Every day, PC owners are faced with a huge number of dangerous programs and viruses that one way or another get on HDD and become the cause of leakage of important data, computer breakdown, theft of important information and other unpleasant situations.

Most often, computers running on Windows of any version, be it 7, 8, 10 or any other, are infected. The main reason for such statistics is incoming PC connections or "ports", which are the weak point of any system due to their availability by default.

The word "port" is a term that refers to the serial number of incoming connections that are directed to your PC from external software. It often happens that these ports use viruses that easily penetrate your computer using an IP network.

Viral software, once it enters the computer through such incoming connections, it quickly infects all important files, not only user files, but also system ones. To avoid this, we recommend that you close all standard ports, which can become your vulnerable spot when attacked by hackers.

Which ports are the most vulnerable in Windows 7-10?

Numerous studies and surveys of experts show that up to 80% of malicious attacks and hacks occurred using the four main ports used to quickly transfer files between different versions of Windows:

• TCP port 139 required for remote connection and PC control;
• TCP port 135, intended for executing commands;
• TCP port 445 for fast file transfer;
• UDP port 137, through which a quick search on the PC is carried out.

Close ports 135-139 and 445 in Windows

We suggest that you familiarize yourself with the simplest ways to close Windows ports that do not require additional knowledge and professional skills.

Using the command line

Command Windows string- this is a software shell that is used to set certain functions and parameters for software that does not have its own graphical shell.

In order to start the command line, you must:

1. Simultaneously press the key combination Win + R
2. In the command line that appears, enter cmd
3. Click on the "OK" button

A working window with a black background will appear, in which you need to enter the following commands one by one. After each line entered, press the Enter key to confirm the action.
netsh advfirewall firewall add rule dir=in action=block protocol=tcp localport=135 name="Block1_TCP-135"(command to close port 135)
netsh advfirewall firewall add rule dir=in action=block protocol=tcp localport=137 name="Block1_TCP-137"(command to close port 137)
netsh advfirewall firewall add rule dir=in action=block protocol=tcp localport=138 name="Block1_TCP-138"(command to close port 138)
netsh advfirewall firewall add rule dir=in action=block protocol=tcp localport=139 name="Block_TCP-139"(command to close port 139)
netsh advfirewall firewall add rule dir=in action=block protocol=tcp localport=445 name="Block_TCP-445"(command to close port 445)
netsh advfirewall firewall add rule dir=in action=block protocol=tcp localport=5000 name="Block_TCP-5000"

The six commands we have given are needed to: close 4 vulnerable Windows TCP ports (open by default), close UDP port 138, and close port 5000, which is responsible for displaying a list of available services.

We close ports with third-party programs

If you don't want to waste time with command line we invite you to familiarize yourself with third party applications. The essence of such software is to edit the registry in automatic mode with a graphical interface, without the need for manual entry of commands.

According to our users, the most popular program for this purpose is Windows Doors Cleaner. It will help you to easily close ports on a computer running Windows 7/8/8.1/10. Older versions of operating systems are unfortunately not supported.

How to work with a program that closes ports

In order to use Windows Doors Cleaner, you must:

1. Download software and install it
2. Run the program by right-clicking on the shortcut and selecting "run as administrator"
3. In the working window that appears, there will be a list of ports and the “Close” or “Disable” buttons that close vulnerable Windows ports, as well as any others you wish
4. After the necessary changes have been made, you must reboot the system

Another advantage of the program is the fact that with its help you can not only close ports, but also open them.

Drawing conclusions

Closing vulnerable network ports in Windows is not a panacea for all ills. It is important to remember that network security can only be achieved through comprehensive actions aimed at closing all the vulnerabilities of your PC.

For safety Windows user it is mandatory to install critical updates from Microsoft, have licensed anti-virus software and an enabled firewall, use only safe software and regularly read our articles in which we talk about all the existing ways to achieve anonymity and security of your data.

Do you know better ways to close network ports? Share your knowledge in the comments and do not forget to repost the article to your page. Share useful information with your friends and don't give hackers a chance to harm your loved ones!

Yesterday, unknown people staged another massive attack using a ransomware virus. Experts said that dozens of large companies in Ukraine and Russia were affected. The ransomware is called Petya.A (probably, the virus is named after Petro Poroshenko). They write that if you create a perfc file (without extension) and place it at C:\Windows\, the virus will bypass you. If your computer went into a reboot and started "checking the disk", you need to turn it off immediately. Booting from a LiveCD or USB will give you access to the files. Another way to protect yourself is to close ports 1024-1035, 135 and 445. We will now understand how to do this using the example of Windows 10.

Step 1
Go to Windows Firewall(it is better to choose the enhanced security mode), select the tab " Extra options».
Select the tab " Rules for incoming connections", then action " Create Rule” (in the right column).

Step 2
Select the type of rule - " for Port". In the next window select " TCP protocol”, specify the ports that you want to close. In our case, this 135, 445, 1024-1035 " (without quotes).

Step 3
Select the item " Block connection”, in the next window we mark all profiles: Domain, Private, Public.

Step 4
It remains to come up with a name for the rule (so that it will be easy to find in the future). You can specify a description for the rule.

If some programs stop working or start to work incorrectly, you may have blocked the port they are using. You will need to add an exception in the firewall for them.

135 TCP port used by remote services (DHCP, DNS, WINS, etc.) and in Microsoft client-server applications (eg Exchange).

445 TCP port used in Microsoft Windows 2000 and later for direct TCP/IP access without using NetBIOS (for example, in Active Directory).

Publication

The WannaCry virus, also known as WannaCrypt or Wanna Decryptor, hit the virtual world in May 2017. The malware penetrated local networks, infecting one computer after another, encrypted files on disks, and required the user to transfer $300 to $600 to ransomware to unlock them. The Petya virus, which gained almost political notoriety in the summer of 2017, acted in a similar way.

Both network pests penetrated the operating system of the victim computer through the same door - network ports 445 or 139. Following the two major viruses, smaller types of computer infection began to exploit. What are these ports that are scanned by everyone who is not lazy?

What are ports 445 and 139 responsible for in Windows

These ports are used by Windows to share files and printers. The first port is responsible for the Server Message Blocks (SMB) protocol, and the Network Basic Input-Output System (NetBIOS) protocol works through the second. Both protocols allow computers under Windows control connect over the network to "shared" folders and printers over the main TCP and UDP protocols.

Starting with Windows 2000, file and printer sharing over a network is done primarily through port 445 using the SMB application protocol. The NetBIOS protocol was used in earlier versions of the system, working through ports 137, 138 and 139, and this feature was retained in later versions of the system as a throwback.

Why open ports are dangerous

445 and 139 is a subtle but significant vulnerability in Windows. Leaving these ports unprotected opens the door wide to your hard drive for intruders like viruses, trojans, worms, and hacker attacks. And if your computer is on local network, then all its users are at risk of being infected with malware.

In effect, you are sharing your hard drive with anyone who can access these ports. If desired and skill, attackers can view the content hard drive, or even delete data, format the disk itself, or encrypt files. This is exactly what the WannaCry and Petya viruses did, the epidemic of which swept the world this summer.

Thus, if you care about the security of your data, it will not be out of place to learn how to close ports 139 and 445 in Windows.

Finding out if ports are open

In most cases, port 445 is open in Windows because printer and file sharing features are automatically enabled even when Windows installation. This can be easily checked on your machine. Press keyboard shortcut Win+R to open the window quick start. In it enter “ cmd" to run the command line. At the command line, type " netstat-na" and press Enter. This command allows you to scan all active network ports and display data about their status and current incoming connections.

After a few seconds, the port statistics table will appear. At the very top of the table, the IP address of port 445 will be indicated. If the status in the last column of the table is “LISTENING”, it means that the port is open. Similarly, you can find port 139 in the table and find out its status.

How to close ports in Windows 10/8/7

There are three main methods to close port 445 in Windows 10, 7 or 8. They do not differ much from each other depending on the version of the system and are quite simple. You can try any of them to choose from. You can also close port 139 in the same way.

Close ports through firewall

The first method, which allows you to close port 445 in Windows, is the simplest and is available to almost any user.

1. Go to Start > Control Panel > Windows Firewall and click on the link Extra options.
2. Click Inbound Exception Rules > New Rule. In the window that appears, select For Port > Next > TCP Protocol > Defined Local Ports, in the field next to enter 445 and click Further.
3. Next select Block connection and press again Further. Check three checkboxes again Further. Specify a name and optionally a description for the new rule and click Ready.

Now the possibility of incoming connection to port 445 will be closed. If necessary, a similar rule can be created for port 139.

Closing ports via command line

The second method involves command line operations and is more suitable for advanced Windows users.

1. Click Start and in the search bar at the bottom of the menu, type “ cmd". In the list that appears, right-click on cmd and select Run as administrator.
2. Copy the command into the command line window netsh advfirewall set allprofile state on. Click Enter.
3. Then copy the following command: netsh advfirewall firewall add rule dir=in action=block protocol=TCP localport=445 name="Block_TCP-445". Click Enter again.

This procedure will also create a Windows Firewall rule to close port 445. Some users, however, report that this method does not work on their machines: when checked, the port remains in the “LISTENING” status. In this case, you should try the third method, which is also quite simple.

Closing ports through the Windows registry

You can also block connections to port 445 by making changes to the system registry. Use this method with caution: Windows registry is the main database of the entire system, and an accidental mistake can lead to unpredictable consequences. Before working with the registry, it is recommended to do backup, for example, using the CCleaner program.

1. Click Start and in the search bar type “regedit”. Click Enter.
2. In the registry tree, change to the following directory: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters.
3. A list of options will be displayed on the right side of the window. Right-click in an empty area of ​​the list and select Create. From the drop-down menu, select DWORD value (32-bit) or DWORD value (64-bit) depending on your system type (32-bit or 64-bit).
4. Rename the new setting to SMBDeviceEnabled, and then double-click on it. In the displayed window Changing a parameter in field Meaning replace 1 with 0 and click OK for confirmation.

This method is most effective if you follow the instructions above exactly. Note that it only applies to port 445.

In order for protection to be more effective, after making changes to the registry, you can also disable the service Windows Server. To do this, do the following:

1. Click Start and in the search bar type "services.msc". A list of Windows system services will open.
2. Find the Server service and double click on it. As a rule, it is located somewhere in the middle of the list.
3. In the window that appears, in the drop-down list Launch type select Disabled and press OK.

The above methods (with the exception of the third one) allow you to close not only port 445, but also ports 135, 137, 138, 139. To do this, when performing the procedure, simply replace the port number with the one you need.

If you later need to open ports, simply delete the created rule in the Windows firewall or change the value of the registry value created in the registry from 0 to 1, and then turn it back on Windows Service Server by selecting from the list Launch type meaning Automatically instead of Disabled.

Important! It must be remembered that port 445 in Windows is responsible for sharing files, folders, and printers. Thus, if you close this port, you will no longer be able to "share" the shared folder for other users or print a document over the network.

If your computer is connected to a local network and you need these functions to work, you should use third-party security tools. For example, activate the firewall of your antivirus, which will take control of all ports and will monitor them for unauthorized access.

By following the recommendations above, you can protect yourself from a subtle but serious vulnerability in Windows and protect your data from numerous types of malware that can enter the system through ports 139 and 445.

→ How to close vulnerable ports in Windows?

How to close vulnerable ports in Windows?

In the world, almost every day, dozens of computers are infected with dangerous viruses, and more and more users are beginning to look for ways to improve the security of their personal computer.

PCs running the operating system are most often infected Windows systems. This is due to the fact that most viruses enter the OS through certain incoming connections, the so-called "ports", which, unfortunately, are enabled by default.

Simplifying somewhat, the concept of "port" can be defined as the number of incoming connection of external programs (including viruses) to your computer via an IP network. Each port is assigned a unique number to identify the only possible destination for data in the operating system.

Having penetrated the computer, viruses begin to infect user data and open all previously closed Windows ports for faster spread through the system. To prevent this from happening, it is necessary to block the most vulnerable ports, thereby preventing the possibility of infection and raising Windows security to a higher level.

The most vulnerable ports of Windows 7 - 10

• TCP port 445 (it is used for file sharing)
• TCP port 139 (intended for remote connection to a computer)
• UDP port 137 (used to search for information on other computers)
• TCP port 135 (commands are executed through it)

How to close ports 135 to 139 and 445 in Windows?

There are many options for closing Windows ports, but in the article we will consider the most simple ways do it.

Method 1 - using the command line

The Windows command line is used to set values ​​for those system settings that do not have a graphical interface. These functions include the considered open connection ports.

The command line is launched in several stages:

• Press the key combination Win+R
• In the command window that appears, type CMD
• Click "OK"

You will see a window with a black background. Copy the following lines one by one and press the enter key:

netsh advfirewall firewall add rule dir=in action=block protocol=tcp localport=135 name="Block1_TCP-135"

netsh advfirewall firewall add rule dir=in action=block protocol=tcp localport=137 name="Block1_TCP-137"

netsh advfirewall firewall add rule dir=in action=block protocol=tcp localport=138 name="Block1_TCP-138"

netsh advfirewall firewall add rule dir=in action=block protocol=tcp localport=139 name="Block_TCP-139"(command helps close port 139)

netsh advfirewall firewall add rule dir=in action=block protocol=tcp localport=445 name="Block_TCP-445"(command helps close port 445)

netsh advfirewall firewall add rule dir=in action=block protocol=tcp localport=5000 name="Block_TCP-5000"

These six teams close out the 4 most dangerous open tournaments listed above. Windows port, as well as port 5000, which is responsible for discovering open services, and UDP port 138 for NetBIOS name resolution.

Method 2 - using third-party programs

In order not to use manual work with the command line, you can use third-party software. The essence of his work comes down to the same editing of the registry as in the method above, only in a visual display.

Instructions for working with a program that closes ports

1. 1. 1. Download and install the program

1. 1. 2. Installed program must be run with administrator rights

1. 1. 3. In the window that appears, when you press the "Close" or "Disable" buttons, all vulnerable Windows ports are disabled and closed

It is important to note that with this program you can not only close, but also open ports.

Conclusion

In addition to closing the most dangerous network ports on your computer, you must not forget that these actions do not achieve maximum security for operating system.

Your Windows needs to install Critical Service Packs sent by Microsoft, antivirus programs, secure browsers, and other security and anonymity software.

We invite you to discuss the topic of protecting network ports in the comments and share useful methods for improving privacy. Don't forget to send the link to this article to your friends so they too know how to close open Windows ports.

Also watch our video where we go into more detail on how to close vulnerable ports: