Aug 29, 2015 · Now struggling to fix Network Discovery and access network shares lol I want to rule out everything except the strictly necessary. I need some help on which rules to add from the this Partial policy.wpw file:
Port 5357 TCP UDP | wsdapi | Web Services for Devices The Internet Assigned Numbers Authority ("IANA") has the below description on file for port 5357 and this is current as of . Previous port 5356 WS-Discovery uses the UDP port 3702 for message exchange. In addition, TCP ports 5357 and 5358 are sometimes used for metadata exchange. These ports can be explicitly opened on the firewall using the procedures described in Open a port in Windows Firewall. Retest the program after making this firewall change. RFC 5357 Two-Way Active Measurement Protocol October 2008 limited to a simple echo function. However, the most common facility for round-trip measurements is the ICMP Echo Request/Reply (used by the ping tool), and issues with this method are documented in Section 2.6 of [RFC2681]. TCP 5357 * TCP 5358 To find other computers running earlier versions of Windows, and to use file and printer sharing on any version of Windows, open these ports: * UDP 137 * UDP 138 * TCP 139 * TCP 445 * UDP 5355 To find network devices, open these ports: * UDP 1900 * TCP 2869 * UDP 3702 * UDP 5355 * TCP 5357 * TCP 5358 May 02, 2019 · TCP 5357 - WSDAPIEvents TCP 5358 - WSDEvents Secure UPD 3702 - WSD publishing Make sure time/SNTP of the printer and whole network is correctly set. Maximum ±5 min. deviation. ##### I suppose you could also block WSD at the firewall level.
5357/tcp open http Microsoft HTTPAPI httpd 2.0 (SSDP/UPnP) 10243/tcp open http Microsoft HTTPAPI httpd 2.0 (SSDP/UPnP) 17500/tcp open ssl/unknown 49152/tcp open msrpc Microsoft Windows RPC
Jul 22, 2008 · Port 5357 -- Vista SP1 ???. I have a homemade tripwire type program that alerted me to someone connecting to port 5357 on my Vista SP1 box. To my knowledge, I don't think I have this port open. From 3389/tcp open ms-term-serv 5357/tcp open unknown MAC Address: 00:1A:70:3C:A6:3D (Cisco-Linksys) Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port Device type: general purpose Running (JUST GUESSING) : FreeBSD 6.X (92%), OpenBSD 4.X (92%), Microsoft Windows Vista (86%)
The closest known TCP ports before 5357 port :5358 (WS for Devices Secured), 5358 (WS for Devices Secured), 5358 (WSDAPI Applications to Use a Secure Channel (only provided by Windows Vista, Windows 7 and Server 2008)), 5359 (Microsoft Alerter), 5359 (Microsoft Alerter),
Port(s) Protocol Service Details Source; 5357 : tcp,udp: wsdapi: Used by Microsoft Network Discovery, should be filtered for public networks. Disabling Network Discovery for any public network profile should close the port unless it's being used by another potentially malicious service. Inbound rule for Network Discovery to allow WSDAPI Events via Function Discovery. [TCP 5357] You just got blocked, until I break something, will see. Time to re-Nmap and re-Nessus. Nmap scan 0 open ports after closing Port 5357,Win7 still works for now, one more scan with Nessus just to make sure all is well. TCP port 5357 uses the Transmission Control Protocol. TCP is one of the main protocols in TCP/IP networks. TCP is a connection-oriented protocol, it requires handshaking to set up end-to-end communications. Only when a connection is set up user's data can be sent bi-directionally over the connection. Attention! Nov 10, 2009 · By default, WSDAPI will listen on TCP ports 5357 and 5358. The Windows Firewall will allow messages in to these ports if the interface firewall profile is anything other than Public. This means under non-Public profiles (e.g. Private or Domain) the vulnerability can be reached by remote, unauthenticated users.