How to disable ports 135, 139, and 445

By default, many Windows ports are open. When you access the Internet, network viruses and hackers can connect to your computer through these ports. To change your system to a copper wall, you should close these ports, mainly including TCP 135, 139, 445, 593, 1025, and UDP 135, 137, 138, and 445, some popular Backdoor Ports (such as TCP 2745, 3127, and 6129) and remote service access port 3389. The following describes how to disable these Network Ports in WinXP/2000/2003:

Step 1:
Click "start" menu/settings/control panel/management tools, double-click to open "Local Security Policy", select "IP Security Policy, on the local computer ", right-click the blank position in the right pane, and select "create IP Security policy" (as shown in the figure on the right) in the shortcut menu. A wizard is displayed. Click "Next" in the Wizard to name the new security policy. Then, press "Next" to display the "Secure Communication Request" screen, remove the hooks on the left of "Activate default rules" on the screen. Click "finish" to create a new IP Security Policy.

Step 2:
Right-click the IP Security Policy. In the "properties" dialog box, remove the hook on the left of "use add wizard", and click "add" to add a new rule, then, the "new rule attributes" dialog box appears. Click the "add" button on the screen to bring up the IP Filter list window. In the list, remove the check on the left of "use add wizard, then, click "add" on the right side to add a new filter.

Step 3:
In the "Filter Properties" dialog box, you will first See Addressing. Select "any IP Address" as the source address, select "my IP Address" as the target address, and click the "protocol" tab, in the "select protocol type" drop-down list, select "TCP" and enter "135" in the text box under "to this port ", click the "OK" button (such as the picture on the left) to add a filter to shield the TCP 135 (RPC) port, which can prevent the outside world from connecting to your computer through port 135.

Click "OK" and return to the filter List dialog box. A policy has been added, repeat the preceding steps to add TCP 137, 139, 445, 593, UDP 135, 139, and 445 ports and create corresponding filters for them.

Repeat the preceding steps to add a blocking policy for TCP ports 1025, 2745, 3127, 6129, and 3389, create a filter for the preceding port, and click OK.

Step 4:
In the "new rule attributes" dialog box, select "new IP Filter list" and click a dot in the circle on the left to activate the filter. Then, click the "Filter Operations" tab. On the "Filter Operations" tab, remove the hooks on the left of "use add wizard" and click "add" to add the "Block" Operation (right ): on the "Security Measures" tab of "New Filter operation properties", select "Block" and click "OK.

Step 5:
In the "new rule attributes" dialog box, click "New Filter operation". A dot is added to the circle on the left to indicate that the operation has been activated. Click "close" to close the dialog box; return to the "new IP Security Policy attributes" dialog box, tick the left side of the "new IP Filter list", and click "OK" to close the dialog box. In the "Local Security Policy" window, right-click the newly added IP Security Policy and select "Assign ".

After the restart, the above network ports on the computer are closed, and viruses and hackers can no longer connect to these ports, thus protecting your computer.

1. Close port 135

Windows 2000 or XP users are overwhelmed by the worm that exploits the RPC service vulnerability today. The main attack means of this virus is to scan port 135 of the computer for attacks, now I want to teach you a way to manually close port 135. Although the problem cannot be completely solved, it is also a pressing problem. Updating Microsoft patches is still necessary.
Open the rpcss. dll file in your system x: winntsystem32 or x: windowssystem32 with a 16-core editing software (UltraEdit is recommended.

Replace 31 00 33 00 35 with 30 00 30 00 30
Search for port 3100330035 and replace it with port 3000300030, which means to change port 135 to port 000.
Now that the task has been modified, the following problems may occur. Because the file is running, it cannot be overwritten in Windows. If you are a FAT32 file system, direct the system to the DOS environment and overwrite the original file with the modified file.
If the NTFS format is used, it is relatively troublesome. Security mode. Then, start the pulist process. Then, use the pskillprogram (the svchost.exe program is killed in the lower part of the hacker website. And then COPY it.
Overwrite and restart. Run the netstat-an command to check that there is no port 2000 in Windows 135. There is also TCP 135 in the XP system, but there is no port 135 in UDP.

2. Close port 445

There are many ways to disable port 445, but I recommend the following methods:

Modify the registry and add a key value

Hive: HKEY_LOCAL_MACHINE

Key: SystemCurrentControlSetServicesNetBTParameters

Name: SMBDeviceEnabled

Type: REG_DWORD

Value: 0


After the modification, restart the machine and run "netstat-an". You will find that your port 445 is no longer Listening.