I followed every method as recommended in the following article: https://www.backup-utility.com/anti-ransomware/how-to-block-port-445-in-windows-3889.html

 

However, even after trying all of them, port 445 appears khổng lồ still remain open, while I still appear to lớn get the warning. Any suggestions on what to vày next in order to close the port và stop the message constantly re-occurring?

 

Thank you.

Bạn đang xem:


Attached Files

BC AdBot (Login to Remove)


*
ucozfree.comRegister to lớn remove ads

#2buddy215


buddy215
*
Moderator17,974 postsOFFLINEGender:MaleLocation:West TennesseeLocal time:02:26 AM

Posted 27 August 2019 - 02:36 PM


If you follow the instructions for closing 445 in Windows firewall in liên kết below you should be okay.

Your image does show it open.

Top Three Easy Methods khổng lồ Block TCP Port 445 in Windows 10/7/XP


“Every atom in your body toàn thân came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”― Lawrence M. KraussIf we are to lớn have another contest in the near future of our national existence, I predict that the dividing line will not be Mason & Dixon’s, but between patriotism và intelligence on the one side, & superstition, ambition, và ignorance on the other. Ulysses S. Grant...Republican president who correctly predicted the cause of Trump"s attempted coup.

 

 

#3Didier Stevens


Didier Stevens
*
BC Advisor
2,992 postsOFFLINEGender:Not TellingLocal time:09:26 AM
Posted 27 August 2019 - 03:25 PM


I see that your computer has a private IP address.

 

Is that computer on a hostile network? I assume it doesn"t have an interface with a public IP?


Didier Stevenshttp://blog.DidierStevens.comhttp://DidierStevensLabs.com

SANS ISC Senior HandlerMicrosoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2022

 

If you send me messages, per Bleeping Computer"s forums policy, I will not engage in a conversation, but try to lớn answer your question in the relevant forum post. If you don"t want this, don"t send me messages.

 

Stevens" law: "As an online security discussion grows longer, the probability of a reference lớn BadUSB approaches 1.0"

#4compbuff


compbuffTopic Starter
*
Members169 postsOFFLINEGender:MaleLocal time:07:26 AM
Posted 27 August 2019 - 03:59 PM


buddy215 I"m not sure if you saw my own link. It was that same article that I tried all 3 methods from & the port is still open.

 


Didier Stevens No it isn"t. It was connected to my trang chủ network.

Edited by compbuff, 27 August 2019 - 04:04 PM.


#5buddy215


buddy215
*
Moderator
17,974 postsOFFLINEGender:MaleLocation:West TennesseeLocal time:02:26 AM

Posted 27 August 2019 - 04:52 PM


When I run the tests at GRC | ShieldsUP! — mạng internet Vulnerability Profiling it shows all of the commonly used ports are stealthed.

Example:

*

*
   

Take a minute or two & run the tests file Sharing, Common Ports, Service Ports & Browser Headers


“Every atom in your body toàn thân came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”― Lawrence M. KraussIf we are lớn have another contest in the near future of our national existence, I predict that the dividing line will not be Mason và Dixon’s, but between patriotism and intelligence on the one side, and superstition, ambition, and ignorance on the other. Ulysses S. Grant...Republican president who correctly predicted the cause of Trump"s attempted coup.

 

 

#6Didier Stevens


Didier Stevens
*
BC Advisor
2,992 postsOFFLINEGender:Not TellingLocal time:09:26 AM
Posted 27 August 2019 - 05:05 PM


If you"re on your trang chủ network, you can"t receive incoming connections from the internet directly khổng lồ your computer (unless you configured port forwarding).

 

You don"t have to lớn worry about mở cửa ports on your computer if said computer is on your trang chủ network and not exposed on the Internet.

 

So where are these packets coming from? vày you have other Windows computers on your network?


Didier Stevenshttp://blog.DidierStevens.comhttp://DidierStevensLabs.com

SANS ISC Senior HandlerMicrosoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2022

 

If you send me messages, per Bleeping Computer"s diễn đàn policy, I will not engage in a conversation, but try khổng lồ answer your question in the relevant diễn đàn post. If you don"t want this, don"t send me messages.

 

Stevens" law: "As an online security discussion grows longer, the probability of a reference to lớn BadUSB approaches 1.0"

#7compbuff


compbuffTopic Starter
*
Members169 postsOFFLINEGender:MaleLocal time:07:26 AM
Posted 28 August 2019 - 03:48 AM


Didier Stevens No, but I have my phone, ipad & printer connected to lớn my network,hence the extra packets. I also vì use my dongle to connect khổng lồ my laptop. When I am out & not at work but never connect lớn a public network. 

 

 

You don"t have lớn worry about mở cửa ports on your computer if said computer is on your home network and not exposed on the Internet.

 

Yes, because the trang chủ network is protected by my router"s firewall and the security programs but that doesn"t help me in stopping the security warning going off constantly & also because leaks can expose an mở cửa port even on a trang chủ network otherwise people would never get malware or virus attacks on their home network, so I would prefer the port closed.

Xem thêm: Tải Game Bắn Trứng Khủng Long Cho Điện Thoại Android, Iphone Ở Đâu?

Edited by compbuff, 28 August 2019 - 06:32 AM.


#8compbuff


compbuffTopic Starter
*
Members169 postsOFFLINEGender:MaleLocal time:07:26 AM

Posted 28 August 2019 - 05:47 AM


buddy215

I ran the tests. For the tệp tin sharing demo port 139 is fully stealthed and my PC does not expose my internal NetBios over the internet. For the commonly used ports all 32 ports were stealthed. For the service ports all of the first 1056 ports were steathed. For the browser headers the entire contents of my browser"s request for this page was given but no assessment or explanation of the results.

Edited by compbuff, 28 August 2019 - 05:48 AM.


#9Didier Stevens


Didier Stevens
*
BC Advisor
2,992 postsOFFLINEGender:Not TellingLocal time:09:26 AM

Posted 28 August 2019 - 03:02 PM


Didier Stevens No, but I have my phone, ipad và printer connected to my network,hence the extra packets. I also do use my dongle lớn connect lớn my laptop. When I am out và not at work but never connect khổng lồ a public network. 

 

 

You don"t have khổng lồ worry about mở cửa ports on your computer if said computer is on your trang chủ network and not exposed on the Internet.

 

Yes, because the trang chủ network is protected by my router"s firewall and the security programs but that doesn"t help me in stopping the security warning going off constantly và also because leaks can expose an open port even on a home network otherwise people would never get malware or virus attacks on their home network, so I would prefer the port closed.


 

The major risk for common users, is opening thư điện tử attachments & clicking on link from emails they don"t expect.

An open port on a trusted local network is a low security risk.

But let"s not open a discussion about this: you want that port closed, because it makes you feel insecure. So for you, it"s best to close it.

 

But what I want to lớn know more about, is your "dongle". What is this? A 4G modem?


Didier Stevenshttp://blog.DidierStevens.comhttp://DidierStevensLabs.com

SANS ISC Senior HandlerMicrosoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2022

 

If you send me messages, per Bleeping Computer"s diễn đàn policy, I will not engage in a conversation, but try to lớn answer your question in the relevant forum post. If you don"t want this, don"t send me messages.

 

Stevens" law: "As an online security discussion grows longer, the probability of a reference lớn BadUSB approaches 1.0"

#10compbuff


compbuffTopic Starter
*
Members169 postsOFFLINEGender:MaleLocal time:07:26 AM
Posted 29 August 2019 - 03:38 PM


Didier Stevens

 

The major risk for common users, is opening email attachments and clicking on links from emails they don"t expect.

An mở cửa port on a trusted local network is a low security risk.

But let"s not xuất hiện a discussion about this: you want that port closed, because it makes you feel insecure. So for you, it"s best khổng lồ close it.

 

But what I want to lớn know more about, is your "dongle". What is this? A 4G modem?

 

Precisely yes. I want to lớn be able khổng lồ close that port. 

 

And my dongle is a 4g UBB di động broadband lớn connect to the mạng internet when I am out and about. 


#11Didier Stevens


Didier Stevens
*
BC Advisor2,992 postsOFFLINEGender:Not TellingLocal time:09:26 AM

Posted 30 August 2019 - 12:45 PM


Then you have to make sure that your firewall is properly configured khổng lồ protect your machine when you use that dongle, because I"ve seen several examples where such using such a dongle gets assigned a public IP directly, & then you don"t have the protection offered by a router (NAT, firewall, ...).

 

Check also if you get these alerts when you use your dongle.


Didier Stevenshttp://blog.DidierStevens.comhttp://DidierStevensLabs.com

SANS ISC Senior HandlerMicrosoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2022

 

If you send me messages, per Bleeping Computer"s forums policy, I will not engage in a conversation, but try to lớn answer your question in the relevant forums post. If you don"t want this, don"t send me messages.

 

Stevens" law: "As an online security discussion grows longer, the probability of a reference to lớn BadUSB approaches 1.0"

#12compbuff


compbuffTopic Starter
*
Members169 postsOFFLINEGender:MaleLocal time:07:26 AM
Posted 30 August 2019 - 03:57 PM


Yes I vày get those alerts when I use my dongle and I have tried to close port 445 without success. Windows firewall is managed by Avast which doesn"t appear khổng lồ have the facility to block the port the same way Windows firewall does, nor have I found any instructions on being able to vì chưng so.


Back lớn General Security
0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users


Reply to quoted postsClear
*
*

Advertise|About Us|Terms of Use|Privacy Policy|Sitemap|Chat|RSS Feeds|Contact Us
Tech support Forums|Virus Removal Guides|Downloads|Tutorials|The Computer Glossary|Uninstall List|Startups|The tệp tin Database

©2004-2022 All Rights Reserved Bleeping Computer LLC
.Site Changelog

Community forum Software by IP.Board


*

Sign In


Username
Remember meThis is not recommended for shared computers
Sign in anonymouslyDon"t showroom me to lớn the active users list