Close wwdc ports. How to disable open ports in Windows XP

Hello to all blog readers.
Today we will talk about Windows ports and how to close them. You don't have to use a firewall to protect your computer; you can manually close ports and block some protocols.
A firewall can protect your personal computer and network from uninvited guests. If you don't want to install a firewall, but still want to protect your computer, then you have the ability to manually close a particular port or block certain protocols.
Some ports and protocols can be used to attack your system. For example, someone could control your computer using a service Telnet, if the port through which it usually works (port 23), abandoned open. Well known in many ways Trojan Back Orifice, giving thugs unlimited power over your system, uses various ports, and ports with numbers 31337 And 31338 .
To protect your computer, you should close all ports except the ones you need
for work, for example a port 80 must be open if you want to view
web pages.

How to close ports

To manually close ports and block protocols, click right click mice
on the folder network (My Network Places) and select Properties(Properties), the folder will open Network connections (Network Connections). Then right-click on the connection for which you want to close the ports and select again Properties. Select a line in the list Internet Protocol (TCP/IP) (Internet protocol(TCP/IP) and click on the button Properties(Properties).

On the tab Are common(General) click on the button Additionally(Advanced). In the dialog box that appears Extra options TCP/IP(Advanced TCP/IP Settings) go to the tab Options(Options), select the line TCP/IP Filtering(TCP/IP Filtering) and click on the button Properties(Properties). A dialog box will appear TCP/IP Filtering (TCP/IP filtering). To block ports TCP, UDP and protocols IP, for each of them select the item Only(Permit only).
This way you will successfully close all ports TCP, UDP and block the protocols IP.
Read how to fix errors in ports

However, closing all ports is not an option. You need to tell the system through which ports you can
transmit data. Remember what if you want to view web pages, you need to open the port 80 ! To open specific ports or allow certain protocols, click the button Add(Add). Specify the ports and protocols you want to open, and then click OK. Now only ports and protocols from the list you created will be used.

Please note that network services and applications use hundreds various ports TCP and UDP. If you only allow work with web sites (port 80), then you will not be able to use other Internet resources such as FTP, Email(e-mail), sharing to files, streaming audio and video etc. Therefore this method Only suitable when you want to minimize the number of network services and applications running on your computer.

Getting a list of ports available in the system

There are at least two ways:
1. The list of available ports can be found by analyzing the registry key
HKEY_LOCAL_MACHINE/HARDWARE/DEVICEMAP/SERIALCOMM
2. You can try opening the ports one by one COM1 .. COM9, this way it will be possible
install all available ports(i.e. ports, not open other applications).

How to disable unnecessary services Windows XP You can find out

Created 04/04/2012 10:33 with the help WWDC - Windows Worms Doors Cleaner, and in Skype Dear readers! Of course, you all know the concept of a Trojan virus. A Trojan virus is a malicious software that without the owner's knowledge personal computer can provide access to his data or at a specific address send your personal information. In order for the Trojan program started its work, certain ports .

What's happened computer ports? Port is a special tool for programs that work directly with Internet access. Thus, if your computer is not protected, then every program installed on your computer, and even more so a Trojan, will be able to open the port it needs. It is through this port that your data is accessed and sent to a specific address. In the same way, any external program can connect to any port on your computer. For example, they may give you a Trojan program that will open on your computer port, through which you can calmly carry all your important information.

To prevent this from happening, you must use programs that are designed to closing unused ports and to prevent unauthorized access. Such programs are called Firewalls. You can also avoid this situation using a special WWDC programs - Windows Worms Doors Cleaner, which will close unused and dangerous ports. And there is also a special 2ip service.ru, where you can check Is your computer safe?

In this lesson I will try to explain in detail how check And close ports. I'll take you to special service 2ip.ru, where you can check the security of your computer and where you need it download WWDC program - Windows Worms Doors Cleaner. With her help we will close ports, but first you need to check your computer for security.

So here's the lesson:

How check computer security 2ip service.ru?

• 1. First, launch the program Skype. For what? Then you will understand. Next, go to the service 2ip.ru, then click on horizontal menu"Tests". A page has opened on which you need to find “Security of your computer” in the list, click.


• 2. On this page we will check your computer for security. Click on the button " Check". Pressed? Now wait until the system checks completely. Oops, your computer is in danger!!! What to do? Don’t be alarmed, look at point (3.).


• 3. If the service showed a bad response, then you need to do the following steps: Open Skype, and in the top horizontal tab click “Tools”, then “Settings”, then the settings window will open Skype programs. In the left column of the menu, select the “Advanced” tab, then “Connection”, click.



• 4. Here in the line "Use ports 80 and 443 as...", uncheck the checkbox. And at the bottom you must click on the “Save” button, after which a message informer will open stating that all changes will be applied the next time you start Skype.



• 5. You need to get out Skype. At the bottom of the notification area, click on the small Skype icon right-click and select “Exit Skype”, click. In the next window, of course, click on the “Exit” button.


• 6. You need to check for safety again, follow the path as in points (1. and 2.). Have you arrived? Well now let's check it out. Hooray! Your computer is safe. But my friends, that's not all, because you need download WWDC program - Windows Worms Doors Cleaner from 2ip service.ru.

Download WWDC program - Windows Worms Doors Cleaner. Install And check ports. How close ports?

• 7. Download this program WWDC - Windows Worms Doors Cleaner from the 2ip.ru service. We go to the 2ip.ru service and in the horizontal menu click on the “Articles” tab. A page with a list has opened, here you need to find “How close ports?", press.


• 8. Here you can read an article about the WWDC program - Windows Worms Doors Cleaner. Have you read it? Now it's time for action. Look at the arrow, there is a link in the article, click on it. The service provides you with a file, and click on the “Save file” button.



• 9. How to download WWDC- Windows Worms Doors Cleaner, open the folder with the file in the downloads, then run this program. Attention! WWDC program - Windows Worms Doors Cleaner very small and it does not require installation. Open the file in two ways: either right-click to select "Open" or double click left mouse click on the file. After this, a window with a security warning will pop up, click on “Run”.



• 10. And now the same WWDC program - Windows Worms Doors Cleaner - has opened in front of you. And if you find a red icon with a cross in the list, this means that your computer has port. To close, you need to click on the "Close" button.


• 11. The program will inform you that you should restart your computer. You will have to agree, and after opening the window again, click “OK”, then “Yes”. The computer will reboot itself.



• 12. After reboot, check again, re-run WWDC - Windows Worms Doors Cleaner. And what do we see? Everything is fine! Close it.
• 13. I suggest you pin the WWDC - Windows Worms Doors Cleaner program to Start. Open the folder in which this program is located and right-click on it and select “Pin to Start Menu.” Ready!



Briefly about WWDC - Windows Worms Doors Cleaner. After each port closure the program will require you to restart your computer for the changes you made to take effect. As you can see in the picture, all the icons were Green colour- it means that ports are closed, and if a red icon appears, proceed as I said above. Regarding Skype, the port is open by default, but you don't want your computer to be at risk. Even during conversations Skype with friends, the Trojans calmly pass through open port. If you don't know what Skype is, there's a tutorial here"

WannaCry virus, also known as WannaCrypt or Wanna Decryptor, struck virtual world in May 2017. Malicious program penetrated local networks, infecting one computer after another, encrypted files on disks and demanded that the user transfer $300 to $600 to the ransomware to unlock them. Acted in a similar way Petya virus, who gained almost political fame in the summer of 2017.

Both network pests entered the operating system of the victim computer through the same door - network ports 445 or 139. Following two large viruses, smaller types of computer infections began to be exploited. What kind of ports are these that are scanned by all and sundry?

What are ports 445 and 139 responsible for in Windows?

These ports are used in Windows to share files and printers. The first port is responsible for the Server Message Blocks (SMB) protocol, and the second port runs the Network Basic Input-Output System (NetBIOS) protocol. Both protocols allow computers to Windows control connect over the network to “shared” folders and printers over the basic TCP and UDP protocols.

Since Windows 2000, collaboration with files and printers over the network is carried out mainly through port 445 on application protocol SMB. The NetBIOS protocol has been used for over earlier versions systems, operating through ports 137, 138 and 139, and this opportunity preserved for more later versions systems as an atavism.

Why are open ports dangerous?

445 and 139 is a subtle but significant vulnerability in Windows. By leaving these ports unprotected, you are opening the door wide to your HDD for uninvited guests such as viruses, Trojans, worms, and also for hacker attacks. And if your computer is connected to a local network, then all its users are at risk of infection with malicious software.

In effect, you are sharing your hard drive with anyone who can access these ports. If desired and skillful, attackers can view the contents hard drive, or even delete data, format the disk itself, or encrypt files. That's exactly what they did WannaCry viruses and Petya, the epidemic of which swept across the world this summer.

Thus, if you care about the security of your data, it would be a good idea to learn how to close ports 139 and 445 in Windows.

Finding out if the ports are open

In most cases, port 445 is open in Windows because printer and file sharing capabilities are automatically enabled when Windows installation. You can easily check this on your machine. Press the keyboard shortcut Win+R to open the window quick launch. In it, enter “ cmd" for start command line. At the command line, type “ netstat -na" and press Enter. This command allows you to scan all active network ports and display data about their status and current incoming connections.

After a few seconds, a port statistics table will appear. At the very top of the table the IP address of port 445 will be indicated. If the last column of the table contains the status "LISTENING", this means that the port is open. Similarly, you can find port 139 in the table and find out its status.

How to close ports in Windows 10/8/7

There are three main methods to close port 445 in Windows 10, 7 or 8. They do not differ much depending on the system version and are quite simple. You can try any of them to choose from. You can also close port 139 using the same methods.

Closing ports through the firewall

The first method, which allows you to close port 445 in Windows, is the simplest and is accessible to almost any user.

1. Go to Start > Control Panel > Windows Firewall and click on the link Extra options.
2. Click Rules for Incoming Exceptions > New Rule. In the window that appears, select For Port > Next > TCP Protocol > Specific Local Ports, enter 445 in the field next to it and click Further.
3. Next select Block connection and press again Further. Check three boxes again Further. Enter a name and, if desired, a description of the new rule and click Ready.

Now the possibility of incoming connections to port 445 will be closed. If necessary, a similar rule can be created for port 139.

Closing ports via the command line

The second method involves command line operations and is more suitable for advanced Windows users.

1. Click Start and in the search bar at the bottom of the menu, type “ cmd". In the list that appears, right-click on cmd and select Run as administrator.
2. Copy the command into the command line window netsh advfirewall set allprofile state on. Click Enter.
3. Then copy next command: netsh advfirewall firewall add rule dir=in action=block protocol=TCP localport=445 name="Block_TCP-445". Click Enter again.

As a result of the procedure, a Windows Firewall rule will also be created to close port 445. Some users, however, report that this method does not work on their machines: when checking, the port remains in the “LISTENING” status. In this case, you should try the third method, which is also quite simple.

Closing ports through the Windows registry

You can also block connections to port 445 by making changes to system registry. This method should be used with caution: Windows registry is the main database of the entire system, and an accidental error can lead to unpredictable consequences. Before working with the registry, it is recommended to do backup copy, for example, using the CCleaner program.

1. Click Start and in the search bar enter "regedit". Click Enter.
2. In the registry tree, navigate to the following directory: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters.
3. A list of options will appear on the right side of the window. Right-click in an empty list area and select Create. From the drop-down menu, select DWORD value (32-bit) or DWORD value (64-bit) depending on your system type (32-bit or 64-bit).
4. Rename new parameter V SMBDeviceEnabled, and then double-click on it. In the window that appears Changing a parameter in field Meaning replace 1 with 0 and press OK for confirmation.

This method is most effective if you follow the above instructions exactly. It should be noted that it only applies to port 445.

To make the protection more effective, after making changes to the registry, you can also disable Windows service Server. To do this, do the following:

1. Click Start and enter in the search bar "services.msc". A list will open system services Windows.
2. Find Server service and double click on it. As a rule, it is located somewhere in the middle of the list.
3. In the window that appears, in the drop-down list Startup type select Disabled and press OK.

The above methods (with the exception of the third) allow you to close not only port 445, but also ports 135, 137, 138, 139. To do this, when performing the procedure, simply replace the port number with the desired one.

If you later need to open ports, simply delete the created rule in Windows Firewall or change the value of the parameter created in the registry from 0 to 1, and then enable the service back Windows Server by selecting from the list Startup type meaning Automatically instead of Disabled.

Important! It is important to remember that port 445 in Windows is responsible for sharing files, folders and printers. So if you close this port, you will no longer be able to “share” shared folder for other users or print a document over the network.

If your computer is connected to a local network and you need these functions for work, you should use by third party means protection. For example, activate firewall your antivirus, which will take control of all ports and monitor them for unauthorized access.

By following the recommendations above, you can protect yourself from invisible but serious vulnerabilities in Windows and protect your data from numerous types of malicious software. software, which is able to penetrate the system through ports 139 and 445.

By default, the Windows operating system has several open ports that are used for different network protocols. In most cases, these protocols and their associated ports and Windows services are absolutely not needed - one is enough to work on the Internet standard protocol TCP/IP. In addition, some open ports make the computer vulnerable to hacker attacks. This article explains how to disable unnecessary open ports in Windows XP.

In order to find out which ports are open, you will need the FPORT console program, which can be downloaded, or the TCPView program (you can download it), or the CurrPorts program (download).

Having unpacked the FPORT program, the fport.exe program file should be placed in the directory with the operating system (for example, C:\WINDOWS), and now you can call this program by creating a shortcut with the parameter cmd /k fport or entering this sequence cmd commands/k fport in the program launch window (Start --> Run). Here the command processor (cmd) is called with the /k parameter, this parameter tells the command processor not to close its window after executing the fport.exe program.

By running the fport.exe utility, you can see a list of open ports:

FPort v2.0 - TCP/IP Process to Port Mapper Copyright 2000 by Foundstone, Inc. http://www.foundstone.com Pid Process Port Proto Path 756 -> 135 TCP 4 System -> 139 TCP 4 System -> 445 TCP 404 -> 1028 TCP 404 -> 123 UDP 0 System -> 123 UDP 0 System - > 137 UDP 0 System -> 138 UDP 756 -> 445 UDP 4 System -> 500 UDP 0 System -> 1900 UDP 4 System -> 4500 UDP

These are typical open ports on a newly installed Windows XP SP3 operating system.

These open ports can also be shown by the TCPView program:

And the CurrPorts program:

Port assignment

• 123 - Network Time Protocol (NTP) - synchronizes the computer clock.
• 135 - Remote call procedures (RPC).
• 137 - NetBIOS - Protocol for working with local network- (netbios-ns service - NETBIOS naming service).
• 138 - NetBIOS - Protocol for working with a local network - (netbios-dgm service - NETBIOS datagram service).
• 139 - NetBIOS - Protocol for working with a local network - (netbios-ss service - NETBIOS session service).
• 445 - TCP/IP - MS Network access(microsoft-ds service).
• 500 - IPSec (VPN tunneling) - Internet Key Exchange (IKE).
• 1028 is a port dynamically allocated by the Windows operating system; for this, ports with numbers greater than 1024 are used.
• 1900 - UPnP.
• 4500 - IPSec (VPN tunneling) - NAT traversal.

IN in this example to work on the Internet you need only one port - 1028 s TCP protocol. Other ports can be disabled.

Disabling open ports

To disable ports 123, 135, 138, 139, 445, 500, 1900 and 4500 you will need the PORTS OFF program, which can be downloaded. This program allows you to disable both unnecessary ports and unnecessary services - Remote Registry Service and Messenger Service.

The program is intended for operating system Windows XP/2000/2003.

How to use the PORTS OFF program.
Having set the necessary switches to the OFF position, you should click the Apply button, after which you will need to restart the computer for the changes to take effect. After the first use of the program, the settings associated with ports 135, 137-139 and 445 will be saved and, if necessary, they can be easily restored (the Restore Default buttons are for this purpose).

With the ports disabled, the computer is protected from hacker attacks and worms and viruses. It should be noted that if port 123 is disabled system time on the computer will need to be adjusted manually, so this port can, in principle, be left open or used for time synchronization of some kind third party program, for example, NIST, which can be downloaded. To synchronize your computer's internal clock, this console program should be launched with the following parameters:

nist.exe ntp.okstate.edu -s

Here ntp.okstate.edu is the name of the exact time server (you can use another server, for example, time.windows.com);
-s is a parameter that tells the program to synchronize the computer's system clock.

To avoid typing these commands every time, you can make a shortcut to launch the NIST utility:

The shortcut parameters are selected as follows ( cmd.exe /k nist.exe ntp.okstate.edu -s) so that the console output window does not close after execution.