Is there a reason this port is open, a quick Nmap scan and Nessus scan reveal it's open, why?
Are there any ramifications if I close this port via the firewall rule set?
Or does anyone here now more info about this port besides Google?
WTF?
1)http://www.symantec.com/connect/blogs/who-left-tunnel-door-open-windows-firewall-vista-0
I know the talk is about Vista, but I am pretty sure it's the same port on 7, also.
2)Port 5357 common errors:The port is vulnerable to info leak problems allowing it to be accessed remotely by malicious authors.
(Web Services for Devices)
I am blocking this crap, if I have issues will just re-enable.
Damn windows.
Inbound rule for Network Discovery to allow WSDAPI Events via Function Discovery. [TCP 5357]
You just got blocked, until I break something, will see.
Time to re-Nmap and re-Nessus.
Nmap scan 0 open ports after closing Port 5357,Win7 still works for now, one more scan with Nessus just to make sure all is well.
Best Answer
This port is opened probably because you have Network Discovery enabled in a Public Network profile.
To make sure if this is the case, don't block it and disable Network Discovery for any public profile you may have.
If you are using Windows Firewall it will be correctly mapped and it won't accept connections from outside. Only from within your home network. If you are using a personal firewall, make sure it has port level access so that you can set it up to only accept incoming/outgoing connections from/to your home network.