Block TCP port 445 at network edge?
-
Just would like to know if it is firewall best practice to have an explicitly defined WAN rule to block all traffic targeting destination port 445 on internal private hosts?
Is this already accounted for by these default config rules:
Based on this info -> https://www.grc.com/port_445.htm
-
ISP's generally these days do block port 445.
Yes if you are worried put a block from all to port 445 on your LAN interface.
http://attrition.org/errata/charlatan/steve_gibson/
-
Only what is explicitly allowed via firewall rules will be passed.
Per default there are no WAN rules, so any incoming WAN traffic is denied.-Rico
-
@Rico Thanks.. I saw LAN when I read the OP the first time.
^^ what Rico said. :)
Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.