To prevent vulnerabilities from being exploited, you need to take necessary measures to disable these ports to ensure system security.
window2003
Disable the method for port 135
To disable this port, simply stop the DCOM interface service. The following is the detailed operation process.
1. Open the Component Services console
Press WIN+R to open the run dialog box, enter dCOMCNFG, and click OK to open the Component Services console.
2. Click the “Computer” node and click the “Computer” project under “Component Services”, as shown in the picture:
3. Open the “My Computer” property setting window
To the right of the Computer option, right-click My Computer and choose Properties. As shown in figure:
4. Disable “Enable distributed COM on this computer”
In the My Computer Properties dialog box, switch to the Default Properties TAB, and remove the check box before Enable Distributed COM on this computer. As shown in figure:
5. Delete connection-oriented TCP/IP
Switch to the Default Protocol TAB, select Connection-Oriented TCP/IP, and click the Remove button. And don’t forget to click ok. As shown in figure:
Method to disable port 137/138/139
1. Disable the Server service
Press WIN+R to open the run window, enter services. MSC, and press Enter to open the Service Manager.
Locate the Server name, right-click it, and then click Properties to go to the Properties Settings window. Click the “Stop” button in the Properties window, select “Disable” for “Startup Type”, and click “OK”.
2. Disable NetBIOS over TCP/IP
1). Set the Local Area Connection Status property
Open Local Area Connection Status and click Properties
2) Set the Internet Protocol version 4 (TCP/IPv4) property
Select Internet Protocol Version 4 (TCP/IPv4) and click Properties. Click “Advanced” in the pop-up window.
3), select disable NetBIOS over TCP/IP
In the Advanced TCP/IP Settings window, switch to the WINS TAB and select Disable NetBIOS over TCP/IP. Don’t forget to click ok.
Local port 137/138/319 is disabled.
Disable ports using group policies
1. Open the Group policy editor. Press WIN+R to open the running window, enter gpedit. MSC, and press Enter to enter the group policy editor.
Choose Computer Configuration > Windows Settings > Security Settings. Then click IP Security Policy, on local Computer. Right-click IP Security Policy in the blank area on the right and click Create IP Security Policy… .
In the IP Security Policy wizard dialog box, click Next. In the name of the dialog box that appears, write “Close Port 445” (optional) and click Next; In the dialog box, deselect Activate default response rule and click Next. Select Edit Properties and click Finish.
3. Add IP security rules
In the Properties window, uncheck The Use Add Wizard and click the Add button.
4. Add new rule attributes
In the “New Rule Properties” window, click the “Add” button.
5. Add an IP address filter
In the “IP Filter List” window, enter a name (optional), uncheck “Use the Add Wizard”, and click the “Add” button.
6. Set IP filter properties
In the Set IP Filter Properties window that is displayed, select Any IP address for the source address and Select My IP address for the destination address on the Addresses TAB page.
On the Protocol TAB page, set the protocol type to TCP (135\139\445 is a TCP port, while 137\138 is a UDP port), and set the IP protocol ports to From any port and to this Port. “To this port” is the port you want to turn off. Fill in whatever it is, e.g. 445. Finally click the “OK” button.
Finally, configure policies to block ports 135/445.
Reference article:
www.webkaka.com/blog/archiv…
Win2003 Closing ports from group policy (445/135/137/138/139/3389, etc.) tutorial
www.webkaka.com/blog/archiv…
To disable port 137/138/139, disable NetBIOS on TCP/IP
www.webkaka.com/blog/archiv…