In an effort to secure servers in the TXST data center against more sophisticated threats, we will be retiring three ports and require all connected servers to be closed or updated.
The following services are being targeted this round:
| Port |
Service |
What does this do? |
| 135 |
RPC |
Allows management of the server via WMI and various other protocols. |
| 445 |
SMB |
Windows File Sharing - Use of file shares is prohibited without authorization and should be scoped down to only those addresses that need it.
If you have file shares that are required by the server, submit a Server Support Request to create a specific rule for this and scope it to only the systems that need access.
|
| 5985 |
WINRM |
Windows Remote Management - Allows remote management via PowerShell. |
There are two options for locking down these services:
Self-Service
- Remote desktop to the server you are ready to lock down.
- Open Software Center.
- Install the program 'Disable Management Ports'.
- NOTE: You can re-enable using the 'Enable Management Ports' option as well
- If either option has a grey 'installed', you will need to initiate an application deployment evaluation cycle.
- Go to your Control Panel.
- Change view settings to small icons.
- Select Configuration Manager.
- Select the Actions tab.
- Select Application Deployment Evaluation Cycle.
- Select Run Now in the bottom right.
Support Request
You can request the Systems Administration Team make changes to your server's firewall by sending a request through the Server Support Request form. This will allow you to make the change on your own schedule and confirm your application or service is still working as expected.