How to disable ports 135, 139, 445, 593, and 1025 in TCP (recorded), 5931025

Source: Internet
Author: User

How to disable ports 135, 139, 445, 593, and 1025 in TCP (record), 5931025

Procedure: Close the port to prevent access to these ports by network viruses, so as to ensure computer security and reduce the impact of viruses on Internet access speed.
Recently, we have found that some people are infected with a new network worm, which cannot be eliminated by using the shock wave virus exclusive tool. Please upgrade the antivirus software virus library on your computer as soon as possible, scan the hard disk when the computer network is disconnected to scan for viruses. If you have installed the firewall software, close the inbound and outbound connections between TCP 135, 139, 445, 593, 1025, and UDP 135, 137, 138, and 445. In addition, you can also close some popular Backdoor Ports, such as TCP 2745, 3127, and 6129, so you can temporarily block incoming connections to these ports.
At present, many viruses may speculate on the user name and password of computer users and brute force cracking. For your computer's security, set a secure and difficult-to-guess password for your computer.
Procedure
Open Control Panel (the connection to Control Panel can be found in my computer or in the settings menu in the Start menu)
On the Control Panel, find management tools ".
Double-click to open "Administrative Tools" and find "Local Security Policy ".
Double-click "Local Security Policy" and find "IP Security Policy", 1.

Figure 1: Find "IP Security Policy" of "Local Security Policy"
Right-click the blank position in the right pane and select "create IP Security Policy" from the shortcut menu"

Figure 2: Create a new policy
Click "Next" in the Wizard to name the new security policy on the second page, or click "Next ".
When you arrive at "Secure Communication Request", the "Activate default rules" option is selected by default. Please click this option box and change the selected status to the unselected status, click "Next ".

Figure 3: Do not activate the default selected status
Click "finish", "Edit attributes", and "4.

Figure 4: Add a new policy
In the "properties" dialog box, check whether the "use add wizard" is selected. if selected, click it to make it unselected, and then click "add. 5.

Figure 5: click "add" to add a new connection rule
In the "new rule attributes" dialog box, click "add", and then click "6.

Figure 6: Add a new rule
In the IP policy list, unselect the "use add wizard" option and click "add. 7.

Figure 7: Add a new filter
In the "Filter Properties" dialog box, you first see addressing. Select "any IP Address" as the source address, and select "my IP Address" as the target address.

Figure 8: Filter attributes
Click the "protocol" tab. First, select "TCP" in the drop-down list under "select protocol type", and then the "SET protocol port" in the gray mode will become colored, enter "135" in the text box under "to this port", and then click "OK. 9.

Figure 9: Add a filter to shield the TCP 135 (RPC) Port
Return to the filter List dialog box. You can see that a policy has been added. Repeat steps 11, 12, and 13, add TCP 137, 139, 445, 593, and UDP 135, 139, and 445. Because some worms scan your computer's TCP ports 1025, 2745, 3127, and 6129, you can also temporarily Add a blocking policy for these ports to discard the packets that access these ports, do not respond, reduce the impact on your Internet access. Click "close. 10.

Figure 10: Repeat the operation steps to add port filtering
In the "new rule attributes" dialog box, click "new IP Filter list". A dot is added to the circle on the left to indicate that it has been activated. Then, click the "Filter Operations" tab, and click "11.

Figure 11: Activate the "new IP Filter list"
On the "Filter Operations" tab, do not select "use add wizard" and click "add. 12th.

Figure 12: Add a filter
On the "Security Measures" tab of "New Filter operation properties", select "Block" and click "OK. 13th.

Figure 13: Add a "Block" Operation
In the "new rule attributes" dialog box, you can see a new "filter operation". Click this "new filter operation", and a dot is added to the circle on the left, it indicates that it has been activated. You can click "close" to close the dialog box. Fourteen.

Figure 14: Activate "New Filter operation"
Return to the "new IP Security Policy attributes" dialog box and press the "close" button to close the dialog box. 15th.

Figure 15: Close the "new IP Security Policy attributes" dialog box
Finally, return to the "Local Security Policy" window, right-click the newly added IP Security Policy, and select "Assign" and then select ".

Figure 16: assign a new IP Security Policy
Now, your computer has the ability to temporarily protect against the RPC worm.
Finally, please visit the RPC Vulnerability here, MS04-011 security vulnerability announcement patch download web page, download the patch suitable for your computer, and then go to the Windows Update Website, download the latest Windows Update patch for your computer.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.