lucid717 Posted June 27, 2015 Posted June 27, 2015 (edited) These are 2 problem ports that hang open and "listen in", if you've ever looked at FW logs/connection lists. I always like to harden and sure up things at the point of attack first instead of just relying on 3'rd party software to stealth ports. This way if an app failed to fire up properly at boot, or sometimes a router isn't working properly but you're oblivious to it because it's not in an obvious way. Like you may have internet connectivity but it's not stealthing ports properly. Anyhow, this is how you do it:Run regedt32 (Port 445)Go to: HKLM\System\CurrentControlSet\Services\NetBTLocate the "Start" entry (DWORD value). Modify value from 1 to 4Find "Parameters" entry in NetBT. Erase the "\Device\" value, leaving the field blank.(Port 135)Disable the Services: DCOM, COM+ Event System, COM+ System Application, System Event Notification... You'll have to restart your computer to for DCOM to "Stop"Run regedt32Go to: HKLM\Software\Microsoft\OLELocate the entry "EnableDCOM". Modify the value to "N".Now Go to: HKLM\Software\Microsoft\RpcRight click & modify the value named "DCOM Protocols"Under the "Value Data" you will see several values, starting with "ncacn". Delete them all, leaving field blankClose registry editor. Reboot computer. Ports 135 & 445 should be closed now. Run the cmd "netstat -an" to see that those ports are no longer listening. You can go ahead and turn those services back on again if you want to. It won't break anything, just close those ports. But really you don't need any of them except DCOM if you want to use the integrated defragmenter, or to update windows. Edited June 27, 2015 by lucid717
submix8c Posted June 28, 2015 Posted June 28, 2015 Before anyone assumes they need to do this, read the following. Port 135 - http://www.speedguide.net/port.php?port=135Port 445 - http://www.speedguide.net/port.php?port=445 If you have no other PC's on your Network and/or you don't want File/Printer Sharing, by all means...
RanCorX2 Posted December 7, 2017 Posted December 7, 2017 (edited) sorry to bring this thread to life again, but the fall creators update appears to have closed port 135. previously trying to close it causes print spooler to stop working on rs2 and older windows versions. Edited December 7, 2017 by RanCorX2
Destro Posted December 8, 2017 Posted December 8, 2017 None of these ports should ever be open past a firewall so it doesn't matter.
Recommended Posts
Please sign in to comment
You will be able to leave a comment after signing in
Sign In Now