How to disable port 135/139/1723?

[Ingo Pakleppa - ingo at kkeane dot com]

I have a Windows 2000 Professional workstation. It is not supposed to ever
share a directory or printer, and also never to allow inbound PPTP
connections (it routinely does outbound PPTP connections, and connects to
a share on a server).

In Windows 9x, I was able to disable "file and printer sharing" in the
control panel Network applet to turn off 135 and 139, but I just can't for
the life of me find a corresponding option in Windows 2k. And I also can't
find a way to prevent Win2k from listening on port 1723.

Thanks for any help!

 

[John Wunderlich]

I really don't want to BLOCK the port, though, but rather want to
prevent Windows from opening it in the first place.

What happens if you go to
Network Control Panel --> Properties -->
TCP/IP --> Advanced -->
WINS --> Select "Disable NetBios over TCP/IP"
??

HTH,
John

 

[Ingo Pakleppa - ingo at kkeane dot com]

You are right, disabling the actual service is the solution (and it is the
only solution, actually, since I do want to reuse the port for some other
purpose). And that's what I'm trying to figure out how to do it while
still allowing the machine to connect to shared folders on other servers.

You are also right about 139. 135 is for the name service to resolve other
machine names, and 1723 is the PPTP port. But I have not succeeded in
shutting down any of these ports without also shutting down the
corresponding client software.