端口如何屏蔽135 139 445 3389端口 网络端口安全防护技巧(How to shield 1351394453389 port network port security protection skills)

445端口  时间:2021-04-18  阅读:()

如何屏蔽135 139 445 3389端口+网络端口安全防护技巧How toshield 1351394453389 port + network port security protectionskills

Windows has many ports that are open. When you're on theInternet, network viruses and hackers can connect to yourcomputer through these ports. In order to make your system intothese ports should be closed, iron bastions, mainly include:TCP 135, 139, 445, 593, 1025, 137, 135 and UDP port 138, port445, some of the popular virus backdoor port (such as TCP 2745,3127, 6129, port) and remote service access port 3389.Following introduction

How do I close these network ports under WinXP/2000/2003?:The first step, click the"start menu/settings/control panel/management tools, double-click to open local security policy,select the" IP security policy, on the local computer, clickin the empty space right the right pane, pop-up shortcut menu,select "create IP security policy" (right) , so apop-upwizard.In the wizard, click "next" button, named the new securitypolicy; and then click "next", shows the "safety communicationrequest"picture, "activate the default rules" on the left sideof the hook removed on the screen, click "finish" button tocreate a new IP security strategy.

The second step, right-click the IP security policy, in theproperties dialog box, use the wizard to add "left hook toremove, and then click the Add button to add new rules, thenpop up" the new rules Properties dialog box, click the Addbutton on the screen, playing a IP filter list window; in the

list, the first to use the add wizard left hook removed, andthen click the "add" button to add a new filter.

The third step, enter the filter properties dialog box, seefirst is addressing the source address select any IP address,destination address "my IP address"; click"agreement" tab, inthe "select the protocol type" drop-down list, select the "TCP",then "to the port" the text box enter "135", click "OK" button(left) , then add a shield TCP 135 port (RPC) filter, which canprevent the outside through the 135 port on your computer.Click "OK" to filter list dialog box, you can see has added astrategy, repeat the above steps to add TCP 137, 139, 445, 593,139, 135 UDP port and 445 port, the establishment of thecorresponding filters for them.

Repeat these steps to add TCP, 1025, 2745, 3127, 6129, and 3389port shielding strategies, establish a filter for the aboveport, and click the OK button at last.

The fourth step, in the "new rules properties" dialog box,select the "newIPfilterlist", thenclickthe left circle witha point that has been activated, and finally click the filteraction tab. In the filter tab, use the wizard to add "left hookremoved, click the Add button, add a" stop"operation (right) :"filter actionattribute "" security"tab, select" stop"button,then click" OK ".

The fifth step, into the "new rules of the properties dialogbox, click the"newfilter operation", to the left of the circlewith a point that has been activated, click" close "button to

close the dialog box; finally returned to the new IP securitypolicy properties dialog box, tick the" new IP filter list "onthe left, clickOKto close thedialogbox. Inthe local securitypolicy window, with the right mouse wants to hold more green?IP security strategy, and then select "assigned".

Thus, after restarting, the network port in the computer isclosed, and the virus and the hacker can not connect to theseports anymore, thus protecting your computer.

Router settings:

1, close 7.9 and so on port: close SimpleTCP/IPService, supportthe following TCP/IP services: CharacterGenerator, Daytime,Discard, Echo, and QuoteoftheDay.

2, turn off 80: turn off the WWW service. In service, displaythe name "WorldWideWebPublishingService" and provide the Webconnection and management through the management unit of theInternet information service.

3, turn off the 25 port: turn off the

SimpleMailTransportProtocol (SMTP) service, it provides thefunction is to send e-mail across the network.

4, turn off the 21 port: turn off FTPPublishingService, whichprovides services through the Internet information servicemanagement unit to provide FTP connection and management.5, turn off the 23 port: turn off the Telnet service, whichallows remote users to log on to the systemand run the console

program using the command line.

6, there is also avery important thing is to turn off the serverservice,

This service provides RPC support, documentation, printing,and named pipe sharing. Turn off it and turn off the defaultshare of Win2K, such as ipc$, c$, admin$, and so on. This serviceis closed and does not affect your common operation.

7, and there is a 139 port, 139 port is NetBIOSSession port,used to file and print sharing, note that the samba machinerunning UNIX also opened 139 ports, the same function. Beforestreamer 2000 used to determine the other host type is notaccurate, it is estimated that 139 ports open, both consideredNT, and now good.

Listen to the closed 139 method is in the network and dial upconnections "in the" local connection "selected" Internetprotocol (TCP/IP) into the "TCP/IP" attribute, advancedsettings ""WINS settings "is a" disable TCP/IP NETBIOS ", tickoff Port 139.

For individual users, you can set it as "disable" in eachservice property setting so that the next restart service willbe restarted and the port will be open.

We generally use some powerful anti - Black software andfirewalls to ensure our system security, but some users do nothave the above conditions. What shall I do?Here' s a simple wayto help prevent illegal intrusions by restricting ports.

The mode of illegal invasion

In brief, the way of illegal invasion can be roughly dividedinto 4 kinds:

1, scan port, through the known system Bug into the host.2, grow Trojan, use Trojan to open the back door, enter host.3, the use of data overflow means, forcing the host to provideback door access to the host.

4, use some software design vulnerabilities, directly orindirectly control the host.

The main way of illegal intrusion is two, especially the useof some popular hacking tools, the host through the first wayto attack the most, is the most common; and the last two ways,only some superb means of hacking to use, does not spreadwidely,and as long as these two kinds of problems software, serviceproviders will soon provide patches, timely repair system.Therefore, if we can restrict the first two kinds of illegalintrusions, we can effectively prevent the illegal invasion ofhacker tools. Moreover, the first two illegal intrusions haveone thing in common, that is, access to the host through theport.

Ports are like a few doors of a house (server) , and differentdoors lead to different rooms (different services provided by

the server) . Our common FTP default port is 21, while the WWWweb page generally defaults to port 80. But some sloppy networkadministrators often opened some easy invasion of port services,such as 139; there are some Trojans, such as ice, BO, etc. , arenot aware of you open a port automatically. So, as long as wedo not use their own ports all blocked up, does not put an endto these two illegal invasion?

Method for restricting ports

For individual users, you can limit all ports, because you don'thave to make your machine to provide any service to the outside;and to provide network services to foreign servers, we need tohave to use ports (such as the WWW port 80, FTP port 21, mailservice ports 25, 110) , other the port is closed.

Here, for users using Windows2000 or WindowsXP, there is no needto install any other software, and you can use the TCP/IP filterfeature to restrict the server' s ports. Specific settings areas follows:

1, right-click on the "network neighborhood", select

"properties", and then double-click"local connection" (if thedial-up Internet users, select my connection icon) , pop-up the"local connection status" dialog box.

2, click the [properties] button, pop-up the local connectionproperties, select this connection, use the following items inthe Internet protocol (TCP/IP) , and then click the [properties]button.

3, click the [advanced] button in the pop-up Internet protocol(TCP/IP) dialog box. In the pop-up"advanced TCP/IP settings",select the Options tab, select TCP/IP filter, and then clickthe properties button.

4, in the pop-up TCP/IP Filter dialog box, select the TCP/IPenabled filter check box, and then leave the "TCP port" on the"only allowed" election (see figure) .

In this way, you can come to add or delete your TCP or UDP orIP ports.

After you add or delete, restart your machine, your server isprotected.

If you only browse the Internet, you can not add any port. Buttouse somenetworkcontact tools, such as OICQ, it is necessaryto open the port "4000",

Similarly, BitComet ports: TCP:8927, UDP:8927

If you find a common network tool that doesn't work, make sureit' s on the port where your host is running, and then add portsin the TCP/IP filter.





Detailed settings see Figure: inaccordancewith the red circlein turn opened, until the fourth chart, in accordance with thered circle position is set, and finally determine the way.

Reboot the system.

It' s also easy to change it. Change the last picture to thedefault setting and restart the OK

Network port security protection skills (append one)

Communications between computers through ports, for examplewhen you visit awebsite, Windows will open aport on the machine(for example, port 1025) a port to connect to the web serverand the distance, so when you visit someone else. By default,Windows will open many service ports on your computer, andhackers often use these ports to implement intrusions.Therefore, mastering port knowledge is an essential skill forsecure Internet access.

Common ports and their classification

The computer needs to use TCP/IP protocol to communicate witheach other on the Internet. According to the TCP/IP protocol,the computer has 256 * 256 (65536) ports. These ports can bedivided into two kinds: TCP port and UDP port. If the port numberis divided, they can be divided into the following twocategories:

1. system reserved port (from 0 to 1023)

The port does not allow you to use, they all have the exactdefinition, corresponding to some common services on theInternet, each open the port, represents a system service, suchas port 80 on behalf of the Web service. 21 corresponds to FTP,

25 corresponds to SMTP, 110 corresponds to POP3, and so forth(Figure 1) .

2. dynamic ports (from 1024 to 65535)

When you need to communicate with others, Windows will assigna dynamic port from the 1024, and if the 1024port is not closed,1025 ports will beallocated for youtouse whenyouneed aport,and so on.

However, there are individual system services that bind toports 1024 to 49151, such as 3389 ports (remote terminalservices) . From49152 to 65535, this port is usually not bundledwith system services, allowing Windows to be dynamicallyallocated to you.

Two, how to see which ports are open?

In default, Windows opens many "service ports". If you want tosee which ports are open and which computers are connecting tothe machine, you can use the following two methods.

1. using the netstat command

Windows provides the netstat command to display the currentTCP/IP network connection. Note that only the TCP/IP protocolis installed before you can use the netstat command.

How to do it: click "start, program, annex, command prompt",enter the DOS window, enter the command netstat, -na enter, soit will show the connection and the open port, as shown in figure

DMIT:香港国际线路vps,1.5GB内存/20GB SSD空间/4TB流量/1Gbps/KVM,$9.81/月

DMIT怎么样?DMIT是一家美国主机商,主要提供KVM VPS、独立服务器等,主要提供香港CN2、洛杉矶CN2 GIA等KVM VPS,稳定性、网络都很不错。支持中文客服,可Paypal、支付宝付款。2020年推出的香港国际线路的KVM VPS,大带宽,适合中转落地使用。现在有永久9折优惠码:July-4-Lite-10OFF,季付及以上还有折扣,非 中国路由优化;AS4134,AS4837 均...

10gbiz:香港/洛杉矶CN2直连线路VPS四折优惠,直连香港/香港/洛杉矶CN2四折

10gbiz怎么样?10gbiz在本站也多次分享过,是一家成立于2020的国人主机商家,主要销售VPS和独立服务器,机房目前有中国香港和美国洛杉矶、硅谷等地,线路都非常不错,香港为三网直连,电信走CN2,洛杉矶线路为三网回程CN2 GIA,10gbiz商家七月连续推出各种优惠活动,除了延续之前的VPS产品4折优惠,目前增加了美国硅谷独立服务器首月半价的活动,有需要的朋友可以看看。10gbiz优惠码...

瓜云互联:全场9折优惠,香港CN2、洛杉矶GIA高防vps套餐,充值最高返300元

瓜云互联怎么样?瓜云互联之前商家使用的面板为WHMCS,目前商家已经正式更换到了魔方云的面板,瓜云互联商家主要提供中国香港和美国洛杉矶机房的套餐,香港采用CN2线路直连大陆,洛杉矶为高防vps套餐,三网回程CN2 GIA,提供超高的DDOS防御,瓜云互联商家承诺打死退款,目前商家提供了一个全场9折和充值的促销,有需要的朋友可以看看。点击进入:瓜云互联官方网站瓜云互联促销优惠:9折优惠码:联系在线客...

445端口为你推荐
L1苹果5汉语163点击ipad支持ipadoutput_buffering飞飞的官方网站是啥iexplore.exe应用程序错误iexplore.exe应用程序错误icloudiphone苹果手机显示"已停用,连接itunes"是什么意思icloudiphone苹果6显示已停用请连接itunes什么意思googleadsensegoogle adsense 和google adwords有什么区别?适合什么样的人群?googleadsense我申请Google AdSense要怎样才能通过Google AdSense呀?
台湾主机 哈尔滨服务器租用 出租服务器 花生壳免费域名申请 主机屋 阿云浏览器 息壤主机 mediafire下载 谷歌香港 好看的留言 标准机柜尺寸 数字域名 服务器监测 新世界服务器 双线机房 稳定空间 石家庄服务器 phpwind论坛 压力测试工具 招聘瓦工 更多