What is port 445? How to close port 445? How to close port 445
Four seas network: in recent days, blackmail virus has spread wildly all over the world at an amazing speed and a huge scale. Although users infected with blackmail virus are helpless, prevention can protect more users from blackmail virus infection. Insiders found that port 445 can allow virus to be attacked when users have no operation, so closing port 445 is also a deterrent One of the ways to control virus infection!
What is port 445? Industry insiders explain that the main feature of port 445 is to support file sharing. For example, when we share printers in the office, we need port 445. At present, most of the 445 network ports of individual users in China have been blocked by network operators, but there are still ports open in large LAN and intranet.
Recently, the eternal blue virus attacked many students of the education network, and then I collected how to close port 445. Let's share and learn together. Say the important things three times. After setting, remember to restart the computer! Remember to restart the computer! Remember to restart the computer! First understand port 445: Port 445 is net file system (CIFS) (public Internet File System), port 445 is a port with mixed reputation, and port 139 together is the main channel for IPC $invasion. With it, we can easily access all kinds of shared folders or printers in the local area network, but it is precisely because of it that hackers have the opportunity to share your hard disk secretly through the port, or even format your hard disk silently! All we can do is to find a way to prevent hackers from having the opportunity to block the 445 port vulnerability.
There are three main methods, the first one is relatively simple through the firewall; the second one is also very simple through the registry; the third one is slightly complex through modifying the IP security policy, so it is not written here, the first two are enough. But the first method has no effect when I use it. For your convenience, you can use the second method directly.
Method 1:
The firewall can be closed directly. It's easy to find "advanced settings" on the left side of the "Windows Firewall" page in the control panel.
On the left side of the advanced security windows firewall page, find "inbound rule" and right-click "new rule".
Select 'port' Click next.
In this case, you can enter the "specific local port" to close one port at a time. The method is the same. Then click 'next'.
TCP / UDP their respective port numbers are independent of each other. For example, TCP can have a 255 port, UDP can also have a 255 port. They do not conflict
Port 135139445 belongs to TCP
Port 137138 belongs to UDP
Select 'block link'. Click 'next'.
Just leave "public" here (I also choose special for safety).
The name and description are ready for you. It's finished
However, there seems to be a problem!!!
This simple method doesn't seem to work very well after being used. Check that port 445 of the command line is still in the listing state??? (why I don't know)
Then I use the second popular way to modify the registration form on the Internet, which is also very simple.
Method two
1. Run regedit to open the registry
2. Click "HKEY" local "machine \ \ system \ \ currentcontrolset \ \ services \ \ NetBt \ \ parameters" to enter NetBt
The relevant registry key for the service.
3. In the right margin, right-click to create a new 'qword (64 bit) value', then rename it to 'smbdeviceenabled', and then change the value of this subkey to 0.
4. After that, win7 needs to be set in service
Click start, run, and enter services.msc to enter the service management console. Then, find the server service and double-click to enter the management control page. Take this.
The start type of the service is changed to 'Disable', and the service status is changed to 'stop'. Finally, click apply.
Port 445 is now closed.
After restarting, let's check whether 445 has been shut down
Enter 'netstat - an' on the CMD command line to see the port status, but the netstat command will not be recognized if you enter it directly. So you need to switch 'CD C: / Windows / system32 /', and then execute
In the above command, it is found that port 445 no longer exists, that is, it has been closed.
After that, out of curiosity, I learned more about the function of port 445 and the principle of its intrusion
Here is a detailed explanation of port 445 intrusion
Finally, a link to close 135139 is attached: https://jingyan.baidu.com/article/0aa22375bf88b288cc0d6490.html