I have file sharing and "Client for Microsoft Networks" turned off on my machine (via the Network properties), yet I find that microsoft-ds (directory services) is still listing on ports 445 and 123, and even worse responding to hack attempts with rst/acks. How can I stop Windows XP from listening to those ports and responding to SYNs on those ports?

I realize I can use a switch to block traffic to those ports, but in the short term I would like to find a way to configure Windows so that it just stops listening.

1 Answer 1


I believe it is the "Server" service that will listen on 445. This might be called "Lanman" or "Workgroup" service in XP.

Port 123 is for time sync (NTP) and does not seem typical for an XP workstation to be enabled. Not certain how to disable it however you can use netstat -a -b -o to find out what process/service is using what port.

  • I disabled lanmanserver listening on port 445 but a port scan revealed that something else is still listening on 445. Upon further research, I found that 445 is also used by Active Directory in Windows. I'm still figuring out how to disable that without restarting my computer. If anyone has any suggestions, pls let us know.
    – Beast
    Commented Nov 8, 2023 at 2:42

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .