CÁCH DIỆT VIRUS SMB CVE 2017 0144 EXPL TRIỆT ĐỂ

I"ve had constant warnings of blocking vulnerability CVE-2017-0144 in SMB exploited by the WannaCryptor ransomeware by Avast Premier. I"m aware this first occurred back in 2017 and since then everyone has since patched up their computer"s, me included, and supposedly successfully blocked port 445. I"ve not had this security warning for a long time until a couple of days ago. Furthermore, on checking the command prompt using netstat -na I"ve found that port 445 is in fact xuất hiện and still listening. So I followed every method as recommended in the following article: https://www.backup-utility.com/anti-ransomware/how-to-block-port-445-in-windows-3889.html

 

However, even after trying all of them, port 445 appears to lớn still remain open, while I still appear khổng lồ get the warning. Any suggestions on what to bởi vì next in order lớn close the port & stop the message constantly re-occurring?

 

Thank you.

Bạn đang xem: Cách diệt virus smb cve 2017 0144 expl triệt để


Attached Files

BC AdBot (Login to lớn Remove)


*
halfpeeledapple.comRegister lớn remove ads

#2buddy215


buddy215
*
Moderator17,857 postsOFFLINEGender:MaleLocation:West TennesseeLocal time:10:23 PM

Posted 27 August 2019 - 02:36 PM


If you follow the instructions for closing 445 in Windows firewall in liên kết below you should be okay.

Your image does show it open.

Top Three Easy Methods to lớn Block TCP Port 445 in Windows 10/7/XP


“Every atom in your body toàn thân came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”― Lawrence M. KraussIf we are khổng lồ have another contest in the near future of our national existence, I predict that the dividing line will not be Mason & Dixon’s, but between patriotism & intelligence on the one side, và superstition, ambition, and ignorance on the other. Ulysses S. Grant...Republican president who correctly predicted the cause of Trump"s attempted coup.

 

 

#3Didier Stevens


Didier Stevens
*
BC Advisor
2,990 postsOFFLINEGender:Not TellingLocal time:05:23 AM
Posted 27 August 2019 - 03:25 PM


I see that your computer has a private IP address.

 

Is that computer on a hostile network? I assume it doesn"t have an interface with a public IP?


Didier Stevenshttp://blog.DidierStevens.comhttp://DidierStevensLabs.com

SANS ISC Senior HandlerMicrosoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2022

 

If you send me messages, per Bleeping Computer"s forums policy, I will not engage in a conversation, but try to answer your question in the relevant forums post. If you don"t want this, don"t send me messages.

 

Stevens" law: "As an online security discussion grows longer, the probability of a reference lớn BadUSB approaches 1.0"

#4compbuff


compbuffTopic Starter
*
Members169 postsOFFLINEGender:MaleLocal time:04:23 AM
Posted 27 August 2019 - 03:59 PM


buddy215 I"m not sure if you saw my own link. It was that same article that I tried all 3 methods from and the port is still open.

 


Didier Stevens No it isn"t. It was connected lớn my trang chủ network.

Edited by compbuff, 27 August 2019 - 04:04 PM.


#5buddy215


buddy215
*
Moderator
17,857 postsOFFLINEGender:MaleLocation:West TennesseeLocal time:10:23 PM

Posted 27 August 2019 - 04:52 PM


When I run the tests at GRC | ShieldsUP! — internet Vulnerability Profiling it shows all of the commonly used ports are stealthed.

Example:

*

*
   

Take a minute or two and run the tests tệp tin Sharing, Common Ports, Service Ports và Browser Headers


“Every atom in your toàn thân came from a star that exploded và the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”― Lawrence M. KraussIf we are khổng lồ have another contest in the near future of our national existence, I predict that the dividing line will not be Mason and Dixon’s, but between patriotism và intelligence on the one side, and superstition, ambition, & ignorance on the other. Ulysses S. Grant...Republican president who correctly predicted the cause of Trump"s attempted coup.

 

 

#6Didier Stevens


Didier Stevens
*
BC Advisor
2,990 postsOFFLINEGender:Not TellingLocal time:05:23 AM
Posted 27 August 2019 - 05:05 PM


If you"re on your trang chủ network, you can"t receive incoming connections from the internet directly khổng lồ your computer (unless you configured port forwarding).

 

You don"t have to worry about open ports on your computer if said computer is on your home network and not exposed on the Internet.

 

So where are these packets coming from? bởi vì you have other Windows computers on your network?


Didier Stevenshttp://blog.DidierStevens.comhttp://DidierStevensLabs.com

SANS ISC Senior HandlerMicrosoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2022

 

If you send me messages, per Bleeping Computer"s diễn đàn policy, I will not engage in a conversation, but try to answer your question in the relevant forums post. If you don"t want this, don"t send me messages.

 

Stevens" law: "As an online security discussion grows longer, the probability of a reference lớn BadUSB approaches 1.0"

#7compbuff


compbuffTopic Starter
*
Members169 postsOFFLINEGender:MaleLocal time:04:23 AM
Posted 28 August 2019 - 03:48 AM


Didier Stevens No, but I have my phone, ipad & printer connected lớn my network,hence the extra packets. I also vày use my dongle khổng lồ connect to my laptop. When I am out and not at work but never connect lớn a public network. 

 

 

You don"t have khổng lồ worry about open ports on your computer if said computer is on your home network & not exposed on the Internet.

 

Yes, because the trang chủ network is protected by my router"s firewall và the security programs but that doesn"t help me in stopping the security warning going off constantly & also because leaks can expose an open port even on a trang chủ network otherwise people would never get malware or virus attacks on their home network, so I would prefer the port closed.

Xem thêm:

Edited by compbuff, 28 August 2019 - 06:32 AM.


#8compbuff


compbuffTopic Starter
*
Members169 postsOFFLINEGender:MaleLocal time:04:23 AM

Posted 28 August 2019 - 05:47 AM


buddy215

I ran the tests. For the tệp tin sharing demo port 139 is fully stealthed & my PC does not expose my internal NetBios over the internet. For the commonly used ports all 32 ports were stealthed. For the service ports all of the first 1056 ports were steathed. For the browser headers the entire contents of my browser"s request for this page was given but no assessment or explanation of the results.

Edited by compbuff, 28 August 2019 - 05:48 AM.


#9Didier Stevens


Didier Stevens
*
BC Advisor
2,990 postsOFFLINEGender:Not TellingLocal time:05:23 AM

Posted 28 August 2019 - 03:02 PM


Didier Stevens No, but I have my phone, ipad & printer connected to lớn my network,hence the extra packets. I also vày use my dongle lớn connect to my laptop. When I am out và not at work but never connect to lớn a public network. 

 

 

You don"t have to lớn worry about xuất hiện ports on your computer if said computer is on your home network and not exposed on the Internet.

 

Yes, because the trang chủ network is protected by my router"s firewall and the security programs but that doesn"t help me in stopping the security warning going off constantly & also because leaks can expose an xuất hiện port even on a trang chủ network otherwise people would never get malware or virut attacks on their trang chủ network, so I would prefer the port closed.


 

The major risk for common users, is opening email attachments and clicking on liên kết from emails they don"t expect.

An mở cửa port on a trusted local network is a low security risk.

But let"s not mở cửa a discussion about this: you want that port closed, because it makes you feel insecure. So for you, it"s best khổng lồ close it.

 

But what I want to lớn know more about, is your "dongle". What is this? A 4G modem?


Didier Stevenshttp://blog.DidierStevens.comhttp://DidierStevensLabs.com

SANS ISC Senior HandlerMicrosoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2022

 

If you send me messages, per Bleeping Computer"s forum policy, I will not engage in a conversation, but try lớn answer your question in the relevant diễn đàn post. If you don"t want this, don"t send me messages.

 

Stevens" law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"

#10compbuff


compbuffTopic Starter
*
Members169 postsOFFLINEGender:MaleLocal time:04:23 AM
Posted 29 August 2019 - 03:38 PM


Didier Stevens

 

The major risk for common users, is opening e-mail attachments và clicking on link from emails they don"t expect.

An xuất hiện port on a trusted local network is a low security risk.

But let"s not mở cửa a discussion about this: you want that port closed, because it makes you feel insecure. So for you, it"s best lớn close it.

 

But what I want to know more about, is your "dongle". What is this? A 4G modem?

 

Precisely yes. I want to be able to close that port. 

 

And my dongle is a 4g UBB di động broadband lớn connect to lớn the internet when I am out and about. 


#11Didier Stevens


Didier Stevens
*
BC Advisor2,990 postsOFFLINEGender:Not TellingLocal time:05:23 AM

Posted 30 August 2019 - 12:45 PM


Then you have lớn make sure that your firewall is properly configured to protect your machine when you use that dongle, because I"ve seen several examples where such using such a dongle gets assigned a public IP directly, và then you don"t have the protection offered by a router (NAT, firewall, ...).

 

Check also if you get these alerts when you use your dongle.


Didier Stevenshttp://blog.DidierStevens.comhttp://DidierStevensLabs.com

SANS ISC Senior HandlerMicrosoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2022

 

If you send me messages, per Bleeping Computer"s forums policy, I will not engage in a conversation, but try lớn answer your question in the relevant forums post. If you don"t want this, don"t send me messages.

 

Stevens" law: "As an online security discussion grows longer, the probability of a reference lớn BadUSB approaches 1.0"

#12compbuff


compbuffTopic Starter
*
Members169 postsOFFLINEGender:MaleLocal time:04:23 AM
Posted 30 August 2019 - 03:57 PM


Yes I vị get those alerts when I use my dongle & I have tried khổng lồ close port 445 without success. Windows firewall is managed by Avast which doesn"t appear to lớn have the facility to lớn block the port the same way Windows firewall does, nor have I found any instructions on being able to vì chưng so.


Back to General Security
0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users


Reply khổng lồ quoted postsClear
*
*

Advertise|About Us|Terms of Use|Privacy Policy|Sitemap|Chat|RSS Feeds|Contact Us
Tech support Forums|Virus Removal Guides |Downloads|Tutorials|The Computer Glossary|Uninstall List|Startups|The tệp tin Database

©2004-2022 All Rights Reserved Bleeping Computer LLC
.Site Changelog

Community diễn đàn Software by IP.Board


Sign In


Username
Remember meThis is not recommended for shared computers
Sign in anonymouslyDon"t địa chỉ me to lớn the active users list