https://wiki.scott5.org/index.php?action=history&feed=atom&title=Windows_securityWindows security - Revision history2026-04-13T00:29:57ZRevision history for this page on the wikiMediaWiki 1.43.1https://wiki.scott5.org/index.php?title=Windows_security&diff=538&oldid=prevScott: /* Example */2011-02-04T23:20:46Z<p><span class="autocomment">Example</span></p>
<p><b>New page</b></p><div>== Improving security ==<br />
* Turn off "simple file sharing" in Windows Explorer -> Tools -> Folder Options -> View<br />
<br />
* Turn off "File and Printer Sharing for Microsoft Networks" if the machine isn't used to serve files or printers. File and printer sharing uses the SMB protocol. Uses TCP ports 139 (netbios-ssn) and 445 (microsoft-ds), which are used by the SMB protocol. <br />
<br />
== Command line tools ==<br />
List open ports and the processes using them:<br />
<pre><br />
netstat -ao<br />
netstat -aon<br />
</pre><br />
<br />
List processes:<br />
<pre><br />
tasklist<br />
</pre><br />
<br />
== Etc directory ==<br />
<code>%SYSTEMROOT%\System32\Drivers\Etc</code> is like <code>/etc</code> in unix, contains<br />
* hosts<br />
* networks<br />
* protocol<br />
* services<br />
<br />
== Example ==<br />
<pre><br />
C:\Documents and Settings\barney>netstat -aon<br />
<br />
Active Connections<br />
<br />
Proto Local Address Foreign Address State PID<br />
TCP 0.0.0.0:135 0.0.0.0:0 LISTENING 808<br />
TCP 0.0.0.0:445 0.0.0.0:0 LISTENING 4<br />
...<br />
<br />
C:\WINDOWS\system32\drivers\etc>grep 135 services<br />
epmap 135/tcp loc-srv #DCE endpoint resolution<br />
epmap 135/udp loc-srv #DCE endpoint resolution<br />
</pre></div>Scott