First, view the ports that are open:
1. View open ports (win2000/xp/server2003) with the system's own MS-DOS command
At the start-run-input cmd, break into netstat-an (note-There is a small space before), at the IP address "," followed by the port number. (-a indicates that all current connections and listening ports are displayed, and-n means that addresses and port numbers are displayed in numeric format). Common sense: TCP (transmission Control Protocol, Transmission Protocol) and UDP (User Datagram Protocol, The user packet protocol is the communication protocol that transmits data on the network, the UDP protocol is non-connected, and the TCP protocol is connection-oriented, their respective port numbers are independent, the columns such as TCP can have a 255 port, UDP can have a 255 port, they do not conflict.
2. View open ports with third-party software
(1) Example: Active Ports (smartline): can be used to monitor all open tcp/ip/udp ports, display all of your ports, and also show all the ports and the path of the corresponding program, Check whether the local IP and remote IP (the IP you are trying to connect to your computer) are active. (2) Columns such as: Fpor command-line tool: Features small, but the function is as good as active ports Oh, you can also view the port and the corresponding program path. The display mode is: Pid Process Port Proto Path, 392 svchost, 113 tcp,c:\winnt\system32\vhos.exe. (3) For example: Firewall or anti-poison tool network activity display: such as rising firewall can be in time to refresh the open port and related processes, anti-spy experts also have this function, such a lot of software, do not cite.
two, the method of restricting or shutting down the port:
1. Ports (win2000/xp/server2003) required to "limit opening" via the system's own functionRestrict server ports through the system's own TCP/IP filtering capabilities, control Panel-Network Connections-local connections-right-properties, and then select Internet (TCP/IP)-Properties-Advanced-Options-check TCP/IP filtering-Properties, which are divided into 3 items, namely TCP, UDP, IP protocol, assuming that my system only want to open 21, 80, 25, 110 of these 4 ports (QQ is 4000 port), as long as the "TCP port" tick "allow only" and then click "Add" to add these ports to the inside, then OK, restart after the effective.
2. Add "allowed through" ports through the system's own firewall(1) winxp/server2003 Control Panel without upgrade SP2-Network connection-Local connection-Properties-Advanced, select the option under "Inernet Connection Firewall" so that the firewall will start automatically, click "Settings" and we Can "service" in the "Advanced Settings" window. tab, click the "Add" button, in the "Service Settings" dialog box, the service description, computer name or IP address, port number, is TCP or UDP, after filling out the check confirmation, if you do not need to remove the check confirmation. (the "Local Area Connection" icon will appear with a cute little lock after the firewall starts.) ) (2) Upgrade Wiin XP SP2 Windows XP Control Panel-windows Firewall-exception-add port, after name, enter port number, confirm TCP or UDP protocol, then confirm, check before you name this setting, indicate allow pass this port, do not tick indicate no exception.
3. Use the "Local Security Policy" feature to close the port (WINXP home version does not have this feature)
Turn off tcp:135 (Win2000, WinXP Prevent RPC135 Overflow vulnerability), 139, 445 (registry "Hkey_local_machine\\system\\currentcontrolset\\services\\ Netbt\\parameters "appended with the DWORD value named" Smbdeviceenabled "and set it to 0 to disable 445 ports), 593, 1025 and udp:135, 137, 138, 445 ports, Turn off backdoor ports for some popular viruses (such as tcp 2745, 3127, 6129 ports), and remote service access port 3389. Here are a total of 8 steps. ⑴ Control Panel-Administrative tools, open "Local Security policy", check "ip security policy, on local Computer", right click in the left margin of the right window, pop-up shortcut menu, select "Create IP Security Policy", then pop up a wizard, In the wizard, click the "Next" button to name the new security policy, and then press "next" to display the "Secure Communication Request" screen, on the screen to "activate the default corresponding rules" to the left of the hook removed, click "Finish" button to create a new ip security policy. ⑵ Right-click the IP Security Policy, in the Properties dialog box, remove the hook to the left of the Use Add Wizard, then click the Add button to add a new rule, then pop up the new Rule Properties dialog box, click the Add button on the screen to pop up the IP Filter List window, and in the list, first Use the Add Wizard to remove the left hook, and then click the Add button on the right to add a new filter. ⑶ go to the Filter Properties dialog box, first see is addressing, source address select "Any IP address", the destination address selected "My IP address", click on the "Protocol" tab, in the "Select protocol type" drop-down list, select " TCP ", then enter" 135 "in the text box under" To this port "and click the" OK "button to add a filter that masks the tcp 135 (RPC) port to prevent the outside world from connecting to your computer via port 135. ⑷ Click "OK" to return to the Filter List dialog box, you can see that a policy has been added, repeat the above steps to continue adding tcp 137, 139, 445, 593 ports and UDP 135, 139, 445 ports, set up appropriate filters for them。 ⑸ repeat the above steps to add tcp 1025, 2745, 3127, 6129, 3389 Port shielding policy, set up the above port filter, and finally click the "OK" button. ⑹ in the New Rule Properties dialog box, select New IP filter list, then click on the circle to the left to add a point indicating that it has been activated, and then click the Filter Actions tab. On the Filter Actions tab, remove the hooks to the left of the Use Add Wizard, click the Add button, add a block action, and in the Security tab of the new Filter action properties, select Block, and then click OK. ⑺ Enter the new Rule Properties dialog box, click on the "New filter Action", the circle on the left side will add a point, indicating that it has been activated, click the "Close" button to close the dialog box, and finally go back to the "New IP Security Policy Properties" dialog box, click on the "New IP filter List" to the left, press " OK button to close the dialog box. In the Local Security Policy window, right-click the newly added IP security Policy, and then select Assign. ⑻ Restart the computer after the end of these ports are closed ~ ~
4. Close the port while shutting down the system serviceControl Panel-management tools-services. ⑴ off 7.9, etc. port: Close Simple TCP/IP service, support the following TCP/IP services: Character Generator, Daytime, Discard, Echo, and Quote of the day. ⑵ shut down Port 80: Turn off WWW service. Display the name "World Wide Web Publishing Service" in services and provide Web connectivity and management through the Internet Information Services snap-in. ⑶ Turn off port 25: Close the Simple Mail Transport Protocol (SMTP) service, which provides the ability to deliver e-mail across the network. ⑷ Turn off Port 21: Turn off the FTP Publishing Service, which provides services that provide FTP connectivity and management through the Internet Information Services snap-in. ⑸ Turn off Port 23: Turn off the Telnet service, which allows remote users to log on to the system and run the console program using the command line. ⑹ shuts down the server service, which provides RPC support, file, print, and named pipe sharing. Turn it off and turn it off. Win2K default shares, such as Ipc$, C $, admin$, etc., this service shutdown does not affect your co-operation. ⑺ off 139 ports, 139 ports are NetBIOS session ports for file and print sharing, note that UNIX machines running Samba also open 139 ports, functionally the same. Before Streamer 2000 to determine the other host type is not too accurate, estimated that 139 port open is not considered NT machine, now good.
Close method:In Network connections, choose Internet Protocol (TCP/IP) properties in local Area Connection, enter advanced TCP/IP settings, WINS settings, there is a "Disable TCP/IP NetBIOS", tick off 139 port. For individual users, it can be set to "disabled" in the various service property settings, so that the next restart of the service will also be restarted and the port open.
5. Close the port via a third-party firewall
For example domestic: Skynet, Jinshan, rising; foreign: Norton, IIS. This kind of firewall shutdown port is more convenient, add close on OK, generally have special setting options. Download which firewall to see its Help settings ~. Additional
Sometimes, we configure a port in the program, but the program always does not come up, many times the port is the other program occupation caused. Most often encountered is configured on the machine a number of Web servers, when the server is stopped, the process for some reason is not automatically stopped, but we did not notice that ...
Under Windows you can look at the command Netstat-nao, then find the value of the PID field and go to Windows Task Manager. The default Windows Task Manager does not show the value of this field and can be checked in the "View", "Select Column" menu.
Under Linux, you can use NETSTAT-NAOP to look at the same PID field. Know the PID under Linux, then how to play next, it must be everyone knows
View Windows port and port shutdown methods
