Operation essentials: Close the ports and prevent network viruses from accessing these ports to ensure computer security and reduce the impact of viruses on Internet speed.
Recently, it was discovered that some people are infected with a new network worm virus. This virus cannot be killed using the shock wave virus killing tool. Please upgrade the anti-virus software virus database on your computer as soon as possible and scan the hard disk while disconnecting the computer network. , check and kill viruses. Users who have installed firewall software, please
Block TCP 135, 139, 445, 593, 1025 ports and UDP 135, 137, 138, 445
In addition, you can also block the backdoor ports of some popular viruses, such as TCP 2745, 3127, 6129
ports, so you can also temporarily block incoming connections to those ports.
At present, many viruses will guess the username and password of computer users and brute force crack them. For the security of your computer, please set a secure password for your computer that is not easy to guess.
Operation steps
Open the "Control Panel" (the connection to open the "Control Panel" can be found in the "Settings" menu of "My Computer" or the "Start Menu")
In the "Control Panel" Find "Administrative Tools".
Double-click to open "Administrative Tools" and find "Local Security Policy".
Double-click to open "Local Security Policy" and find "IP Security Policy", as shown in Figure 1.
Figure 1: Find "IP Security Policy" in "Local Security Policy"
Right-click the blank space in the right pane, and select "Create IP Security" in the pop-up shortcut menu Policy"
Figure 2: Create a new policy
Click the "Next" button in the wizard, go to the second page to name the new security policy, or directly Click "Next" again. When you reach the "Secure Communication Request", "Activate Default Corresponding Rules" is selected by default. Please click this option box with the mouse to change the selected
status to the unselected state, as shown in Figure 3, and then Click "Next".
Figure 3: Do not activate the default selected state
Click the "Finish" button and "Edit
Properties", as shown in Figure 4.
Figure 4: Complete the new strategy addition
In the "Properties" dialog box, check whether "Use the Add Wizard" is selected. If it is selected, please click it with the mouse to make it become unselected and click the "Add" button. As shown in Figure 5.
Figure 5: Click the "Add" button to add a new connection rule
In the "New Rule Properties" dialog box, click the "Add" button, as shown in Figure 6.
Figure 6: Add new rule
In the IP policy list, first uncheck "Use Add Wizard", and then click the "Add" button. As shown in Figure 7.
Figure 7: Add a new filter
Come to the "Filter Properties" dialog box. The first thing you see is addressing. Select "Any IP Address" for the source address and select "Any IP Address" for the destination address. "My IP address", as shown in Figure 8.
Figure 8: Filter Properties
Click the "Protocol" tab, first select "TCP" in the
drop-down list under "Select Protocol Type", and then The gray "Set Protocol Port" will turn colored, then enter "135" in the text box under "To this port" and click the "OK" button. As shown in Figure 9.
Figure 9: Add a filter to block TCP 135 (RPC) port
Return to the filter list dialog box, you can see that a policy has been added, repeat steps 11, 12, 13. Continue to add TCP 137, 139, 445, 593 ports and UDP
135, 139, 445 ports. Because some worms currently scan your computer for TCP 1025, 2745, 3127, 6129
ports, so you can also temporarily add blocking policies for these ports, discard data packets accessing these ports, and do not respond, thereby reducing the impact on your Internet access. Click the Close button. As shown in Figure 10.
Figure 10: Repeat the steps to add each port filter
In the "New Rule Properties" dialog box, click "New IP Filter List", a dot will be added to the circle on the left, indicating Already activated, then click the "Filter Operations" tab, as shown in Figure 11.
Figure 11: Activate "New IP Filter List"
In the "Filter Action" tab, first leave "Use Add Wizard" unchecked, and then click "Add" button. As shown in Figure 12.
Figure 12: Add filter operation
In the "Security Measures" tab of "New Filter Operation Properties", select "Block", and then click the "OK" button. As shown in Figure 13.
Figure 13: Add the "Block" operation
In the "New Rule Properties" dialog box, you can see that there is a new "Filter Operation", click this "New Filter" "Operation", a dot will be added to the circle to the left of it, indicating that it has been activated, and then you can click the "Close" button to close the dialog box. As shown in Figure 14.
Figure 14: Activate "New Filter Action"
Return to the "New IP Security Policy Properties" dialog box and press the "Close" button to close the dialog box. As shown in Figure 15.
Figure 15: Close the "New IP Security Policy Properties" dialog box
Finally, return to the "Local Security Policy" window, right-click the newly added IP security policy, and then select "Assign", as shown in Figure 16.
Figure 16: Assign a new IP security policy
At this time, your computer already has the ability to temporarily protect against RPC worms.
Finally, please visit the RPC vulnerability and MS04-011 security vulnerability notice patch download webpage provided here to download the patch suitable for your computer, and then go to the Windows Update website to download it for your computer Latest updatepatch for Windows.
The above is the detailed content of How to close ports 135, 139, 445, 593, 1025, etc.. For more information, please follow other related articles on the PHP Chinese website!