Tin tổng hợp

Multiple Pop Ups With Threat Secured Smb: Cve, Microsoft Cve – viettingame

I”ve had constant warnings of blocking vulnerability CVE-2017-0144 in SMB exploited by the WannaCryptor ransomeware by Avast Premier. I”m aware this first occurred back in 2017 and since then everyone has since patched up their computer”s, me included, and supposedly successfully blocked port 445. I”ve not had this security warning for a long time until a couple of days ago. Furthermore, on checking the command prompt using netstat -na I”ve found that port 445 is in fact open and still listening. So I followed every method as recommended in the following article: https://www.backup-utility.com/anti-ransomware/how-to-block-port-445-in-windows-3889.html

 

However, even after trying all of them, port 445 appears to still remain open, while I still appear to get the warning. Any suggestions on what to do next in order to close the port and stop the message constantly re-occurring?

 

Thank you.

Đang xem: Cve

Attached Files

BC AdBot (Login to Remove)

*

viettingame.comRegister to remove ads

#2buddy215

buddy215

*

Moderator17,142 postsOFFLINEGender:MaleLocation:West TennesseeLocal time:01:22 AM

Posted 27 August 2019 – 02:36 PM

If you follow the instructions for closing 445 in Windows firewall in link below you should be okay.

Your image does show it open.

Top Three Easy Methods to Block TCP Port 445 in Windows 10/7/XP

“Every atom in your body toàn thân came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics…you are all stardust.”― Lawrence M. KraussA 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

Republican senators will DID approve of insurrection and attempted coup led by Trump.

 

 

#3Didier Stevens

Didier Stevens

*

BC Advisor2,948 postsOFFLINEGender:Not TellingLocal time:08:22 AM
Posted 27 August 2019 – 03:25 PM

I see that your computer has a private IP address.

 

Is that computer on a hostile network? I assume it doesn”t have an interface with a public IP?

Didier Stevenshttp://blog.DidierStevens.comhttp://DidierStevensLabs.com

SANS ISC Senior HandlerMicrosoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2022

 

If you send me messages, per Bleeping Computer”s Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don”t want this, don”t send me messages.

 

Stevens” law: “As an trực tuyến security discussion grows longer, the probability of a reference to BadUSB approaches 1.0”

#4compbuff

compbuffTopic Starter

*

Members169 postsOFFLINEGender:MaleLocal time:06:22 AM
Posted 27 August 2019 – 03:59 PM

buddy215 I”m not sure if you saw my own link. It was that same article that I tried all 3 methods from and the port is still open.

 

Didier Stevens No it isn”t. It was connected to my home network.

Edited by compbuff, 27 August 2019 – 04:04 PM.

#5buddy215

buddy215

*

Moderator17,142 postsOFFLINEGender:MaleLocation:West TennesseeLocal time:01:22 AM

Posted 27 August 2019 – 04:52 PM

When I run the tests at GRC | ShieldsUP! — Internet Vulnerability Profiling it shows all of the commonly used ports are stealthed.

Example:

*

*

   

Take a minute or two and run the tests File Sharing, Common Ports, Service Ports and Browser Headers

“Every atom in your body toàn thân came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics…you are all stardust.”― Lawrence M. KraussA 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

Republican senators will DID approve of insurrection and attempted coup led by Trump.

 

 

#6Didier Stevens

Didier Stevens

*

BC Advisor2,948 postsOFFLINEGender:Not TellingLocal time:08:22 AM
Posted 27 August 2019 – 05:05 PM

If you”re on your home network, you can”t receive incoming connections from the Internet directly to your computer (unless you configured port forwarding).

 

You don”t have to worry about open ports on your computer if said computer is on your home network and not exposed on the Internet.

 

So where are these packets coming from? Do you have other Windows computers on your network?

Didier Stevenshttp://blog.DidierStevens.comhttp://DidierStevensLabs.com

SANS ISC Senior HandlerMicrosoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2022

 

If you send me messages, per Bleeping Computer”s Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don”t want this, don”t send me messages.

 

Stevens” law: “As an trực tuyến security discussion grows longer, the probability of a reference to BadUSB approaches 1.0”

#7compbuff

compbuffTopic Starter

*

Members169 postsOFFLINEGender:MaleLocal time:06:22 AM
Posted 28 August 2019 – 03:48 AM

Didier Stevens No, but I have my phone, ipad and printer connected to my network,hence the extra packets. I also do use my dongle to connect to my máy tính. when I am out and not at work but never connect to a public network. 

 

 

You don”t have to worry about open ports on your computer if said computer is on your home network and not exposed on the Internet.

 

Yes, because the home network is protected by my router”s firewall and the security programs but that doesn”t help me in stopping the security warning going off constantly and also because leaks can expose an open port even on a home network otherwise people would never get malware or virus attacks on their home network, so I would prefer the port closed.

Edited by compbuff, 28 August 2019 – 06:32 AM.

Xem thêm: 2 trò chơi Mô Phỏng Trẻ trung Của Gameloft (Sở hữu Data): Green Farm 3 V4, Tải về Green Farm 3 For Pc/Green Farm 3 On Pc

#8compbuff

compbuffTopic Starter

*

Members169 postsOFFLINEGender:MaleLocal time:06:22 AM

Posted 28 August 2019 – 05:47 AM

buddy215

I ran the tests. For the file sharing test port 139 is fully stealthed and my PC does not expose my internal NetBios over the internet. For the commonly used ports all 32 ports were stealthed. For the service ports all of the first 1056 ports were steathed. For the browser headers the entire contents of my browser”s request for this page was given but no assessment or explanation of the results.

Edited by compbuff, 28 August 2019 – 05:48 AM.

#9Didier Stevens

Didier Stevens

*

BC Advisor2,948 postsOFFLINEGender:Not TellingLocal time:08:22 AM

Posted 28 August 2019 – 03:02 PM

Didier Stevens No, but I have my phone, ipad and printer connected to my network,hence the extra packets. I also do use my dongle to connect to my máy tính. when I am out and not at work but never connect to a public network. 

 

 

You don”t have to worry about open ports on your computer if said computer is on your home network and not exposed on the Internet.

 

Yes, because the home network is protected by my router”s firewall and the security programs but that doesn”t help me in stopping the security warning going off constantly and also because leaks can expose an open port even on a home network otherwise people would never get malware or virus attacks on their home network, so I would prefer the port closed.

 

The major risk for common users, is opening email attachments and clicking on links from emails they don”t expect.

An open port on a trusted local network is a low security risk.

But let”s not open a discussion about this: you want that port closed, because it makes you feel insecure. So for you, it”s best to close it.

 

But what I want to know more about, is your “dongle”. What is this? A 4G modem?

Didier Stevenshttp://blog.DidierStevens.comhttp://DidierStevensLabs.com

SANS ISC Senior HandlerMicrosoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2022

 

If you send me messages, per Bleeping Computer”s Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don”t want this, don”t send me messages.

 

Stevens” law: “As an trực tuyến security discussion grows longer, the probability of a reference to BadUSB approaches 1.0”

#10compbuff

compbuffTopic Starter

*

Members169 postsOFFLINEGender:MaleLocal time:06:22 AM
Posted 29 August 2019 – 03:38 PM

Didier Stevens

 

The major risk for common users, is opening email attachments and clicking on links from emails they don”t expect.

An open port on a trusted local network is a low security risk.

But let”s not open a discussion about this: you want that port closed, because it makes you feel insecure. So for you, it”s best to close it.

 

But what I want to know more about, is your “dongle”. What is this? A 4G modem?

 

Precisely yes. I want to be able to close that port. 

 

And my dongle is a 4g UBB mobile broadband to connect to the internet when I am out and about. 

#11Didier Stevens

Didier Stevens

*

BC Advisor2,948 postsOFFLINEGender:Not TellingLocal time:08:22 AM

Posted 30 August 2019 – 12:45 PM

Then you have to make sure that your firewall is properly configured to protect your machine when you use that dongle, because I”ve seen several examples where such using such a dongle gets assigned a public IP directly, and then you don”t have the protection offered by a router (NAT, firewall, …).

 

Kiểm tra also if you get these alerts when you use your dongle.

Didier Stevenshttp://blog.DidierStevens.comhttp://DidierStevensLabs.com

SANS ISC Senior HandlerMicrosoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2022

 

If you send me messages, per Bleeping Computer”s Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don”t want this, don”t send me messages.

Xem thêm: Cont’D Là Gì – Cont Abbreviation

 

Stevens” law: “As an trực tuyến security discussion grows longer, the probability of a reference to BadUSB approaches 1.0”

#12compbuff

compbuffTopic Starter

*

Members169 postsOFFLINEGender:MaleLocal time:06:22 AM
Posted 30 August 2019 – 03:57 PM

Yes I do get those alerts when I use my dongle and I have tried to close port 445 without success. Windows firewall is managed by Avast which doesn”t appear to have the facility to block the port the same way Windows firewall does, nor have I found any instructions on being able to do so.

Back to General Security
0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

Reply to quoted postsClear

*
*

Advertise|About Us|Terms of Use|Privacy Policy|Sitemap|Chat|RSS Feeds|Tương tác Us
Tech Tư vấn Forums|Virus Removal Guides| Downloads|Tutorials|The Computer Glossary|Uninstall List|Startups|The File Database

©2004-2021 All Rights Reserved Bleeping Computer LLC .Site Changelog

Community Forum Software by IP.Board

Sign In

Username
Remember meThis is not recommended for shared computers
Sign in anonymouslyDon”t add me to the active users list

Về Viettingame.com

Viettingame.com - Chuyên trang web tổng hợp những thông tin hữu ích trên internet như thông tin về game, tin tổng hợp
Xem tất cả các bài viết của Viettingame.com →

Trả lời

Email của bạn sẽ không được hiển thị công khai. Các trường bắt buộc được đánh dấu *