端口如何屏蔽135 139 445 3389端口 网络端口安全防护技巧(How to shield 1351394453389 port network port security protection skills)

445端口  时间:2021-04-18  阅读:()

如何屏蔽135 139 445 3389端口+网络端口安全防护技巧How toshield 1351394453389 port + network port security protectionskills

Windows has many ports that are open. When you're on theInternet, network viruses and hackers can connect to yourcomputer through these ports. In order to make your system intothese ports should be closed, iron bastions, mainly include:TCP 135, 139, 445, 593, 1025, 137, 135 and UDP port 138, port445, some of the popular virus backdoor port (such as TCP 2745,3127, 6129, port) and remote service access port 3389.Following introduction

How do I close these network ports under WinXP/2000/2003?:The first step, click the"start menu/settings/control panel/management tools, double-click to open local security policy,select the" IP security policy, on the local computer, clickin the empty space right the right pane, pop-up shortcut menu,select "create IP security policy" (right) , so apop-upwizard.In the wizard, click "next" button, named the new securitypolicy; and then click "next", shows the "safety communicationrequest"picture, "activate the default rules" on the left sideof the hook removed on the screen, click "finish" button tocreate a new IP security strategy.

The second step, right-click the IP security policy, in theproperties dialog box, use the wizard to add "left hook toremove, and then click the Add button to add new rules, thenpop up" the new rules Properties dialog box, click the Addbutton on the screen, playing a IP filter list window; in the

list, the first to use the add wizard left hook removed, andthen click the "add" button to add a new filter.

The third step, enter the filter properties dialog box, seefirst is addressing the source address select any IP address,destination address "my IP address"; click"agreement" tab, inthe "select the protocol type" drop-down list, select the "TCP",then "to the port" the text box enter "135", click "OK" button(left) , then add a shield TCP 135 port (RPC) filter, which canprevent the outside through the 135 port on your computer.Click "OK" to filter list dialog box, you can see has added astrategy, repeat the above steps to add TCP 137, 139, 445, 593,139, 135 UDP port and 445 port, the establishment of thecorresponding filters for them.

Repeat these steps to add TCP, 1025, 2745, 3127, 6129, and 3389port shielding strategies, establish a filter for the aboveport, and click the OK button at last.

The fourth step, in the "new rules properties" dialog box,select the "newIPfilterlist", thenclickthe left circle witha point that has been activated, and finally click the filteraction tab. In the filter tab, use the wizard to add "left hookremoved, click the Add button, add a" stop"operation (right) :"filter actionattribute "" security"tab, select" stop"button,then click" OK ".

The fifth step, into the "new rules of the properties dialogbox, click the"newfilter operation", to the left of the circlewith a point that has been activated, click" close "button to

close the dialog box; finally returned to the new IP securitypolicy properties dialog box, tick the" new IP filter list "onthe left, clickOKto close thedialogbox. Inthe local securitypolicy window, with the right mouse wants to hold more green?IP security strategy, and then select "assigned".

Thus, after restarting, the network port in the computer isclosed, and the virus and the hacker can not connect to theseports anymore, thus protecting your computer.

Router settings:

1, close 7.9 and so on port: close SimpleTCP/IPService, supportthe following TCP/IP services: CharacterGenerator, Daytime,Discard, Echo, and QuoteoftheDay.

2, turn off 80: turn off the WWW service. In service, displaythe name "WorldWideWebPublishingService" and provide the Webconnection and management through the management unit of theInternet information service.

3, turn off the 25 port: turn off the

SimpleMailTransportProtocol (SMTP) service, it provides thefunction is to send e-mail across the network.

4, turn off the 21 port: turn off FTPPublishingService, whichprovides services through the Internet information servicemanagement unit to provide FTP connection and management.5, turn off the 23 port: turn off the Telnet service, whichallows remote users to log on to the systemand run the console

program using the command line.

6, there is also avery important thing is to turn off the serverservice,

This service provides RPC support, documentation, printing,and named pipe sharing. Turn off it and turn off the defaultshare of Win2K, such as ipc$, c$, admin$, and so on. This serviceis closed and does not affect your common operation.

7, and there is a 139 port, 139 port is NetBIOSSession port,used to file and print sharing, note that the samba machinerunning UNIX also opened 139 ports, the same function. Beforestreamer 2000 used to determine the other host type is notaccurate, it is estimated that 139 ports open, both consideredNT, and now good.

Listen to the closed 139 method is in the network and dial upconnections "in the" local connection "selected" Internetprotocol (TCP/IP) into the "TCP/IP" attribute, advancedsettings ""WINS settings "is a" disable TCP/IP NETBIOS ", tickoff Port 139.

For individual users, you can set it as "disable" in eachservice property setting so that the next restart service willbe restarted and the port will be open.

We generally use some powerful anti - Black software andfirewalls to ensure our system security, but some users do nothave the above conditions. What shall I do?Here' s a simple wayto help prevent illegal intrusions by restricting ports.

The mode of illegal invasion

In brief, the way of illegal invasion can be roughly dividedinto 4 kinds:

1, scan port, through the known system Bug into the host.2, grow Trojan, use Trojan to open the back door, enter host.3, the use of data overflow means, forcing the host to provideback door access to the host.

4, use some software design vulnerabilities, directly orindirectly control the host.

The main way of illegal intrusion is two, especially the useof some popular hacking tools, the host through the first wayto attack the most, is the most common; and the last two ways,only some superb means of hacking to use, does not spreadwidely,and as long as these two kinds of problems software, serviceproviders will soon provide patches, timely repair system.Therefore, if we can restrict the first two kinds of illegalintrusions, we can effectively prevent the illegal invasion ofhacker tools. Moreover, the first two illegal intrusions haveone thing in common, that is, access to the host through theport.

Ports are like a few doors of a house (server) , and differentdoors lead to different rooms (different services provided by

the server) . Our common FTP default port is 21, while the WWWweb page generally defaults to port 80. But some sloppy networkadministrators often opened some easy invasion of port services,such as 139; there are some Trojans, such as ice, BO, etc. , arenot aware of you open a port automatically. So, as long as wedo not use their own ports all blocked up, does not put an endto these two illegal invasion?

Method for restricting ports

For individual users, you can limit all ports, because you don'thave to make your machine to provide any service to the outside;and to provide network services to foreign servers, we need tohave to use ports (such as the WWW port 80, FTP port 21, mailservice ports 25, 110) , other the port is closed.

Here, for users using Windows2000 or WindowsXP, there is no needto install any other software, and you can use the TCP/IP filterfeature to restrict the server' s ports. Specific settings areas follows:

1, right-click on the "network neighborhood", select

"properties", and then double-click"local connection" (if thedial-up Internet users, select my connection icon) , pop-up the"local connection status" dialog box.

2, click the [properties] button, pop-up the local connectionproperties, select this connection, use the following items inthe Internet protocol (TCP/IP) , and then click the [properties]button.

3, click the [advanced] button in the pop-up Internet protocol(TCP/IP) dialog box. In the pop-up"advanced TCP/IP settings",select the Options tab, select TCP/IP filter, and then clickthe properties button.

4, in the pop-up TCP/IP Filter dialog box, select the TCP/IPenabled filter check box, and then leave the "TCP port" on the"only allowed" election (see figure) .

In this way, you can come to add or delete your TCP or UDP orIP ports.

After you add or delete, restart your machine, your server isprotected.

If you only browse the Internet, you can not add any port. Buttouse somenetworkcontact tools, such as OICQ, it is necessaryto open the port "4000",

Similarly, BitComet ports: TCP:8927, UDP:8927

If you find a common network tool that doesn't work, make sureit' s on the port where your host is running, and then add portsin the TCP/IP filter.





Detailed settings see Figure: inaccordancewith the red circlein turn opened, until the fourth chart, in accordance with thered circle position is set, and finally determine the way.

Reboot the system.

It' s also easy to change it. Change the last picture to thedefault setting and restart the OK

Network port security protection skills (append one)

Communications between computers through ports, for examplewhen you visit awebsite, Windows will open aport on the machine(for example, port 1025) a port to connect to the web serverand the distance, so when you visit someone else. By default,Windows will open many service ports on your computer, andhackers often use these ports to implement intrusions.Therefore, mastering port knowledge is an essential skill forsecure Internet access.

Common ports and their classification

The computer needs to use TCP/IP protocol to communicate witheach other on the Internet. According to the TCP/IP protocol,the computer has 256 * 256 (65536) ports. These ports can bedivided into two kinds: TCP port and UDP port. If the port numberis divided, they can be divided into the following twocategories:

1. system reserved port (from 0 to 1023)

The port does not allow you to use, they all have the exactdefinition, corresponding to some common services on theInternet, each open the port, represents a system service, suchas port 80 on behalf of the Web service. 21 corresponds to FTP,

25 corresponds to SMTP, 110 corresponds to POP3, and so forth(Figure 1) .

2. dynamic ports (from 1024 to 65535)

When you need to communicate with others, Windows will assigna dynamic port from the 1024, and if the 1024port is not closed,1025 ports will beallocated for youtouse whenyouneed aport,and so on.

However, there are individual system services that bind toports 1024 to 49151, such as 3389 ports (remote terminalservices) . From49152 to 65535, this port is usually not bundledwith system services, allowing Windows to be dynamicallyallocated to you.

Two, how to see which ports are open?

In default, Windows opens many "service ports". If you want tosee which ports are open and which computers are connecting tothe machine, you can use the following two methods.

1. using the netstat command

Windows provides the netstat command to display the currentTCP/IP network connection. Note that only the TCP/IP protocolis installed before you can use the netstat command.

How to do it: click "start, program, annex, command prompt",enter the DOS window, enter the command netstat, -na enter, soit will show the connection and the open port, as shown in figure

1C2G5M轻量服务器48元/年,2C4G8M三年仅198元,COM域名首年1元起

腾讯云双十一活动已于今天正式开启了,多重优惠享不停,首购服务器低至0.4折,比如1C2G5M轻量应用服务器仅48元/年起,2C4G8M也仅70元/年起;个人及企业用户还可以一键领取3500-7000元满减券,用于支付新购、续费、升级等各项账单;企业用户还可以以首年1年的价格注册.COM域名。活动页面:https://cloud.tencent.com/act/double11我们分享的信息仍然以秒...

瓜云互联-美国洛杉矶高防CN2高防云服务器,新老用户均可9折促销!低至32.4元/月!

瓜云互联一直主打超高性价比的海外vps产品,主要以美国cn2、香港cn2线路为主,100M以内高宽带,非常适合个人使用、企业等等!安全防护体系 弹性灵活,能为提供简单、 高效、智能、快速、低成本的云防护,帮助个人、企业从实现网络攻击防御,同时也承诺产品24H支持退换,不喜欢可以找客服退现,诚信自由交易!官方网站:点击访问瓜云互联官网活动方案:打折优惠策略:新老用户购买服务器统统9折优惠预存返款活动...

亚洲云-浙江高防BGP.提供自助防火墙高防各种offer高防BGP!

 亚洲云Asiayun怎么样?亚洲云Asiayun好不好?亚洲云成立于2021年,隶属于上海玥悠悠云计算有限公司(Yyyisp),是一家新国人IDC商家,且正规持证IDC/ISP/CDN,商家主要提供数据中心基础服务、互联网业务解决方案,及专属服务器租用、云服务器、云虚拟主机、专属服务器托管、带宽租用等产品和服务。Asiayun提供源自大陆、香港、韩国和美国等地骨干级机房优质资源,包括B...

445端口为你推荐
1前言2区块链应用产业发展现状配置routelowercasecssadbandroid支持ipad支持ipad深圳市富满电子集团股份有限公司traceroute网络管理工具traceroute是什么程序phpecho为什么在PHP中使用echo FALSE;什么也输出不了?应该如何输出FALSE?谢谢!ms17-010win10蒙林北冬虫夏草酒·10年原浆1*6 500ml 176,176是一瓶的价格还是一箱的价格
域名停靠 域名投资 未注册域名查询 大硬盘 海外服务器 paypal认证 双11抢红包攻略 丹弗 嘟牛 web服务器架设 asp免费空间申请 重庆双线服务器托管 爱奇艺会员免费试用 万网空间购买 网页提速 smtp服务器地址 photobucket 乐视会员免费领取 512内存 wannacry勒索病毒 更多