New measures to protect network security: turn off unnecessary ports

Users who have Internet access should know that there are network ports in the network, and there are many, but these ports are all used, of course, not all of them are used. And the virus will enter from the port, so usually some unnecessary ports are best turned off. Each service corresponds to the corresponding port. For example, the well-known WWW service port is 80, smtp is 25, and ftp is 21. The default is to open these services in win2000 installation. It is really unnecessary for individual users. Turning off the port means turning off useless services. “Control Panel" Administrative Tools""Service” in the configuration.

1. Close port 7.9 and so on: Close Simple TCP/IP Service and support the following TCP/IP services: Character Generator, Daytime, Discard, Echo, and Quote of the Day.

2, close 80: Turn off the WWW service. The name ""World Wide Web Publishing Service" is displayed in "Services", providing Web connectivity and management through the snap-in of Internet Information Services.

3. Turn off port 25: Turn off the Simple Mail Transport Protocol (SMTP) service, which provides the ability to send email across the network.

4. Turn off port 21: Close the FTP Publishing Service, which provides services for FTP connection and management through the management unit of the Internet Information Service.

5. Turn off port 23: Turn off the Telnet service, which allows remote users to log in to the system and run the console program using the command line.

6. Another important thing is to turn off the server service, which provides RPC support, file, print, and named pipe sharing. Turning it off turns off Win2k's default share, such as ipc$, c$, admin$, etc. This service shutdown does not affect your shared operations.

7, there is one is 139 port, 139 port is NetBIOS Session port, used for file and print sharing, note that the Unix machine running samba also open 139 port, the same function. In the past, Streamer 2000 was used to judge the host type of the other party is not accurate. It is estimated that the port 139 is open and considered to be an NT machine. Now it is good. To close the 139 listening method, select "Internet Protocol (TCP/IP)" attribute in "Network and Dial-up Connection" in the "Local Area Connection", enter "<quo;Advanced TCP/IP Settings" " WINS "Settings" has a "NETBIOS" for disabling TCP/IP, and ticked off port 139. For individual users, you can set it to “disable” in each service property setting to avoid restarting the service next time, and the port is also open.

Know what these ports are all about, or if you have a good way to maintain network security, you don't have to shut down. If you think that these ports are not useful, you can choose to disable them.