What does the close port 445 command mean?

Win10 system how to close port 445

Today’s ransomware is prevalent, if you are not careful then you will be invaded, ransomware is spread through the invasion of ports, mainly 445 ports, then we can effectively prevent ransomware by closing the 445 ports, how to close the 445 ports of the win10 system? The specific steps are as follows.

Method 1: Close the server service

1, first of all, in the search box of the start menu, type “command”, and then in the “command prompt” on the right mouse button, and then click on the “run as administrator”. “Run as administrator”;

2, open the command prompt window, type the command: netstopserver to complete, press the Enter key (Enter) to confirm the run, when you see the “Server service is stopping! After seeing the “Server service is stopping” prompt, it means that the operation is successful, stop Win10 service, you can prevent the ransomware virus from utilizing the attack.

Method 2: Close Win10445 port

The ransomware virus utilizes the NSA hacking toolkit “Eternal Blue” 0day vulnerability, through the computer 445 port (file sharing common users basically can not use this port, you can close) worm infection in the intranet. In order to prevent the spread of intranet infections, it is recommended that users close Win10 port 445, the specific method of operation is as follows.

1, first open the Win10 firewall, and then click to enter the left side of the “Advanced Settings”;

2, open the firewall advanced settings, click on the left side of the “inbound rules”, and then click on the right side of the “New Rule”. “New Rule”;

3. In the New Rule settings, select “Port” next “TCP (UDP)” and select “Specific local port”, and then enter the port name “445”, continue to click on the next step;

4, and then the next step, in the “operation” option, select the “

5. Finally, in the name of “Disable port 445”, and then click “Finish”.

The above gives you the detailed steps on how to close port 445 on Win10, so that you can effectively prevent ransomware.

What is the role of port 445 and how to close it?

The role of port 445 is to realize some shared folders and some shared printers, as long as the scope of the local area network can be easily accessed, but also because of this, the possibility of hacking has increased, the hacker can enter our hard disk through the 445 port, so that we can share our files, or will be our hard disk data formatting, resulting in data loss. The following is a list of ways to disable port 445.

In order to prevent hackers from entering, resulting in data leakage, we must close port 445 in time, the following is the method of closing port 445.

Port 445 shutdown method:

1. firewall settings method

2. group policy settings

3. port exclusion method

4. server shutdown method

5. registry settings method

Port 445 shutdown method is the above five, the operation of the general have their own corresponding methods. Mainly to introduce the port exclusion method is how to complete the closure of port 445.

Port exclusion method:

To enter the 445 port of all the information to prohibit the operation, it is the use of Windows2000 computer operating system ports to exclude the function, so that hackers can not enter the host computer will not affect the computer’s internal data.

The main process is to first open the menu in the Windows2000 computer operating system, and then find the Settings option, and then select Settings below the network and dial-up connection options, click the right mouse button to find the option to browse, and then enter, after entering the agreement to the Internet Protocol, and then click on Properties to find the option to set Internet The interface of the protocol properties; in the interface of the properties of the advanced button, click to enter, enter to set the advanced TCP / IP a setup window, and then find the Options tab, and then find part of the option to set, the TCP / IP filtering operation, and then use the left mouse button to select the properties of the option to click, and then you will enter into a corresponding setup window.

Because port 445 is a kind of TCP port, we can find the corresponding TCP port setting options, and then allow the settings, select the settings page of the add option, will have to use the corresponding number of the service port to add the number, the number of service ports that will not be used out of the exclusion of the selection, complete the setup of the operation, select the OK can be so that the 445 port shutdown operation is complete. After finishing the setting operation, check OK, and then the 445 port shutdown operation is completed.

This method utilizes the port exclusion feature of Windows 2000 to disable all packets from port 445, so that the “big bad guys” can’t get close to your host. Windows2000 system’s Start menu, select “Settings” item below the “Network and Dial-up Connections” icon, and click with the right mouse button, from the shortcut menu, click the “Browse” command. “command; the “Internet Protocol (TCP / IP)” item is selected, and then click the “Properties” button to open the Internet Protocol (TCP / IP) Properties settings page; Continue to click the “Advanced” button to open the Advanced TCP/IP Settings window, select the “Options” tab, and in the “Optional Settings” section of the tab, select “TCP/IP”. In the “Optional Settings” section of the tab, select “TCP/IP Filtering”, and then click the corresponding “Properties” button to open the settings window shown in Figure 1; Since port 445 belongs to a kind of TCP port, you can set the “TCP Port” setting in the corresponding “TCP Port” section. As port 445 is a TCP port, you can check the “Allow only” item in the corresponding “TCP ports” setting item, activate the “Add” button below, click the button, and in the “Add filter” window that opens, add the necessary filters to the “Add filter” window, and then click the corresponding “Properties” button to open the settings window shown in Figure 1. “window, will have to use a few service port number, are added, and will not be used to exclude the 445 port number, set up, click “OK” button, you can let the settings take effect. Taking into account the folder or printer sharing services will be utilized only to the 445 port, so directly stop the folder or printer sharing services, but also to achieve the purpose of closing the 445 port, so that hackers can not destroy a variety of shared resources, the following is the specific steps to close the folder or printer sharing services: select the “Network and Dial-up Connections “Properties” option to bring up the Internet Connection Properties window; open the “General” tab page, and in the “This connection uses the following selected components” list box, set the “Microsoft network file or printer sharing” option in front of the cancel the check mark, as shown in Figure 2. Finally click the “OK” button, restart the system, the Internet “big bad” people will not have the right to access to a variety of shared resources.  Of course, you can not stop the shared services under the condition of depriving the “big bad” the right to share access; the use of local security settings in the “User Rights Assignment” function, specify any user on the Internet do not have the right to access the local host! To do this, click on the “Local Security Settings” option, then expand the “Security Settings” “Local Policies” “User Rights Assignment” folder, and in the corresponding folder, click on the “User Rights Assignment” folder. “folder, in the corresponding right sub-window, select the “Deny access to this computer from the network” option, and double-click with the left mouse button; open the settings window shown in Figure 3, click the “Add” button, from the pop-up “Select Users or Groups” option, click the “Add” button, from the pop-up “Select Users or Groups” option. “Select user or group” dialog box, select “everyone” option, and then click “Add” button, and finally click “OK “so that any one user can not be accessed from the network to the local host. However, the method of “combat” a wide range of consequences, whether it is the “enemy” or “good people”, can not access the shared resources, so this method is suitable for use in the preservation of Therefore, this method is suitable for servers with absolutely confidential information. This method is to modify the registry will be used for folder or printer sharing services prohibited, the specific method of operation is as follows: In the Windows 2000 system’s Start menu, click the “Run” command, open the Run dialog box, type “regedit Services\NetBT\Parameters”; in the right window corresponding to this branch, create a new double-byte value and name it “SMBDeviceEnabled” (as shown in Figure 4), and then set its value directly to “0”, complete the setup, exit the registry editing interface, reboot the system is OK. This method utilizes the firewall’s security filtering rules to block any packets passing through port 445. For example, you can start the “KV3000 Anti-Hacker Firewall” tool, click the “Firewall Control” at the “Rule Settings” button, then open the Rule Settings window. In the rule setting window, continue to click the “Add Rule” button to open the setting interface shown in Figure 5;

In the name setting of the interface, name the rule “Close Port 445”, in the “Network Conditions” setting item, name the rule “Close Port 445”, and in the “Network Conditions” setting item, name the rule “Close Port 445″. network conditions” setting, check the “Accept packets” option; then set the IP address of the other party to “Any address”, and check the “Specify local IP address” option for the local IP address. Then, set the IP address of the other party to “Any address”, check the “Specify local IP address” option of the local IP address, and enter the IP address of the local host.  Next, click the “TCP” tab in the interface, and in the Local Port, check the “Specify Port” option, and then enter the port number “445”; in the “Other Port” tab, check the “Any Address” option, and then enter the IP address of the local host. For “Other Port”, check the “Any Port” option.

Next, check the “When system accesses the network” option in the “Rule object” setting, and in the “When all conditions are met” setting, check the “Block” option. “Intercept” option, complete all the parameter settings, and then click the “OK” button, you can create a good security filtering rules. Return to the rule setting window of Anti-Hacker Firewall, select the “Close Port 445” filtering rule just created (as shown in Figure 6), in this way, all kinds of illegal invasions from Port 445 will be automatically blocked by Anti-Hacker Firewall. In this way, all kinds of illegal invasions from port 445 will be blocked automatically by Anti-Hacker Firewall. In this way, by customizing an IP security policy, the 445 service port will be shut down, and the specific implementation steps are as follows: In the Start menu of the Windows2000 system, click “Programs”, “Administrative Tools”, and “Local Security Policy”. “Local Security Policy”, open a local group policy editing interface, with the right mouse button click on the interface of the “IP Security Policy, in the local machine” option, from the shortcut menu that opens, click “Create IP Security Policy” option, a pop-up menu will appear. Security Policy” option from the shortcut menu that opens, click “Create IP Security Policy” option, a creation wizard interface pops up; click the “Next” button, and then in the “Name” text box, enter the name of the newly created security policy, for example, enter here is “Close port 445”, then click the “Next” button, select “Activate default response rules”, and set the rest of the parameters to default values, you can complete the creation of a new security policy. The creation of a new security policy can be completed, as shown in Figure 7. Click the “Add” button in Figure 7 to bring up a security rule setup wizard interface, click the “Next” button, check the “This rule does not specify tunnels” option, and then set the “Network Type” to the default value. Network Type” is set to “All Network Connections”, and then check the “Windows 2000 default value ……” option. “option, continue to click the” Next “button, an IP filter list pop-up interface; click the interface of the” Add “button, set the name of the IP filter to ” Block port 445″, click the “Add” button, then set the source address to “Any IP address”, set the destination address to “My IP address”, and continue to click the “Next” button. After clicking the “Next” button, a protocol type selection box will pop up, and the protocol type will be set to “TCP”; then, in the pop-up window in Figure 8, check the “From any port to this port” option. Then, in the pop-up window of Figure 8, select the option of “From any port to this port” and set the port to “445”, finally click the “Finish” button, and click the “Close” button to return to the IP Filter list page. Return to the IP Filters list page, select the “Block port 445” filter, click the Next button, and from the window that opens, select the Deny option. Click the Next and Finish buttons to add the Block Port 445 filter to the IP Security Policy named “Close Port 445″. Port” in the IP Security Policy (shown in Figure 9), and then click the “OK” button to return to the “Local Security Settings” window.

Finally, in the Local Security Settings window, right-click on the “Close Port 445” policy, and from the pop-up shortcut menu, click All Tasks | Assign. “Assign” command in the shortcut menu to make the above settings take effect.

cmd how to close the 445 port

Recommended: “Programming Video”

The method of closing the 445 port:

1, use the shortcut key Win + R to bring up the run window, enter cmd to enter the command program window, next enter the command “netstat-na “interface to see that at this time port 445 has been in the open state;

2, the next administrator identity to open the run command program window, in the CMD window enter the following command: netshadvfirewallsetallprofilestateon

netshadvfirewallfirewalladdrulename=deny445dir=inaction=blockprotocol=TCPlocalport=445Press enter after entering each command;