Shulou(Shulou.com)06/01 Report--

Transfer to: http://www.cnblogs.com/pierre0505/articles/581361.html

How to shut down the port under Windows 2000:

Each service in Win 2000 corresponds to the corresponding port, for example, the port of the well-known WWW service is 80jie SMTP is 25Dec ftp is 21jie win 2000 installation, these services are enabled by default. It is really not necessary for individual users to turn off the port, which means shutting down useless services. It is necessary to judge whether a service is useful or not according to your own needs.

Configure it in Services in Administrative tools in Control Panel.

Close port 7.9, etc.: close Simple TCP/IP Service and support the following TCP/IP services: Character Generator, Daytime, Discard, Echo, and Quote of the Day.

Turn off port 21: turn off FTP Publishing Service, which provides services that provide FTP connectivity and management through the snap-in of Internet information services.

Turn off port 23: turn off the Telnet service, which allows remote users to log in to the system and run console programs using the command line.

Turn off port 25: turn off the Simple Mail Transport Protocol (SMTP) service, which provides the function of sending e-mail across the network.

Close 80 ports: turn off the WWW service. The name "World Wide Web Publishing Service" is displayed in the Service, which provides Web connectivity and management through the snap-in of the Internet Information Service.

Turn off default sharing: in Windows 2000, there is a "default share", which automatically shares the system installation partition when installing the server. Although the super user's password is needed to access it, this is a potential security hazard. From the security considerations of the server, it is best to turn off this "default share" to ensure system security. Click start / run, type "Regedit" in the run window, open the registry editor, expand "HKEY_LOCAL_MACHINE\ SYSTEM\ CurrentControlSet\ Lanmanworkstation\ parameters", create a double-byte value named "AutoShareWks" in the right window, and set its value to 0, (Win2000 Professional Win XP); [HKEY_LOCAL_MACHINE\ SYSTEM\ CurrentControlSet\ Services\ lanmanserver\ parameters]

"AutoShareServer" = dword:00000000 (win2000 server, win2003 server) so that the default share can be turned off completely. (by the way, remember to run net share centering contentment nbspandel under DOS, and several default shares will only be executed a few times, so don't tell me this won't happen:)

Close port 139: Port 139 is a NetBIOS Session port for file and print sharing. Note that the unix machine running samba also opens port 139 with the same function. The way to turn off the listening method is to select the "Internet Protocol (TCP/IP)" property in "Local connection" in "Network and Dial-up connection", enter a "disable TCP/IP NETBIOS" in "Advanced TCP/IP Settings" and "WINS Settings", and close port 139 by ticking.

For individual users, you can set it to "disabled" in the various service properties settings to avoid restarting the service and opening the port the next time you restart it.

Close port 445: modify the registry to add a key value

[HKEY_LOCAL_MACHINE\ SYSTEM\ CurrentControlSet\ Services\ NetBT\ Parameters]

"SMBDeviceEnabled" = dword:00000000

Turn off Terminal Services: open the "my computer" → control panel "→" add / remove programs "→" add remove Windwos components in the Windows2000 Sever version, and reverse install the "Terminal Connector"!

Modify the default port for Terminal Services:

Server side: open the registry, find the RDP-TCP-like subkey in "HKLM\ SYSTEM\ Current\ ControlSet\ Control\ Terminal Server\ Win Stations", and modify the PortNumber value.

Client: follow the normal steps to establish a client connection, select this connection, select Export from the "File" menu, and a file with the suffix .cns will be generated in the specified location. Open the file and change the "Server Port" value to the value corresponding to the server-side PortNumber. Then import the file (method: menu → file → import) so that the client modifies the port.

Prohibit: IPC$ empty connection

[HKEY_LOCAL_MACHINE\ SYSTEM\ CurrentControlSet\ Control\ Lsa]

"restrictanonymous" = dword:00000001

Remember to disable the service server ~ ipc$ default share deleted ~ ~ so that it will only be effective after restart.

Turn off unnecessary services, such as Messenge services, remote registry access services, Telnet services, of course, you can use black-based firewalls such as blackice to screen off, or use ipsec management policy to prohibit these ports ~ ~ everyone must think well or understand the role of disabled ports, or it may affect some of your operations. I hope it can be helpful to you.

How to shut down the port under WinXP:

As a widely used system, WinXP has been favored by more and more attackers. Of course, the easiest way to prevent it is to install a network firewall. But what can we do when there is no firewall? Shutting down useless ports in WinXP makes the system much more secure.

First, find out the ports that are open to you

Scanning the port and looking for loopholes is the basic idea for attackers to invade. It can be said that the more ports are open on the machine, the more likely it is for an attacker to invade, so we can improve the security of the computer by closing some ports that we don't use. So how do we know which ports are open for our WinXP? We can use the command "Netstat" to view the open ports in the system.

We need to use two parameters of this command:-an and-n. Parameter-a shows all current connection and listening ports, while parameter-n displays the address and port number in numeric format (instead of trying to find a name), which can be combined with: netstat-an to see how open the current port is. Through this command, if we find an abnormal port number listening, we can first go to the Internet to find the port number of common Trojans. If we find that there is a port used by Trojans, we should use the software to kill Trojans to check the system.

2. Close the useless port

After knowing how to check the ports of the machine, the next question is, which ports must be reserved and which ports can be closed? This problem is a little more complicated, because in addition to the 135,137,138,139 and 445 that WinXP opens by default, some network-related software needs to use some ports, such as QQ using port 4000. Here, the author imagines the situation as the simplest: a computer that only needs to browse the web. So for this system, let's configure it ourselves to improve security.

1. Close the port opened by the software. You can open the "properties" → "In  ternet protocol (TCP/IP)" → "properties"→" advanced "→" option "→" TCP/IP filter properties for the local connection, and then select "allow only". Please note that if you find that a commonly used network tool does not work, please find out which port it opens on your host, and then add the appropriate port in the "TCP/IP filter".

two。 Disable NetBIOS. Open the "Properties" → "Internet Protocol (TCP/IP)" → "property" → "Advanced" → "WINS" → "disable NetBIOS on TCP/IP" for the local connection. As a result, ports 137,138,139 are closed to prevent IPC$ intrusion.

3. Turn on the network firewall that comes with WinXP. Open the "Properties" → "Advanced" of the local connection, and after enabling the firewall, click Settings to set which services the system is open and closed. Generally speaking, these services can be left out, and after these services are turned off, the ports involved in these services will not be easily opened.

4. Disable port 445. Append a DWORD value named "SMBDeviceEnabled" to the registry "HKEY_LOCAL_MACHINE\ SYSTEM\ CurrentControlSet\ Services\ NetBT\ Parameters" and set it to 0 to OK.

Through the above settings, the security of your WinXP system will be greatly improved. It should be added that the article is aimed at machines that have direct dial-up access, not those that surf the Internet through gateway agents.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.