Bugtraq mailing list archives
Re: SUMMARY: Disabling Port 445 (SMB) Entirely
From: "Shaolin Tiger" <shaolin () shaolin-tiger com>
Date: Mon, 2 Sep 2002 12:21:21 +0100
# Port 445 - This is a highly debated area by Microsoft themselves and many others # It's uses are discussed here: http://ntsecurity.nu/papers/port445/ # # Method 1: Steps in Windows 2000 Professional, SP2: (Please read others below before proceeding as this one may prevent # # DHCP from functioning correctly which most Cable ISPs require and some Other ISPs too) # # 1. Open Computer Management # # 2. Click on Device Manager # # 3. Select View: Show Hidden Devices # # 4. Click on Non-Plug and Play Drivers # # 5. Open Properties for NetBIOS over TCPIP # # 6. Click on Disable # # 7. Reboot per prompt # # If you do not disable the TCP/IP NetBIOS Helper Service at the same time an error will be logged to the system event log. # # You can Disable this service in Administrative Tools - Services if desired as detailed below. # # Alternate Procedure: The following information was developed, tested, and supplied by T-1 (t1 () san rr com) # # Go to : # # HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\ # # Value Name: TransportBindName # # Data: \device\ # # Either Rename TransportBindName to something like TransportBindNameX (Easier to change back later) # # Or Delete \device\ # # Then Reboot. # # The Registry tweak is more flexible because the NetBT driver is allowed to run #
From : http://www.darknet.org.uk/content/files/securewin2k.txt
.: http://www.security-forums.com :. Share your knowledge It's a way to achieve Immortality. ----- Original Message ----- From: "Andrew Oman" <Andrew.Oman () predictive com> To: <bugtraq () securityfocus com>; <vuln-dev () securityfocus com> Sent: Friday, August 30, 2002 6:21 PM Subject: Re: SUMMARY: Disabling Port 445 (SMB) Entirely
I hope this adds a little bit on one more method of diabling/unbinding SMB: ( sorry if the cross-post was not appropriate )
http://www.microsoft.com/ntserver/techresources/commnet/WINS/WINSwp98/WINS11 -12.asp
HKLM\System\Controlset001\Services\NetBT\Parameters Non-Configurable Parameters The following parameters are created and used internally by the NetBT components. They should never be modified using the Registry Editor. They are listed here for reference only. TransportBindName Key: Netbt\Parameters Value Type: REG_SZ - Character string Valid Range: N/A Default: \Device\ Description: This parameter is used internally during product development. The default value should not be changed. SMBDeviceEnabled Key: Netbt\Parameters Value Type: REG_DWORD—Boolean Valid Range: 0, 1 (false, true) Default: 1 (true)
<snip>
Current thread:
- Re: SUMMARY: Disabling Port 445 (SMB) Entirely Shaolin Tiger (Sep 03)