Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Block TCP port 445 at network edge?

    Scheduled Pinned Locked Moved General pfSense Questions
    4 Posts 3 Posters 735 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • V
      VirtuousVigor
      last edited by VirtuousVigor

      Just would like to know if it is firewall best practice to have an explicitly defined WAN rule to block all traffic targeting destination port 445 on internal private hosts?

      Is this already accounted for by these default config rules:

      Annotation 2020-05-11 145921.png

      Based on this info -> https://www.grc.com/port_445.htm

      1 Reply Last reply Reply Quote 0
      • chpalmerC
        chpalmer
        last edited by

        ISP's generally these days do block port 445.

        Yes if you are worried put a block from all to port 445 on your LAN interface.

        http://attrition.org/errata/charlatan/steve_gibson/

        445rule.jpg

        Triggering snowflakes one by one..
        Intel(R) Core(TM) i5-4590T CPU @ 2.00GHz on an M400 WG box.

        1 Reply Last reply Reply Quote 1
        • RicoR
          Rico LAYER 8 Rebel Alliance
          last edited by

          Only what is explicitly allowed via firewall rules will be passed.
          Per default there are no WAN rules, so any incoming WAN traffic is denied.

          -Rico

          chpalmerC 1 Reply Last reply Reply Quote 1
          • chpalmerC
            chpalmer @Rico
            last edited by

            @Rico Thanks.. I saw LAN when I read the OP the first time.

            ^^ what Rico said. :)

            Triggering snowflakes one by one..
            Intel(R) Core(TM) i5-4590T CPU @ 2.00GHz on an M400 WG box.

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.