Inbound connection in port 445 (TCP) is not blocked in Windows firewall
Description
Port 445 should not be exposed to the internet as it arises secrious security concern. Blocking TCP 445 will prevent file and printer sharing, thereby preventing Wannacry ransomware from spreading across your network
Severity
Moderate
Category
Windows Firewall
Resolution
Follow the below steps to resolve the misconfiguration.
Step 1: Open the Control Panel
Step 2: Click on Windows Firewall/ Windows Defender firewall
Step 3: Navigate to advanced settings.
Step 4:Right click on inbound rules and click on new rule.
Step 6:Select port and press next
Step 7:Specify the port 445 under specific local ports, select TCP and press next.
Step 8:click on block the connection and click next.
Step 9:Select Domain, Private and Public and click next.
Step 10:Give a name and description and click finish.
Potential issues that may arise after applying the resolution
Altering the existing security setting may create the following impact in your network operations. Blocking TCP 445 will prevent file and printer sharing and also other services such as DHCP (dynamic host configuration protocol) which is frequently used for automatically obtaining an IP address from the DHCP servers used by many corporations and ISPs(Internet Service Providers) will stop functioning.
Does remediation require reboot?
No
Vulnerability Manager Plus tracks security configurations and remediate misconfigurations in your network systems from a centralized console. View a list of all the security misconfigurations detected by Vulnerability Manager Plus.