What happens if you close port 445. How to close vulnerable ports on Windows? Instructions for working with a program that closes ports

21.04.2021

To solve various problems related to the local network or the Internet, Windows 10 uses predefined ports. One of them, numbered 445, is recommended in some cases to be closed manually, despite the fact that the operating system turns it on automatically.

What is TCP port

Port 445 is one of the TCP ports. TCP is a protocol, that is, a set of conditions and rules that ensure stable communication between multiple devices over the Internet. This protocol, like all others, establishes a certain format for transferring information. If it were not for it, then, for example, from one device the information packet would be sent in the form of the string "User: Name", while the other device was expecting to see the string "Name - user", as a result of which it would not be able to correctly process the request and the internet connection was interrupted.

The TCP protocol also provides security by checking the IP address (unique device number) every time a packet of data is sent. Due to this, even if any external device is introduced into the flow of transmitted information, the data will not be sent to it.

What is port 445 responsible for?

Port 445 is one of many TCP. But it has a specific task that other ports do not do - providing a connection between shared printers, scanners and folders. Shared refers to devices and data that can be accessed from any computer, not just the one to which they are connected or on which they are located.

For example, you can connect to a shared printer from a computer that does not have a direct cable connection to the printing device. To do this, you need to connect to the computer to which the cable from the printer is connected through port 445. After that, the user of the device will be able to send commands to the printer (start printing, stop printing, etc.) without physically connecting to it.

With a connection to port 445, you can also view and modify the contents of the hard disk.

Why port 445 should be closed

On the one hand, port 445 will be useful if you work on several computers at once: you can establish fast data exchange and control of devices connected to another computer via the Internet. On the other hand, an open port 445 puts you in danger. Experienced people can use it as an operating system vulnerability: they connect to it and gain access to your files on the hard drive.

If you are not going to use the capabilities of this port or are storing important files in the computer's memory, use the instructions below to close the port, thereby patching one of the potentially dangerous holes in Windows.

How to check if a port is open

Before closing the port manually, it is worth checking if it is currently open. Windows 10 opens it by default. But some third-party antiviruses, or rather firewalls (programs that ensure network security), can close it.

Closing the port

Windows 10 has several ways to close port 445. If one of them doesn't work for some reason, try the other. But whichever method you choose, the result will be the same - port 445 will stop listening, that is, you will not be able to connect to it.

Using a firewall

A firewall is a program that keeps the Internet user safe, so it can be used to block potentially dangerous ports. Windows 10 has a built-in firewall to do this:

Expand the Windows search bar by clicking on the magnifying glass icon in the lower left corner of the screen. Enter the request "Windows Firewall" and expand the found option. Opening firewall options
In the opened window of the control panel, click on the line "Advanced options".
Opening advanced firewall options
Navigate to the Inbound Rules folder and start creating a new rule.
Click the "Create Rule" button
Indicate that the rule will be created for the port and proceed to the next step.
We indicate the option "For port"
Check the box next to "TCP Protocol" and write down port 445.
Select the TCP protocol and port 445
Select the "Block connection" option.
We select "Connection blocking"
Do not uncheck all three items, let the blocking apply to all levels.
We leave the application of the created rule for all profiles
Write down a clear name and description that in the future will allow you to remember what the created rule is responsible for - what if you or another user will have to unblock this port.
Specify a name and description for the task

Using the command line

The command line allows you to manage all the system settings. Including through it you can open and close ports:

By following the above two steps, you will create the same firewall rule as you would by configuring the firewall.

Using the registry

The registry stores values for all parameters of the operating system. By changing them, you can activate or deactivate the port:

After completing all the steps, close the registry and restart your computer for the changes to take effect.

Through WWDC

WWDC is a third-party program that makes it easy to enable and disable ports. The official website from which you can download the application is http://wwdc.toom.su (not available at the time of this writing).

After you download and open the program, a list of ports and their state will appear: enable - enabled, disable - paused, close - closed. Find number 445 among all ports and click on the button under its name - its state will change. You must set the close option.

Set port 445 to close

After the required parameter is set, the changes will take effect and port 445 will be closed.

Video: how to close a port in Windows 10

Port 445 is responsible for remote work with shared printers and folders. Its disadvantage is that it reduces the level of protection of the system. To protect yourself from viruses, you should close this port using firewall, command line, registry or WWDC application.

Yesterday unknown persons staged another massive attack with the help of a ransomware virus. The experts said that dozens of large companies in Ukraine and Russia were affected. The ransomware virus is called Petya.A (the virus is probably named after Petro Poroshenko). They write that if you create a perfc file (without an extension) and place it at C: \ Windows \, the virus will bypass you. If your computer went into reboot and started "checking disk", you need to turn it off immediately. Booting from a LiveCD or USB drive will give you access to the files. Another way of protection is to close ports 1024-1035, 135 and 445. We will now figure out how to do this using the example of Windows 10.

Step 1
Go to Windows firewall(it is better to choose the enhanced security mode), select the tab “ Extra options».
We select the tab " Inbound rules", Then the action" Create rule"(In the right column).

Step 2
Select the type of rule - " for Port". In the next window, select the item " TCP protocol", Indicate the ports you want to close. In our case, it is “ 135, 445, 1024-1035 "(Without quotes).

Step 3
We select the item " Block connection", In the next window mark all profiles: Domain, Private, Public.

Step 4
It remains to come up with a name for the rule (so that it will be easy to find in the future). You can specify a description for the rule.

If any programs stop working or begin to malfunction, you may have blocked the port they are using. You will need to add a firewall exception for them.

135 TCP port used by remote services (DHCP, DNS, WINS, etc.) and in Microsoft client-server applications (eg Exchange).

445 TCP port used in Microsoft Windows 2000 and later for direct TCP / IP access without using NetBIOS (for example, in Active Directory).

Publication

The WannaCry virus, aka WannaCrypt or Wanna Decryptor, hit the virtual world in May 2017. The malicious program infiltrated local networks, infecting one computer after another, encrypting files on disks and requiring the user to transfer from $ 300 to $ 600 to the ransomware to unblock them. The Petya virus, which gained almost political prominence in the summer of 2017, acted in a similar way.

Both network pests entered the operating system of the victim computer through the same door - network ports 445 or 139. Following the two major viruses, smaller types of computer infection began to exploit. What are these ports that are scanned by all and sundry?

What are ports 445 and 139 responsible for in Windows

These ports are used by Windows to share files and printers. The first port is responsible for the Server Message Blocks (SMB) protocol, and the Network Basic Input-Output System (NetBIOS) protocol runs through the second. Both protocols allow Windows computers to connect to "shared" folders and printers over the network over the main TCP and UDP protocols.

Beginning with Windows 2000, sharing files and printers over the network is done primarily over port 445 using the SMB application protocol. The NetBIOS protocol was used in earlier versions of the system, operating on ports 137, 138 and 139, and this feature was retained in later versions of the system as an atavism.

Why open ports are dangerous

445 and 139 is a subtle but significant vulnerability in Windows. By leaving these ports unprotected, you open the door wide to your hard drive for intruders such as viruses, Trojans, worms, and hacker attacks. And if your computer is connected to a local network, then all its users are at risk of being infected with malicious software.

In fact, you are sharing your hard drive with anyone who can access these ports. If desired and skillful, attackers can view the contents of the hard disk, or even delete data, format the disk itself, or encrypt files. This is exactly what the WannaCry and Petya viruses, the epidemic of which swept the world this summer, did.

Thus, if you are concerned about the security of your data, it will not be superfluous to learn how to close ports 139 and 445 in Windows.

Finding out if ports are open

In most cases, port 445 in Windows is open because the printer and file sharing capabilities are automatically enabled when you install Windows. This can be easily verified on your machine. Press the keyboard shortcut Win + R to open the Quick Launch window. In it enter “ cmd " to run the command line. At the command line, type “ netstat -na" and press Enter... This command allows you to scan all active network ports and display information about their status and current incoming connections.

After a few seconds, the port statistics table will appear. At the very top of the table, the IP address of port 445 will be indicated. If the last column of the table contains the status "LISTENING" then this means that the port is open. Similarly, you can find port 139 in the table and find out its status.

How to close ports in Windows 10/8/7

There are three main methods to close port 445 in Windows 10, 7, or 8. They are not very different from each other depending on the version of the system and are quite simple. You can try any of them to choose from. You can also close port 139 using the same methods.

Closing ports through a firewall

The first method, which allows you to close port 445 in Windows, is the simplest and is available to almost any user.

Go to Start> Control Panel> Windows Firewall and click on the link Extra options.
Click on Inbound Exception Rules> New Rule... In the window that appears, select For Port> Next> TCP Protocol> Specific Local Ports, in the field next to enter 445 and click Further.
Next select Block connection and press again Further... Check three checkboxes, again Further... Enter a name and, if desired, a description of the new rule and click Ready.

Now the inbound connection on port 445 will be closed. If necessary, a similar rule can be created for port 139.

Closing ports via the command line

The second method involves command line operations and is more suitable for advanced Windows users.

Click on Start and in the search bar at the bottom of the menu, type “ cmd "... In the displayed list, right-click on cmd and choose Run as administrator.
In the command prompt window, copy the command netsh advfirewall set allprofile state on. Click on Enter.
Then copy the following command: netsh advfirewall firewall add rule dir = in action = block protocol = TCP localport = 445 name = "Block_TCP-445". Click on Enter again.

As a result of this procedure, a Windows Firewall rule will also be created to close port 445. Some users, however, report that this method does not work on their machines: during the check, the port remains in the “LISTENING” status. In this case, you should try the third method, which is also quite simple.

Closing ports through the Windows registry

You can also block connections to port 445 by modifying the system registry. This method should be used with caution: the Windows registry is the main database of the entire system, and an accidental mistake can lead to unpredictable consequences. Before working with the registry, it is recommended to make a backup copy, for example, using the CCleaner program.

Click on Start and in the search bar enter "Regedit"... Click on Enter.
In the registry tree, change to the following directory: HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ services \ NetBT \ Parameters.
A list of parameters is displayed on the right side of the window. Right-click in a free area of the list and select Create... From the dropdown menu select DWORD parameter (32-bit) or DWORD parameter (64-bit) depending on your system type (32-bit or 64-bit).
Rename the new parameter to SMBDeviceEnabled, and then double-click on it. In the displayed window Parameter change in field Meaning replace 1 with 0 and press OK to confirm.

This method is most effective if you follow the instructions above exactly. It should be noted that it only applies to port 445.

For more effective protection, you can also disable the Windows Server service after making changes to the registry. To do this, do the following:

Click Start and in the search bar type "services.msc". A list of Windows system services will open.
Find the Server service and double click on it. As a rule, it is located somewhere in the middle of the list.
In the displayed window in the dropdown list Launch type choose Disabled and press OK.

The above methods (with the exception of the third) allow you to close not only port 445, but also ports 135, 137, 138, 139. To do this, when performing the procedure, simply replace the port number with the desired one.

If you later need to open ports, simply delete the created rule in Windows Firewall or change the value of the parameter created in the registry from 0 to 1, and then enable the Windows Server service back by selecting from the list Launch type meaning Automatically instead of Disabled.

Important! It should be remembered that port 445 in Windows is responsible for sharing files, folders and printers. Thus, if you close this port, you can no longer “share” the shared folder with other users or print a document over the network.

If your computer is included in a local network and you need these functions to work, you should use third-party protection tools. For example, activate your antivirus firewall, which will take control of all ports and monitor them for unauthorized access.

By following the above recommendations, you can protect yourself from an invisible but serious vulnerability in Windows and protect your data from numerous types of malicious software that can enter the system through ports 139 and 445.

Every day, PC owners are faced with a huge number of dangerous programs and viruses that somehow get on the hard drive and cause important data leakage, computer breakdown, theft of important information and other unpleasant situations.

Most often, computers running on Windows operating systems of any version, be it 7, 8, 10 or any other, are infected. The main reason for such statistics is incoming connections to PCs or "ports", which are the weak point of any system due to their default availability.

The word "port" is a term that implies the serial number of incoming connections that are directed to your PC from external software. It often happens that these ports are exploited by viruses that easily penetrate your computer using an IP network.

Virus software, having entered a computer through such incoming connections, quickly infects all important files, not only user files, but also system files. To avoid this, we recommend that you close all standard ports that can become your vulnerability when attacked by hackers.

What are the most vulnerable ports on Windows 7-10?

Numerous studies and expert polls show that up to 80% of malicious attacks and hacks occurred using the four main ports used for fast file exchange between different versions of Windows:

TCP port 139, required for remote connection and PC control;
TCP port 135 for command execution;
TCP port 445 for fast file transfer;
UDP port 137, through which a quick search is performed on a PC.

Closing ports 135-139 and 445 in Windows

We suggest that you familiarize yourself with the simplest ways to close the ports of Windows, which do not require additional knowledge and professional skills.

Using the command line

The Windows command line is a software shell that is used to set certain functions and parameters to software that does not have its own graphical shell.

In order to run the command line, you must:

Press the key combination Win + R at the same time
In the command line that appears, enter CMD
Click on the "OK" button

A working window with a black background will appear, in which it is necessary to enter the following commands one by one. After each line entered, press the Enter key to confirm the action.
netsh advfirewall firewall add rule dir = in action = block protocol = tcp localport = 135 name = "Block1_TCP-135"(command to close port 135)
netsh advfirewall firewall add rule dir = in action = block protocol = tcp localport = 137 name = "Block1_TCP-137"(command to close port 137)
netsh advfirewall firewall add rule dir = in action = block protocol = tcp localport = 138 name = "Block1_TCP-138 ″(command to close port 138)
netsh advfirewall firewall add rule dir = in action = block protocol = tcp localport = 139 name = "Block_TCP-139 ″(command to close port 139)
netsh advfirewall firewall add rule dir = in action = block protocol = tcp localport = 445 name = "Block_TCP-445"(command to close port 445)
netsh advfirewall firewall add rule dir = in action = block protocol = tcp localport = 5000 name = "Block_TCP-5000"

The six commands we have given are necessary for: closing 4 vulnerable Windows TCP ports (open by default), closing UDP port 138, and also closing port 5000, which is responsible for listing available services.

Closing ports with third-party programs

If you don't want to waste time working with the command line, we suggest that you familiarize yourself with third-party applications. The essence of such software is to edit the registry in automatic mode with a graphical interface, without the need to manually enter commands.

According to our users, the most popular program for this purpose is Windows Doors Cleaner. It will help you to easily close ports on a computer running Windows 7/8 / 8.1 / 10. Older versions of operating systems are unfortunately not supported.

How to work with a program that closes ports

In order to use Windows Doors Cleaner, you must:

1. Download software and install it
2. Run the program by right-clicking on the shortcut and selecting "run as administrator"
3. In the appeared working window there will be a list of ports and buttons "Close" or "Disable" that close vulnerable ports of Windows, as well as any others at will
4. After the necessary changes have been made, you need to reboot the system

Another advantage of the program is the fact that it can be used not only to close ports, but also to open them.

Drawing conclusions

Closing vulnerable network ports in Windows is not a panacea for all ills. It is important to remember that network security can only be achieved by comprehensive actions aimed at closing all the vulnerabilities of your PC.

For Windows security, the user must install critical updates from Microsoft, have licensed antivirus software and a firewall, use only secure software and regularly read our articles, which tell about all existing ways to achieve anonymity and security of your data.

Do you know more convenient ways to close network ports? Share your knowledge in the comments and do not forget to repost the article to your page. Share useful information with your friends and don't give hackers a chance to harm your loved ones!