Due to the large-scale worm attack, the most urgent thing at present is to close the Windows 445 port. Here, I share several options for Windows to close the 445 port, which is applicable to the window2003/xp/windows7/windows8/windows10 system.
Friends who need to play ms17-010 system patch can refer to the tutorial: [Windows system to play MS17-010 patch] (http://thief.one/2017/05/15/1)
Add a key value to the registry, the specific steps:
- Click “Start”, “Run”, type “regedit” to open the registry.
- Locate the registry key “HKEY_LOCAL_MACHINE\System\Controlset\Services\NetBT\Parameters”
- Select “Parameters” right click to create a new “DWORD value”
- Rename the DWORD value to “SMBDeviceEnabled”
- Right click “SMBDeviceEnabled” and select “Modify”. Under “Value data”, enter “0”
The key details are as follows:
After modifying the registry, restart the computer, and then CMD runs “netstat -an | findstr 445” to see if port 445 is closed.
This method is not to close its own port 445, but to block the external access to the local port 445.
Firewall Advanced Settings—Inbound Rules—Right-click New Rule—Select UDP in the dialog box, and write the port number 445—block the link.
The new rules are as follows:
Open cmd as an administrator and run
The configuration needs to be re-enabled, because the shared service needs to enable the server, so the shared service (445 port service) cannot be used when the server service is shut down.
Uninstall the two components in the figure below. The purpose of this operation is to disable port 445.
The purpose of this operation is to disable ports 137, 139 and shut down the netbios service.
The above 2 steps need to restart the computer to take effect.
Run the input gpedit.msc to open the local Group Policy Editor, Computer Configuration - Windows Settings - Security Settings - IP Security Policy, on the local computer. Although it is cumbersome to modify the local group policy method, this method is recommended.
Specific operations can refer to: https://jingyan.baidu.com/article/d621e8da0abd192865913f1f.html