TCP Port 139 is one of the highest-risk ports on the network and you may need to disable the port 139 to avoid the WannaCry ransomware attack. The port is used for the NetBIOS Session Service and the File and Printer Sharing over local area network on Windows. NetBIOS (NETwork Basic Input/Output System) is a protocol that explains how data is communicated over a network under all current Windows clients or servers. When a computer calls another computer/server over the port 139, the NetBIOS session will start between the two machines.
The Windows operating systems can be in danger when the NetBIOS is implemented improperly with the opened TCP port 139. All of your computer information, including the account, passwords, domain, etc. can be exposed to hackers if you have the port opened. The recent cyber-attack of the WannaCry ransomware is believed to make use of the vulnerability to get access to your hard disk drives and run the virus without your awareness.
Modern Windows versions can run the NetBIOS over TCP/IP with the NBT protocol. If the computer supports both NBT protocol and the TCP/IP protocol, the NetBIOS session will start via the available 139 port or 445 port. So if you ain’t on a network using NetBIOS, it is recommended to disable the TCP port 139 and ports like 138, 137, 135 and 445 on your Windows if they are in the LISTENING status. Go on the reading for methods to disable the port 139 and protect the computer from hackers’ attack.
This post will introduce to you how to check and close the port 139 on Microsoft Windows 10, 8.1, 8, 7, Vista, XP, 2000, etc. in 4 easy steps:
When you’re going to perform some changes on Windows OS, it is better to back up important data and create a system restore point in case you come across serious computer issues like Driver_Power_State_Failure, system interrupts, “Display driver stopped responding and has recovered" error etc. You can use Driver Talent to create a system restore point so that you can roll back to the early normal computer state without losing the files once you encounter the system problem.
Here are 3 easy steps to create a system restore point with Driver Talent.
1. After the scanning, go to the Restore menu and select the System Restore tab.
2. Click the System restore point and name it.
3. Click Create to create a restore point.
1. Launch the Command Prompt on the Windows.
2. Type netstat –na into the box.
3. Hit the Enter key.
If you find the TCP port 139 is in the state LISTENING, go to step 3 to close it immediately.
1. Use Windows shortcut keys Win + R to launch the Run.
2. Type ncpa.cpl into the box.
3. Click the OK.
4. Right-click the currently working local area network.
5. Select the Properties.
6. Scroll down and uncheck the File and Printer Sharing for Microsoft Networks.
7. Click OK.
This will disable the File and Printer Sharing feature and prevent the WannaCry ransomware and other virus attacking your computer via the sharing. Then open the Properties box with the same steps and go to the Step 4 below.
1. Scroll down and double-click the Internet Protocol (TCP/IP).
2. Click the Advanced button.
3. Choose the WINS tab.
4. Choose Disable NetBIOS over TCP/IP under the NetBIOS setting.
5. Click OK.
Then restart the computer. Now the TCP port 139 has been disabled on your Windows computer and you don’t need to worry about the WannaCry ransomware for the moment.
Besides the solutions above, you also need to form a good habit to use the Windows laptop or desktop, such as avoiding clicking on suspect e-mails and links, using anti-virus software, install system security patches, etc..
That’s it. Hope this post is helpful for you to prevent your Windows computer from the ransomware attack. You can comment below if you have any questions about how to disable the TCP port 139, 135, 455, etc. and protect the computer from the EternalBlue virus.
|ExplorerMax||Driver Talent for Network Card|
|Smart and advanced file explorer tool for Windows platforms||Download & Install Network Drivers without Internet Connection|
|30-day Free Trial||Free Download|