OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: Shaolin Tiger (shaolin_at_shaolin-tiger.com)
Date: Mon Sep 02 2002 - 06:21:21 CDT

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    # Port 445 - This is a highly debated area by Microsoft themselves and many
    others
    # It's uses are discussed here: http://ntsecurity.nu/papers/port445/
    #
    # Method 1: Steps in Windows 2000 Professional, SP2: (Please read others
    below before proceeding as this one may prevent
    #
    # DHCP from functioning correctly which most Cable ISPs require and some
    Other ISPs too)
    #
    # 1. Open Computer Management
    #
    # 2. Click on Device Manager
    #
    # 3. Select View: Show Hidden Devices
    #
    # 4. Click on Non-Plug and Play Drivers
    #

    # 5. Open Properties for NetBIOS over TCPIP
    #
    # 6. Click on Disable
    #
    # 7. Reboot per prompt
    #
    # If you do not disable the TCP/IP NetBIOS Helper Service at the same time
    an error will be logged to the system event log.
    #
    # You can Disable this service in Administrative Tools - Services if desired
    as detailed below.
    #
    # Alternate Procedure: The following information was developed, tested, and
    supplied by T-1 (t1san.rr.com)
    #
    # Go to :
    #
    # HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\

    #
    # Value Name: TransportBindName
    #
    # Data: \device\
    #
    # Either Rename TransportBindName to something like TransportBindNameX
    (Easier to change back later)
    #
    # Or Delete \device\
    #
    # Then Reboot.
    #
    # The Registry tweak is more flexible because the NetBT driver is allowed to
    run
    #

    From : http://www.darknet.org.uk/content/files/securewin2k.txt

    .: http://www.security-forums.com :.

             Share your knowledge
              It's a way to achieve
                    Immortality.

    ----- Original Message -----
    From: "Andrew Oman" <Andrew.Omanpredictive.com>
    To: <bugtraqsecurityfocus.com>; <vuln-devsecurityfocus.com>
    Sent: Friday, August 30, 2002 6:21 PM
    Subject: Re: SUMMARY: Disabling Port 445 (SMB) Entirely

    > I hope this adds a little bit on one more method of diabling/unbinding
    > SMB:
    > ( sorry if the cross-post was not appropriate )
    >
    >
    http://www.microsoft.com/ntserver/techresources/commnet/WINS/WINSwp98/WINS11
    -12.asp
    >
    > HKLM\System\Controlset001\Services\NetBT\Parameters
    >
    > Non-Configurable Parameters
    > The following parameters are created and used internally by the NetBT
    > components. They should never be modified using the Registry Editor. They
    > are listed here for reference only.
    >
    > TransportBindName
    > Key: Netbt\Parameters
    > Value Type: REG_SZ - Character string
    > Valid Range: N/A
    > Default: \Device\
    > Description: This parameter is used internally during product development.
    > The default value should not be changed.
    >
    >
    > SMBDeviceEnabled
    > Key: Netbt\Parameters
    > Value Type: REG_DWORD—Boolean
    > Valid Range: 0, 1 (false, true)
    > Default: 1 (true)
    >
    <snip>
    >