IP Security Policy Shutdown Port Description _win server

Source: Internet
Author: User
In order for your system to become an impregnable fortress, you should close these ports,
The main are: TCP 135, 139, 445, 593, 1025 ports and
UDP 135, 137, 138, 445 ports,
Some popular virus backdoor ports (such as TCP 2745, 3127, 6129 ports), and remote service access port 3389. The following describes how to turn off these network ports under winxp/2000/2003:

First, click on the "Start" menu/setup/Control Panel/Admin tool, double-click to open Local Security policy, select IP Security Policy, on local computer, right-click in a blank location in the right pane, pop-up shortcut menu, select Create IP security policy (such as the right), and then pop up a wizard. In the wizard, click the "Next" button, name the new security policy, and then press "next" to display the "Secure Communications Request" screen, remove the hook to the left of the "Activate Default Rule" button on the screen, and click "Finish" to create a new IP Security policy.

The second step, right-click the IP Security Policy, and in the Properties dialog box, remove the hook to the left of the Use Add Wizard, and then click the Add button to add a new rule, and then pop the new Rule Properties dialog box, click the Add button on the screen, and pop up the IP Filter List window; In the list, first put the Use the Add Wizard to remove the hook on the left, and then click the Add button on the right to add a new filter.

Step three, enter the Filter Properties dialog box, where you first see the addressing, select "Any IP address" from the source address, choose "My IP Address" for the destination address, click the "Protocol" tab, choose "TCP" in the "Select protocol type" Drop-down list, and then enter "135" in the text box under "to this port".   Click on the "OK" button (pictured on the left) to add a filter that shields the TCP 135 (RPC) port from being connected to your computer via port 135. When you click OK to go back to the Filter List dialog box, you can see that you have added a policy, repeat the steps to continue adding TCP 137, 139, 445, 593 ports, and UDP 135, 139, 445 ports, and set up the appropriate filters for them. Repeat the above steps to add TCP 1025, 2745, 3127, 6129, 3389 port shielding policy, set up the above port filter, and finally click the "OK" button.

Step fourth, in the New Rule Properties dialog box, select New IP filter list and click on the circle to the left to add a point indicating that it has been activated, and then click the Filter Action tab. In the Filter Actions tab, remove the hook to the left of the "Use Add Wizard" and click the "Add" button to add a "block" action (right): In the Security tab of the new Filter action properties, select Block, and then click OK.

Step fifth, go to the New Rule Properties dialog box and click "New Filter Action", the circle on the left adds a point indicating that it has been activated, clicks the Close button, closes the dialog box, returns to the new IP Security Policy Properties dialog box, hooks to the left of the new IP filter list, and presses OK button to close the dialog box. In the Local Security Policy window, right-click the newly added IP security policy and choose Assign. After restarting, the network ports on the computer are shut down, and viruses and hackers can no longer connect to these ports, thereby protecting your computer.

Recently, the virus rampant, we recommend more cautious to the download of the file, in addition to the current many domestic software and Chinese-made installation program bundled rogue Plug-ins, everyone in the installation must pay attention to each step of the next! We are not going to take any of the bundled plugins ads, nor do we bundle the Plug-ins within the package.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.