Cve

I"ve had constant warnings of blocking vulnerability CVE-2017-0144 in SMB exploited by the WannaCryptor ransomeware by Avast Premier. I"m aware this first occurred baông chồng in 2017 và since then everyone has since patched up their computer"s, me included, & supposedly successfully blocked port 445. I"ve sầu not had this security warning for a long time until a couple of days ago. Furthermore, on checking the commvà prompt using netstat -na I"ve found that port 445 is in fact open và still listening. So I followed every method as recommended in the following article: https://www.backup-utility.com/anti-ransomware/how-to-block-port-445-in-windows-3889.html

 

However, even after trying all of them, port 445 appears to still remain open, while I still appear to lớn get the warning. Any suggestions on what lớn vị next in order lớn cthua trận the port & stop the message constantly re-occurring?

 

Thank you.

Bạn đang xem: Cve


Attached Files

BC AdBot (Login to lớn Remove)


*
neftekumsk.comRegister to remove sầu ads

#2buddy215


buddy215
*
Moderator17,035 postsONLINEGender:MaleLocation:West TennesseeLocal time:07:50 AM

Posted 27 August 2019 - 02:36 PM


If you follow the instructions for closing 445 in Windows firewall in link below you should be okay.

Your image does show it open.

Top Three Easy Methods to Block TCP Port 445 in Windows 10/7/XP


“Every atom in your toàn thân came from a star that exploded và the atoms in your left hvà probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”― Lawrence M. KraussA 1792 U.S. penny, designed in part by Thomas Jefferson & George Washington, reads “Liberty Parent of Science & Industry.”

Republican senators will DID approve of insurrection and attempted coup led by Trump.

 

 

#3Didier Stevens


Didier Stevens
*
BC Advisor
2,947 postsOFFLINEGender:Not TellingLocal time:01:50 PM
Posted 27 August 2019 - 03:25 PM


I see that your computer has a private IPhường address.

 

Is that computer on a hostile network? I assume it doesn"t have sầu an interface with a public IP?


Didier Stevenshttp://blog.DidierStevens.comhttp://DidierStevensLabs.com

SANS ISC Senior HandlerMicrosoft MVPhường. 2011-2016 Consumer Security, Windows Insider MVP. 2016-2022

 

If you send me messages, per Bleeping Computer"s Forum policy, I will not engage in a conversation, but try to lớn answer your question in the relevant forums post. If you don"t want this, don"t sover me messages.

 

Stevens" law: "As an online security discussion grows longer, the probability of a reference lớn BadUSB approaches 1.0"

#4compbuff


compbuffTopic Starter
*
Members169 postsOFFLINEGender:MaleLocal time:12:50 PM
Posted 27 August 2019 - 03:59 PM


buddy215 I"m not sure if you saw my own links. It was that same article that I tried all 3 methods from & the port is still open.

 


Didier Stevens No it isn"t. It was connected to my home page network.

Edited by compbuff, 27 August 2019 - 04:04 PM.


#5buddy215


buddy215
*
Moderator
17,035 postsONLINEGender:MaleLocation:West TennesseeLocal time:07:50 AM

Posted 27 August 2019 - 04:52 PM


When I run the tests at GRC | ShieldsUP! — Internet Vulnerability Profiling it shows all of the commonly used ports are stealthed.

Example:

*

*
   

Take a minute or two và run the tests File Sharing, Common Ports, Service Ports và Browser Headers


“Every atom in your toàn thân came from a star that exploded và the atoms in your left h& probably came from a different star than your right hvà. It really is the most poetic thing I know about physics...you are all stardust.”― Lawrence M. KraussA 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

Republican senators will DID approve sầu of insurrection and attempted coup led by Trump.

 

 

#6Didier Stevens


Didier Stevens
*
BC Advisor
2,947 postsOFFLINEGender:Not TellingLocal time:01:50 PM
Posted 27 August 2019 - 05:05 PM


If you"re on your trang chủ network, you can"t receive sầu incoming connections from the Internet directly to lớn your computer (unless you configured port forwarding).

 

You don"t have sầu to lớn worry about open ports on your computer if said computer is on your home page network và not exposed on the Internet.

 

So where are these packets coming from? Do you have sầu other Windows computers on your network?


Didier Stevenshttp://blog.DidierStevens.comhttp://DidierStevensLabs.com

SANS ISC Senior HandlerMicrosoft MVP 2011-năm nhâm thìn Consumer Security, Windows Insider MVPhường 2016-2022

 

If you skết thúc me messages, per Bleeping Computer"s Forum policy, I will not engage in a conversation, but try lớn answer your question in the relevant forums post. If you don"t want this, don"t skết thúc me messages.

 

Stevens" law: "As an online security discussion grows longer, the probability of a reference to lớn BadUSB approaches 1.0"

#7compbuff


compbuffTopic Starter
*
Members169 postsOFFLINEGender:MaleLocal time:12:50 PM
Posted 28 August 2019 - 03:48 AM


Didier Stevens No, but I have my phone, ipad & printer connected lớn my network,hence the extra packets. I also vì chưng use my dongle to connect lớn my máy tính xách tay. when I am out & not at work but never connect lớn a public network. 

 

 

You don"t have sầu khổng lồ worry about open ports on your computer if said computer is on your home network & not exposed on the Internet.

 

Yes, because the home network is protected by my router"s firewall and the security programs but that doesn"t help me in stopping the security warning going off constantly & also because leaks can expose an open port even on a trang chính network otherwise people would never get malware or virut attacks on their trang chủ network, so I would prefer the port closed.

Edited by compbuff, 28 August 2019 - 06:32 AM.

Xem thêm: 7 Cách Chống Nóng Mái Tôn Hiệu Quả, 7 Biện Pháp Chống Nóng Cho Mái Tôn Hiệu Quả


#8compbuff


compbuffTopic Starter
*
Members169 postsOFFLINEGender:MaleLocal time:12:50 PM

Posted 28 August 2019 - 05:47 AM


buddy215

I ran the tests. For the tệp tin sharing chạy thử port 139 is fully stealthed và my PC does not expose my internal NetBtiện ích ios over the internet. For the commonly used ports all 32 ports were stealthed. For the service ports all of the first 1056 ports were steathed. For the browser headers the entire contents of my browser"s request for this page was given but no assessment or explanation of the results.

Edited by compbuff, 28 August 2019 - 05:48 AM.


#9Didier Stevens


Didier Stevens
*
BC Advisor
2,947 postsOFFLINEGender:Not TellingLocal time:01:50 PM

Posted 28 August 2019 - 03:02 PM


Didier Stevens No, but I have sầu my phone, ipad tablet và printer connected to lớn my network,hence the extra packets. I also do use my dongle to lớn connect lớn my laptop. when I am out & not at work but never connect to a public network. 

 

 

You don"t have lớn worry about open ports on your computer if said computer is on your trang chính network và not exposed on the Internet.

 

Yes, because the trang chính network is protected by my router"s firewall and the security programs but that doesn"t help me in stopping the security warning going off constantly & also because leaks can expose an open port even on a trang chính network otherwise people would never get malware or virus attacks on their home network, so I would prefer the port closed.


 

The major risk for comtháng users, is opening email attachments & clicking on liên kết from emails they don"t expect.

An open port on a trusted local network is a low security risk.

But let"s not open a discussion about this: you want that port closed, because it makes you feel insecure. So for you, it"s best lớn cthua thảm it.

 

But what I want khổng lồ know more about, is your "dongle". What is this? A 4G modem?


Didier Stevenshttp://blog.DidierStevens.comhttp://DidierStevensLabs.com

SANS ISC Senior HandlerMicrosoft MVP 2011-năm 2016 Consumer Security, Windows Insider MVP 2016-2022

 

If you send me messages, per Bleeping Computer"s Forum policy, I will not engage in a conversation, but try lớn answer your question in the relevant diễn đàn post. If you don"t want this, don"t sover me messages.

 

Stevens" law: "As an online security discussion grows longer, the probability of a reference lớn BadUSB approaches 1.0"

#10compbuff


compbuffTopic Starter
*
Members169 postsOFFLINEGender:MaleLocal time:12:50 PM
Posted 29 August 2019 - 03:38 PM


Didier Stevens

 

The major risk for comtháng users, is opening tin nhắn attachments and clicking on links from emails they don"t expect.

An open port on a trusted local network is a low security risk.

But let"s not open a discussion about this: you want that port closed, because it makes you feel insecure. So for you, it"s best lớn cthua kém it.

 

But what I want khổng lồ know more about, is your "dongle". What is this? A 4G modem?

 

Precisely yes. I want to be able to lớn cthua trận that port. 

 

And my dongle is a 4g UBB di động broadb& lớn connect lớn the mạng internet when I am out & about. 


#11Didier Stevens


Didier Stevens
*
BC Advisor2,947 postsOFFLINEGender:Not TellingLocal time:01:50 PM

Posted 30 August 2019 - 12:45 PM


Then you have sầu to make sure that your firewall is properly configured khổng lồ protect your machine when you use that dongle, because I"ve seen several examples where such using such a dongle gets assigned a public IP.. directly, và then you don"t have the protection offered by a router (NAT, firewall, ...).

 

Cheông chồng also if you get these alerts when you use your dongle.


Didier Stevenshttp://blog.DidierStevens.comhttp://DidierStevensLabs.com

SANS ISC Senior HandlerMicrosoft MVPhường 2011-năm nhâm thìn Consumer Security, Windows Insider MVPhường 2016-2022

 

If you send me messages, per Bleeping Computer"s Forum policy, I will not engage in a conversation, but try to lớn answer your question in the relevant forum post. If you don"t want this, don"t sover me messages.

 

Stevens" law: "As an online security discussion grows longer, the probability of a reference lớn BadUSB approaches 1.0"

#12compbuff


compbuffTopic Starter
*
Members169 postsOFFLINEGender:MaleLocal time:12:50 PM
Posted 30 August 2019 - 03:57 PM


Yes I vày get those alerts when I use my dongle và I have sầu tried to cđại bại port 445 without success. Windows firewall is managed by Avast which doesn"t appear to lớn have the facility khổng lồ blochồng the port the same way Windows firewall does, nor have sầu I found any instructions on being able lớn vì so.


Back lớn General Security
0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users


Reply to lớn quoted postsClear
*
*

Advertise|About Us|Terms of Use|Privacy Policy|Sitemap|Chat|RSS Feeds|Contact Us
Tech Support Forums|Virus Removal Guides|Downloads|Tutorials|The Computer Glossary|Uninstall List|Startups|The File Database

©2004-2021 All Rights Reserved Bleeping Computer LLC
.Site Changelog

Community Forum Software by IP.Board


Sign In


Username
Rethành viên meThis is not recommended for shared computers
Sign in anonymouslyDon"t add me to lớn the active sầu users list