bobwood2000
asked on
closing ports 135 (msrpc) & 139 (netbios-ssn)
According to nmap, the following ports are open on my computer:
135/tcp open msrpc
139/tcp open netbios-ssn
My understanding is the msrpc is the server that formerly was vulnerable to the msblast worm, so I'd like to disable it. I probalby don't need it open, right? How can this be done?
Also, is there a reason not to disable the netbios-ssn process? If so, how can I stop the process from running?
Thanks.
135/tcp open msrpc
139/tcp open netbios-ssn
My understanding is the msrpc is the server that formerly was vulnerable to the msblast worm, so I'd like to disable it. I probalby don't need it open, right? How can this be done?
Also, is there a reason not to disable the netbios-ssn process? If so, how can I stop the process from running?
Thanks.
You can prevent these ports from being exploited by simply running a firewall such as Zone Alarm (http://www.zonelabs.com/store/content/catalog/products/sku_list_za.jsp). They will block any TCP port 135/139 traffic.
ASKER
I don't want to use a firewall.
Try disabling the file & Printer sharing
ASKER
I disabled file & printer sharing, but the ports remain open.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thank you.