bop2010:By default the Retina scan engine runs as the SYSTEM user which has no access to the remote system's registry. To have Retina scan with the permissions required to access remote registries you'll need to add credentials to the scan. See "Managing Credentials" in the Retina users guide.
I am not sure about this part, but Brian (from eEye) can tell you what to do for this.
What OS platforms are you receiving this alert on (Vista, XP, Server 2003, etc)?
Now as far as "disabling" ports 139 and 445, there is an article on that located here: http://www.petri.co.il/whats_port_445_in_w2k_xp_2003.htm
In your case, however, you need to have these ports enabled for Retina to be able to scan your system. You might want to verify that you have the oposite of what the article says you should have. IF you have not made any changes to your system, you should still have the default settings in Windows for these. By default, these ports are enabled.
Remote registry - Go into your services (Control Panel >> Administrative Tools >> Services) and verify that "Remote Registry" and "TCP/IP NETBIOS Helper" are not disabled.
Also check to see what you have for: Control Panel >> Administrative Tools >> Local Security Policy >> Local Policies (on the left side) >> Security Options. Under Security Options (in the list that will show on the right) verify what you have for:
Network Access: Remotely accessible registry paths
Network Access: Remotely accessible registry paths and sub-paths
Default in Vista for these is as follows:
Network Access: Remotely accessible registry paths
System\CurrentControlSet\Control\ProductOptions
System\CurrentControlSet\Control\Server Applications
Software\Microsoft\Windows NT\CurrentVersion
Network Access: Remotely accessible registry paths and sub-paths
System\CurrentControlSet\Control\Print\Printers
System\CurrentControlSet\Services\Eventlog
Software\Microsoft\OLAP Server
Software\Microsoft\Windows NT\CurrentVersion\Print
Software\Microsoft\Windows NT\CurrentVersion\Windows
System\CurrentControlSet\Control\ContentIndex
System\CurrentControlSet\Control\Terminal Server
System\CurrentControlSet\Control\Terminal Server\UserConfig
System\CurrentControlSet\Control\Terminal Server\DefaultUserConfiguration
Software\Microsoft\Windows NT\CurrentVersion\Perflib
System\CurrentControlSet\Services\SysmonLog
=============================================================
Brian (eEye), what do you recommend be left in this remotely accessible registry paths above? I thought Retina gave a recommendation on what should be in both of these values (for security reasons) and it is not what the default is?