How to close the port? Make the server more secure!

Each service corresponds to the corresponding port. For example, the well-known WWW service port is 80, smtp is 25, and ftp is 21. The default is to open these services in win2000 installation. It is really unnecessary for individual users. Turning off the port means turning off useless services. “Control Panel" Administrative Tools""Service” in the configuration.

1. Close 7.9 and so on: Close SimpleTCP/IPService and support the following TCP/IP services: CharacterGenerator, Daytime, Discard, Echo, and QuoteoftheDay.

2, close 80: Turn off the WWW service. The name ""WorldWideWebPublishingService" is displayed in "Service", providing web connection and management through the management unit of Internet Information Services.

3. Turn off port 25: Turn off the SimpleMailTransportProtocol (SMTP) service, which provides the ability to send email across the network.

4, close the 21 port: close the FTPPublishingService, it provides the service is to provide FTP connection and management through the management unit of the Internet information service.

5. Turn off port 23: Turn off the Telnet service, which allows remote users to log in to the system and run the console program using the command line.

6. Another important thing is to turn off the server service, which provides RPC support, file, print, and named pipe sharing. Turning it off turns off Win2k's default share, such as ipc$, c$, admin$, etc. This service shutdown does not affect your shared operations.

7, there is one is 139 port, 139 port is NetBIOSSession port, used for file and print sharing, note that the Unix machine running samba also open 139 port, the same function. In the past, Streamer 2000 was used to judge the host type of the other party is not accurate. It is estimated that the port 139 is open and considered to be an NT machine. Now it is good. To close the 139 listening method, select "Internet Protocol (TCP/IP)" attribute in "Network and Dial-up Connection" in the "Local Area Connection", enter "<quo;Advanced TCP/IP Settings" " WINS "Settings" has a "NETBIOS" for disabling TCP/IP, and ticked off port 139. For individual users, you can set it to “disable” in each service property setting to avoid restarting the service next time, and the port is also open.

Each service corresponds to the corresponding port. For example, the well-known WWW service port is 80, smtp is 25, and ftp is 21. The default is to open these services in win2000 installation. It is really unnecessary for individual users. Turning off the port means turning off useless services.

“Control Panel> Administrative Tools>;<quo;Service”

1. Close 7.9 and so on: Close SimpleTCP/IPService and support the following TCP/IP services: CharacterGenerator, Daytime, Discard, Echo, and QuoteoftheDay.

2, close 80: Turn off the WWW service. The name ""WorldWideWebPublishingService" is displayed in "Service", providing web connection and management through the management unit of Internet Information Services.

3. Turn off port 25: Turn off the SimpleMailTransportProtocol (SMTP) service, which provides the ability to send email across the network.

4, close the 21 port: close the FTPPublishingService, it provides the service is to provide FTP connection and management through the management unit of the Internet information service.

5. Turn off port 23: Turn off the Telnet service, which allows remote users to log in to the system and run the console program using the command line.

6. Another important thing is to turn off the server service, which provides RPC support, file, print, and named pipe sharing. Turning it off turns off Win2k's default share, such as ipc$, c$, admin$, etc. This service shutdown does not affect your shared operations.

7, there is one is 139 port, 139 port is NetBIOSSession port, used for file and print sharing, note that the Unix machine running samba also open 139 port, the same function. In the past, Streamer 2000 was used to judge the host type of the other party is not accurate. It is estimated that the port 139 is open and considered to be an NT machine. Now it is good.

Close the 139 listening method by selecting "Internet Protocol (TCP/IP)" attribute in "Network and Dial-up Connection" in the "Local Area Connection" dialog box to enter "Advanced TCP/IP". Set & rdquo; & ldquo; WINS settings & rdquo; inside there is a " disable TCP /IP NETBIOS", tick off the port 139.

For individual users, you can set it to “disable" in each service property setting to avoid restarting the service next time, and the port is also open.

We generally use some powerful anti-blackware and firewall to ensure our system security, but some users do not have the above conditions. How to do it? Here's a simple way to do it —— to help prevent illegal intrusions by limiting ports.

The Way of Illegal Intrusion

In a nutshell, the way to illegally invade can be roughly divided into four types:

1. Scan the port and break through the known system bug. Host.

2, planting a Trojan, using the back door opened by the Trojan to enter the host.

3, using data overflow means, forcing the host to provide the back door into the host.

4, using some software designed vulnerabilities, directly or indirectly control the host.

The main methods of illegal intrusion are the first two, especially the use of some popular hacking tools. The first way to attack the host is the most common and most common; for the latter two, only Some highly skilled hackers use it, and the coverage is not extensive. As soon as these two problems arise, software service providers will soon provide patches to repair the system in time.

Therefore, if you can limit the first two types of illegal intrusion, you can effectively prevent the illegal use of hacking tools. And the first two illegal intrusions have one thing in common, that is, they enter the host through the port.

A port is like a door to a house (server), with different doors leading to different rooms (different services provided by the server). The default FTP port we use is 21, and the default port for WWW web pages is 80. But some sloppy network administrators often open port services that are easily invaded, such as 139; and some Trojans, such as glaciers, BOs, and Guangwai, automatically open up ports that you don't notice. So, as long as we block all the ports that we can't use, will we not eliminate these two kinds of illegal intrusions?

How to restrict ports

For individual users, you can restrict all ports because you don't have to give your machine any services at all; for servers that provide network services externally We need to open the ports that must be used (such as WWW port 80, FTP port 21, mail service port 25, 110, etc.), and all other ports are closed.

Here, for users using Windows 2000 or Windows XP, there is no need to install any other software, you can use the "TCP /IP Filter" function to limit the port of the server. The specific settings are as follows:

1. Right click on “My Network Places”, select “Attributes”, and then double-click “Local Area Connection” (if it is a dial-up user, select “My Connections” ; icon), pop-up "local connection status" dialog box.

2, click the [Properties] button, pop-up "Local Connection Properties", select "This connection uses the following items" in the "Internet Protocol (TCP /IP)", and then click [ ,null,null,3],Properties] button.

3. Click the [Advanced] button in the pop-up "Internet Protocol (TCP/IP)" dialog box. In the pop-up "Advanced TCP/IP Settings", select the "Options" tab, select "TCP/IP Filter", and click the [Properties] button.

4, in the pop-up "TCP /IP Screening" dialog box, select the "Enable TCP /IP Filter" check box, and then on the left “ TCP port & rdquo; Only allow ” select (see photo).

This way, you can add or remove your TCP or UDP or IP ports.

After adding or deleting, your server will be protected after restarting the machine.

If you only browse the Internet, you can not add any ports. However, if you want to use some network communication tools, such as OICQ, you should open the port of “ldquo;4000”. Similarly, if you find that a common network tool can't work, please find out what it is on your host. Port, then add the port in “TCP/IP Filter”.