Jump to content

XP - Close ports 135 & 445 at OS level


Recommended Posts

These are 2 problem ports that hang open and "listen in", if you've ever looked at FW logs/connection lists. I always like to harden and sure up things at the point of attack first instead of just relying on 3'rd party software to stealth ports. This way if an app failed to fire up properly at boot, or sometimes a router isn't working properly but you're oblivious to it because it's not in an obvious way. Like you may have internet connectivity but it's not stealthing ports properly. Anyhow, this is how you do it:

Run regedt32 (Port 445)

Go to: HKLM\System\CurrentControlSet\Services\NetBT

Locate the "Start" entry (DWORD value). Modify value from 1 to 4

Find "Parameters" entry in NetBT. Erase the "\Device\" value, leaving the field blank.

(Port 135)

Disable the Services: DCOM, COM+ Event System, COM+ System Application, System Event Notification

... You'll have to restart your computer to for DCOM to "Stop"

Run regedt32

Go to: HKLM\Software\Microsoft\OLE

Locate the entry "EnableDCOM". Modify the value to "N".

Now Go to: HKLM\Software\Microsoft\Rpc

Right click & modify the value named "DCOM Protocols"

Under the "Value Data" you will see several values, starting with "ncacn". Delete them all, leaving field blank

Close registry editor. Reboot computer. Ports 135 & 445 should be closed now.

Run the cmd "netstat -an" to see that those ports are no longer listening.

You can go ahead and turn those services back on again if you want to. It won't break anything, just close those ports. But really you don't need any of them except DCOM if you want to use the integrated defragmenter, or to update windows.

Edited by lucid717
Link to comment
Share on other sites


  • 2 years later...

sorry to bring this thread to life again, but the fall creators update appears to have closed port 135.

previously trying to close it causes print spooler to stop working on rs2 and older windows versions.

Edited by RanCorX2
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...