What is port 445 on a computer and how can viruses invade a computer through it?

。。To put it simply. If you forget it, remember that it seems to have opened a 135 computer, and if you open 445 again, it will be easy to hang.

It's like you open a door and the door comes in and out of the printing task, but a hacker or a Trojan horse will come in through the door, close it if there is no printer, and if there is, the next one will prevent hackers and Trojans.

Cybersecurity experts recommend that users disconnect the network and turn on the phone, that is, unplug the network cable before turning it on, so as to basically avoid being infected by ransomware. After booting up, you should find a way to apply security patches or install defense tools launched by various network security companies to connect to the Internet. It is recommended to back up the important files and data in the computer to the mobile hard disk and USB flash drive as soon as possible, and save the disk offline after the backup, and at the same time be vigilant against unknown links, files and emails.

Temporary Solution:

1. Turn on the system firewall.

2. Use the advanced settings of the system firewall to block the connection to port 445 (this operation will affect the service that uses port 445).

3. Turn on the automatic update of the system, and detect the update for installation.

Win7, Win8, Win10 process.

1. Open Control Panel - System & Security - Windows Firewall, and click on the left side to start or disable Windows Firewall.

2. Select Start Firewall and click OK.

3. Click Advanced Settings.

4. Click Inbound Rule to create a new rule.

5. Select the port, Next.

6. For a specific local port, enter 445 and go next.

7. Select Block Connection, Next.

8. Profile, Select All, Next.

9. The name can be entered arbitrarily and completed.

The process flow of the XP system.

1. Open Control Panel, Security Center, Windows Firewall, and select Enable.

2. Click Start, Run, enter cmd, and confirm the execution of the following three commands: net stop rdr, net stop srv, net stop netbt

According to the report of the network security agency, this is a virus attack launched by criminals using the "Eternal Blue" leaked by the NSA hacker** library. Liquid Jingheng "Eternal Blue" will scan Windows machines that open the 445 file sharing port, without any user operation, as long as the computer is turned on and the Internet is connected, criminals can implant ransomware, remote control Trojans, virtual currency mining machines and other malicious programs in computers and servers.

1. Install the latest security patch for your computer, Microsoft has released patch MS17-010 to fix the system vulnerability of the "Eternal Blue" attack, please install this security patch as soon as possible; For the noisy windows

XP, 2003 and other machines that Microsoft no longer provides security updates can use the 360 "NSA** Library Immunity Tool" to detect whether there are vulnerabilities in the system and close the ports affected by the vulnerability, which can avoid being compromised by ransomware and other viruses.

2. Close the port and turn off the network share.

4. Back up the important files and data in your computer to the mobile hard disk and U disk as soon as possible (regularly in the future), and save the disk offline after the backup.

5. It is recommended that users who are still using Windows XP, Windows 2003 operating system upgrade to Windows 7 and Windows 10 as soon as possible.

Windows 2008, 2012, 2016 operating system.