[Port] One of the basic knowledge about how to close a port hacker

Windows has many open ports. When you access the Internet, network viruses and hackers can connect to your computer through these ports. To change your system to a copper wall, you should close these ports, mainly including TCP 135, 139, 445, 593, 1025, and UDP 135, 137, 138, and 445, some popular Backdoor Ports (such as TCP 2745, 3127, and 6129) and remote service access port 3389. The following describes how to disable these Network Ports in WINXP/2000/2003:


Step 1: click "start" menu/settings/control panel/management tools, double-click to open "Local Security Policy", select "IP Security Policy, on the local computer ", right-click the blank position in the right pane, and select "create IP Security Policy" in the shortcut menu. A wizard is displayed. Click "Next" in the Wizard to name the new security policy. Then, press "Next" to display the "Secure Communication Request" screen, remove the hooks on the left of "Activate default rules" on the screen. Click "finish" to create a new IP Security Policy.


Step 2: Right-click the IP Security Policy and in the "properties" dialog box, remove the hooks on the left side of "use add wizard" in the lower right corner, click "add" to add a new rule. Then, the "new rule attributes" dialog box is displayed. Click "add" in the lower left corner to bring up the IP Filter list window. In the list, first, remove the hook on the left of "use add wizard" in the middle line, and then click "add" on the right to add a new filter.


Step 3: Go to the "Filter Properties" dialog box. First, you will see addressing. Select "any IP Address" as the source address, and select "my IP Address" as the target address "; select the 2nd "protocols" tab in the top three menus and select "TCP" from the drop-down list of "select protocol type ", enter "135" in the text box under "to this port" and click "OK" to add a filter to shield the TCP 135 (RPC) port, it prevents external connection to your computer through port 135.


Click "OK" and return to the filter List dialog box. A policy has been added, repeat the preceding steps to add TCP 137, 139, 445, 593, UDP 135, 139, and 445 ports and create corresponding filters for them.


Repeat the preceding steps to add a blocking policy for TCP ports 1025, 2745, 3127, 6129, and 3389, create a filter for the preceding port, and click OK.


Step 4: In the "new rule attributes" dialog box, select "new IP Filter list" and click a dot in the circle on the left to indicate that the IP address has been activated, click the filter action tab. On the "Filter Operations" tab, remove the hooks on the left of "use add wizard", click "add", and on the "Security Measures" tab, select "Block ", click "OK.


Step 5. Enter the "new rule attributes" dialog box and click "New Filter operation". A dot is added to the circle on the left to indicate that the operation has been activated. Click "close" to close the dialog box; return to the "new IP Security Policy attributes" dialog box, tick the left side of the "new IP Filter list", and click "OK" to close the dialog box. Return to the "Local Security Policy" window, right-click the newly added IP Security Policy, and select "Assign ".


Note: If the system prompts that "IPSec service" is not running, return to "desktop", right-click "my computer", and press "manage ", click "service and application" at the bottom, select "service", double-click it, and find "IPSec service" to enable it.


If you find that your computer is infected with a virus and you know the port on which it is connected, you can use this method to disable it, but the source address must be changed to "my IP Address ", the target address is changed to "any IP Address.