To turn off various port methods for Windows systems

For the security of Windows system ports, open only the ports that are needed and turn off unwanted system ports to maximize the likelihood of being attacked. This article describes how to turn off some of the system's ports by using Group Policy and modifying the system to help prevent illegal intrusion.

Part I. Group Policy method

The first step, click Start, Run, gpedit.msc, double-click to open the Local security policy, select IP Security Policy, on the local computer, in the right pane in the blank location of the right mouse click, in the pop-up shortcut menu to choose to create IP Security policy, so pop-up a wizard. Click the Next button in the wizard to name the new security policy (no renaming is possible, the following are examples that are not renamed, and the next step is to display a secure communication request screen, to cancel the hook on the left side of the active default rule on the screen, and click the Finish button to create a new IP Security policy.

Second, right click on the IP Security Policy, in the Properties dialog box, remove the hook using the left side of the Add Wizard, and then click the Add button to add a new rule, which then pops up the new Rule Properties dialog box. Click the Add button in the dialog box to eject the IP Filter List window, and in the list, remove the hook to the left of the Add Wizard, and then click the Add button on the right to add a new filter.

The third step is to enter the Filter Properties dialog box, first see is addressing, the source address selected any IP address, the destination address selected my IP address; Click on the Protocol tab, select TCP in the Select protocol type Drop-down list, and then enter 135 in the text box to this port and click OK. This adds a filter that masks the TCP135 (RPC) port, which prevents the outside world from connecting to your computer via port 135. Click OK to return to the Filter List dialog box, you can see that a policy has been added. Repeat the steps above to continue adding TCP137, 139, 445, 593 ports and UDP135, 139, 445 ports, or you can continue to add filters for TCP1025, 2745, 3127, 6129, 3389 ports. Finally click the OK button.

Step fourth, in the New Rule Properties dialog box, select the new IP filter list, and then click on its left circle to add a point, indicating that it has been activated, then click on the Filter Action tab, in the Filter Action tab, also use the Add Wizard to the left of the hook to cancel, click the Add button, add block action; In the Security tab of the new Filter Action property, select Block and click OK.

Step Fifth, enter the new Rule Properties dialog box, clicking on the new filter action, the circle on the left adds a point indicating that it is activated, clicks the Close button, closes the dialog box, returns to the new IP Security Policy Properties dialog box, hooks to the left of the new IP filter list, and presses the OK button to close the dialog box. Go back to the Local Security Policy window, right-click the newly added IP Security policy, and select Assign.

After reboot, the above network port in the computer is shut down, the virus and hacker can no longer connect these ports, thus protects our computer. (some user admin's password is empty, is not good, this can give the person opportunity.) Another Win9x is not the same as the WIN2000/XP kernel, and the settings are different. )

Part Ii. modifying system methods

WinXP find which network services are running locally, command

Netstat-an

Netstat-ano

View local specific port connections

NETSTAT-ANP TCP | Find ": 1367"

1. Turn off TCP ports 25, 80, 443 (SMTP service, HTTP service and IIS Management Service (Win2000 Service-related))

Turn off the IIS Admin service! The following services will be closed!

Related services (World Wide Web Publishing Service; Simple Mail Transport Protocol (SMTP))

The easiest way to prevent the IIS service from restarting again with the system is to remove the IIS component and select Add/Remove in Control Panel

Command:

net stop IISAdmin

2. Close the Win2000 server and services! (Distributed Transaction Coordinator service)

The side-by-side transaction service installs and launches and opens TCP port 3372 and a port greater than 1023 on Windows Server.

Command

net stop MSDTC