How to close port 445 on windows 7. How to close Windows ports. Finding out if the ports are open

To solve various problems related to the local network or the Internet, Windows 10 uses predefined ports. One of them, number 445, in some cases is recommended to be closed manually, despite the fact that the operating system turns it on automatically.

What is a TCP port

Port 445 is one of the TCP ports. TCP is a protocol, that is, a set of conditions and rules that ensure stable interaction between multiple devices over the Internet. This protocol, like all others, establishes a certain format for transmitting information. If it were not there, then, for example, from one device a packet of information would be sent in the form of the string “User: Name”, while another device expected to see the string “Name - user”, as a result of which it would not be able to correctly process the request and the Internet connection was interrupted.

The TCP protocol also provides security by checking the IP address (a unique device number) every time a data packet is sent. Thanks to this, even if any third-party device is introduced into the flow of transmitted information, the data will not be sent to it.

What is port 445 responsible for?

Port number 445 is one of many that operate over the TCP protocol. But it has a specific job that other ports don't do—providing connections between shared printers, scanners, and folders. Shared refers to devices and data that can be accessed from any computer, not just the one to which they are connected or located.

For example, you can connect to a shared printer from a computer that does not have a direct cable connection to the printing device. To do this, you need to connect to the computer to which the cable from the printer is connected via port 445. After this, the user of the device will be able to send commands to the printer (start printing, stop it, etc.) without physically connecting to it.

With a connection to port 445, you can also view the contents of your hard drive and change it.

Why port 445 should be closed

On the one hand, port 445 will be useful if you work on several computers at once: you can quickly exchange data and control devices connected to another computer via the Internet. On the other hand, open port 445 puts you in danger. Experienced people can use it as a vulnerability in the operating system: they will connect to it and gain access to your files located on your hard drive.

If you do not intend to use the capabilities of this port or store important files in the computer's memory, use the instructions below to close the port, thereby patching one of the potentially dangerous holes in Windows.

How to check if a port is open

Before closing a port manually, it is worth checking whether it is currently open. By default, Windows 10 opens it. But some third-party antiviruses, or more precisely firewalls (programs that ensure network security), can close it.

Closing the port

In Windows 10, there are several ways to close port 445. If one of them does not work for some reason, try another. But no matter what method you choose, the result will be the same - port 445 will no longer be listened to, that is, it will be impossible to connect to it.

Using a firewall

A firewall is a program that ensures the security of a user using the Internet, so it can be used to block potentially dangerous ports. Windows 10 has a built-in firewall that can handle this task:

Expand the Windows search bar by clicking on the magnifying glass icon located in the lower left corner of the screen. Enter the query “Windows Firewall” and expand the found option. Open firewall settings
In the Control Panel window that opens, click on the “Advanced Settings” line.
Open additional firewall settings
Go to the Inbound Rules folder and start creating a new rule.
Click the “Create Rule” button
Specify that the rule will be created for the port and proceed to the next step.
Specify the option “For port”
Check the box next to “TCP Protocol” and enter port 445.
Select TCP protocol and port 445
Select the "Block connection" option.
Select “Connection blocking”
Do not uncheck all three boxes, let the blocking apply to all levels.
Leave the created rule to be applied to all profiles
Write down a clear name and description, which in the future will allow you to remember what the created rule is responsible for - suddenly you or another user will have to unblock this port.
Specify a name and description for the task

Using the command line

The command line allows you to manage all system settings. Including through it you can open and close ports:

By completing the above two steps, you will create the same firewall rule as you would have done by configuring the firewall.

Using the registry

The registry stores values for all operating system settings. By changing them, you can activate or deactivate the port:

After completing all the steps, close the registry and restart your computer for the changes to take effect.

With the help of WWDC

WWDC is a third-party program that simplifies the process of enabling and disabling ports. The official website from which you can download the application is http://wwdc.toom.su (not available at the time of writing).

After you download and open the program, a list of ports and their status will appear: enable - enabled, disable - suspended, close - closed. Find number 445 among all ports and click on the button located under its name - its status will change. You must set the option to close.

Set port 445 to close

After the required parameter is set, the changes will take effect and port 445 will be closed.

Video: how to close a port in Windows 10

Port 445 is responsible for remote work with shared printers and folders. Its disadvantage is that it reduces the level of system protection. To protect yourself from viruses, you should close this port using a firewall, command line, registry, or WWDC application.

Yesterday, unknown people staged another massive attack using an encryption virus. Experts said that dozens of large companies in Ukraine and Russia were affected. The ransomware virus is called Petya.A (probably the virus is named after Petro Poroshenko). They write that if you create a perfc file (without extension) and place it at C:\Windows\, the virus will bypass you. If your computer reboots and starts “disk check”, you need to turn it off immediately. Booting from a LiveCD or USB drive will give you access to the files. Another method of protection: close ports 1024–1035, 135 and 445. We will now look at how to do this using Windows 10 as an example.

Step 1
Let's go to Windows Firewall(it’s better to choose enhanced security mode), select the “ Extra options».
Select the tab " Rules for incoming connections", then the action " Create a rule"(in the right column).

Step 2
Select the type of rule - “ for Port" In the next window, select “ TCP protocol", indicate the ports you want to close. In our case it is " 135, 445, 1024-1035 "(without quotes).

Step 3
Select the item “ Block connection", in the next window we mark all profiles: Domain, Private, Public.

Step 4
All that remains is to come up with a name for the rule (so that it will be easy to find in the future). You can specify a description of the rule.

If some programs stop working or work incorrectly, you may have blocked the port they are using. You will need to add an exception for them in the firewall.

135 TCP port used by remote services (DHCP, DNS, WINS, etc.) and in Microsoft client-server applications (for example, Exchange).

445 TCP port used in Microsoft Windows 2000 and later for direct TCP/IP access without using NetBIOS (for example, in Active Directory).

Publication

The WannaCry virus, also known as WannaCrypt or Wanna Decryptor, hit the virtual world in May 2017. The malware penetrated local networks, infecting one computer after another, encrypting files on disks and demanding that the user transfer $300 to $600 to the ransomware to unlock them. The Petya virus, which gained almost political fame in the summer of 2017, acted in a similar way.

Both network pests penetrated the operating system of the victim computer through the same door - network ports 445 or 139. Following the two large viruses, smaller types of computer infections began to be exploited. What kind of ports are these that are scanned by everyone and everything?

What are ports 445 and 139 responsible for in Windows?

These ports are used in Windows to share files and printers. The first port is responsible for the Server Message Blocks (SMB) protocol, and the second port runs the Network Basic Input-Output System (NetBIOS) protocol. Both protocols allow computers running Windows to connect over the network to “shared” folders and printers over the basic TCP and UDP protocols.

Starting with Windows 2000, file and printer sharing over the network is carried out primarily through port 445 using the SMB application protocol. The NetBIOS protocol was used in earlier versions of the system, operating through ports 137, 138 and 139, and this feature was retained in later versions of the system as an atavism.

Why are open ports dangerous?

445 and 139 is a subtle but significant vulnerability in Windows. By leaving these ports unprotected, you open the door to your hard drive wide open to uninvited guests such as viruses, trojans, worms, and hacker attacks. And if your computer is connected to a local network, then all its users are at risk of infection with malicious software.

In effect, you are sharing your hard drive with anyone who can access these ports. If desired and skillful, attackers can view the contents of a hard drive, or even delete data, format the drive itself, or encrypt files. This is exactly what the WannaCry and Petya viruses did, the epidemic of which swept across the world this summer.

Thus, if you care about the security of your data, it would be a good idea to learn how to close ports 139 and 445 in Windows.

Finding out if the ports are open

In most cases, port 445 is open in Windows because printer and file sharing is automatically enabled when Windows is installed. You can easily check this on your machine. Press the keyboard shortcut Win+R to open the Quick Launch window. In it, enter “ cmd" to launch the command line. At the command line, type “ netstat -na" and press Enter. This command allows you to scan all active network ports and display data about their status and current incoming connections.

After a few seconds, a port statistics table will appear. At the very top of the table the IP address of port 445 will be indicated. If the last column of the table contains the status "LISTENING", this means that the port is open. Similarly, you can find port 139 in the table and find out its status.

How to close ports in Windows 10/8/7

There are three main methods to close port 445 in Windows 10, 7 or 8. They do not differ much depending on the system version and are quite simple. You can try any of them to choose from. You can also close port 139 using the same methods.

Closing ports through the firewall

The first method, which allows you to close port 445 in Windows, is the simplest and is accessible to almost any user.

Go to Start > Control Panel > Windows Firewall and click on the link Extra options.
Click Rules for Incoming Exceptions > New Rule. In the window that appears, select For Port > Next > TCP Protocol > Specific Local Ports, enter 445 in the field next to it and click Further.
Next select Block connection and press again Further. Check three boxes again Further. Enter a name and, if desired, a description of the new rule and click Ready.

Now the possibility of incoming connections to port 445 will be closed. If necessary, a similar rule can be created for port 139.

Closing ports via the command line

The second method involves command line operations and is more suitable for advanced Windows users.

Click Start and in the search bar at the bottom of the menu, type “ cmd". In the list that appears, right-click on cmd and select Run as administrator.
Copy the command into the command line window netsh advfirewall set allprofile state on. Click Enter.
Then copy the following command: netsh advfirewall firewall add rule dir=in action=block protocol=TCP localport=445 name="Block_TCP-445". Click Enter again.

As a result of the procedure, a Windows Firewall rule will also be created to close port 445. Some users, however, report that this method does not work on their machines: when checking, the port remains in the “LISTENING” status. In this case, you should try the third method, which is also quite simple.

Closing ports through the Windows registry

You can also block connections to port 445 by making changes to the system registry. This method should be used with caution: the Windows registry is the main database of the entire system, and an accidental error can lead to unpredictable consequences. Before working with the registry, it is recommended to make a backup copy, for example, using CCleaner.

Click Start and in the search bar enter "regedit". Click Enter.
In the registry tree, navigate to the following directory: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters.
A list of options will appear on the right side of the window. Right-click in an empty list area and select Create. From the drop-down menu, select DWORD value (32-bit) or DWORD value (64-bit) depending on your system type (32-bit or 64-bit).
Rename the new parameter to SMBDeviceEnabled, and then double-click on it. In the window that appears Changing a parameter in field Meaning replace 1 with 0 and press OK for confirmation.

This method is most effective if you follow the above instructions exactly. It should be noted that it only applies to port 445.

To make protection more effective, you can also disable the Windows Server service after making changes to the registry. To do this, do the following:

Click Start and enter in the search bar "services.msc". A list of Windows system services will open.
Find the Server service and double-click on it. As a rule, it is located somewhere in the middle of the list.
In the window that appears, in the drop-down list Startup type select Disabled and press OK.

The above methods (with the exception of the third) allow you to close not only port 445, but also ports 135, 137, 138, 139. To do this, when performing the procedure, simply replace the port number with the desired one.

If you later need to open ports, simply delete the created rule in the Windows Firewall or change the value of the parameter created in the registry from 0 to 1, and then enable the Windows Server service back by selecting from the list Startup type meaning Automatically instead of Disabled.

Important! It is important to remember that port 445 in Windows is responsible for sharing files, folders and printers. Thus, if you close this port, you will no longer be able to “share” the shared folder with other users or print a document over the network.

If your computer is connected to a local network and you need these functions for work, you should use third-party protection tools. For example, activate your antivirus firewall, which will take control of all ports and monitor them for unauthorized access.

By following the recommendations above, you can protect yourself from invisible but serious vulnerabilities in Windows and protect your data from numerous types of malicious software that can penetrate the system through ports 139 and 445.

→ How to close vulnerable ports in Windows?

How to close vulnerable ports in Windows?

Almost every day, dozens of computers around the world are infected with dangerous viruses, and more and more users are starting to look for ways to improve the security of their personal computer.

PCs running the Windows operating system are most often infected. This is due to the fact that most viruses penetrate the OS through certain incoming connections, so-called “ports”, which, unfortunately, are enabled by default.

Simplifying somewhat, the concept of “port” can be defined as the number of incoming connections from external programs (including viruses) to your computer via an IP network. Each port is assigned a unique number to identify the only possible recipient of data in the operating system.

Having penetrated the computer, viruses begin to infect user data and open all previously closed Windows ports for faster spread throughout the system. To prevent this from happening, it is necessary to block the most vulnerable ports, thereby preventing the possibility of infection and raising Windows security to a higher level.

The most vulnerable ports of Windows 7 – 10

TCP port 445 (it is used for file exchange)
TCP port 139 (designed for remote connection to a computer)
UDP port 137 (used to search for information on other computers)
TCP port 135 (command tasks are executed through it)

How to close ports 135 to 139 and 445 in Windows?

There are many options for closing Windows ports, but in this article we will look at the easiest ways to do this.

Method 1 - Using the Command Line

The Windows command line is used to set values for system settings that do not have a graphical interface. These functions include the open connection ports under consideration.

The command line starts in several stages:

Press the key combination Win+R
In the command window that appears, type CMD
Click "OK"

A window with a black background will appear in front of you. Copy the lines below into it one by one and press the enter key:

netsh advfirewall firewall add rule dir=in action=block protocol=tcp localport=135 name="Block1_TCP-135"

netsh advfirewall firewall add rule dir=in action=block protocol=tcp localport=137 name="Block1_TCP-137"

netsh advfirewall firewall add rule dir=in action=block protocol=tcp localport=138 name="Block1_TCP-138"

netsh advfirewall firewall add rule dir=in action=block protocol=tcp localport=139 name="Block_TCP-139"(the command helps close port 139)

netsh advfirewall firewall add rule dir=in action=block protocol=tcp localport=445 name="Block_TCP-445"(the command helps close port 445)

netsh advfirewall firewall add rule dir=in action=block protocol=tcp localport=5000 name="Block_TCP-5000"

These six commands close the 4 most dangerous open Windows ports listed above, as well as port 5000, which is responsible for discovering open services, and UDP port 138 for NetBIOS name resolution.

Method 2 - using third-party programs

To avoid manual command line work, you can use third-party software. The essence of his work comes down to the same editing of the registry as in the method above, only in a visual display.

Instructions for working with a program that closes ports

1. 1. Download and install the program

1. 2. The installed program must be run with administrator rights

1. 3. In the window that appears, clicking the “Close” or “Disable” buttons disables and closes all vulnerable Windows ports

It is important to note that with this program you can not only close, but also open ports.

Conclusion

In addition to closing the most dangerous network ports on your computer, you must remember that these actions do not achieve maximum security for the operating system.

On your Windows, you need to install critical update packages sent by Microsoft, antivirus programs, secure browsers and other software that increases security and anonymity.

We invite you to discuss the topic of protecting network ports in the comments and share useful methods for increasing confidentiality. Don't forget to send the link to this article to your friends so that they too know how to close open Windows ports.

Also watch our video where we talk in more detail about how to close vulnerable ports: