To prevent vulnerability attacks, close the ports that don't need to be closed, then start from new.
Note: Closed ports, 135, 137, 138, 139, 445, 1025, 2475, 3127, 6129, 3389, 593, and TCP.
The specific operation is as follows:
By default, many ports have many ports, when you are online, online viruses and hackers can connect your computer through these ports. In order to make your system become copper wall iron wall, it should be closed, mainly: TCP 135, 139, 445, 593, 1025 port and UDP 135, 137, 138, 445 ports, some of the trailing door ports of some popular viruses (such as TCP 2745, 3127, 6129 ports), and remote service access port 3389. The following describes how to turn off these network ports under WinXP / 2000/2003:
The first step, click "Start" Menu / Set / Control Panel / Management Tool, double-click to open the "Local Security Policy", select the "IP Security Policy, in the local computer", right mouse mouse in the blank position of the right pane, pop-up Menu, select "Create IP Security Policy" (such as right), then pop up a wizard. Click the "Next" button in the wizard to name the new security policy; press "Next", then display the "Secure Communication Request" screen, remove the hook of "activating the default corresponding rule" on the screen, click " Complete the button created a new IP security policy.
Step 2, right-click the IP security policy, in the "Properties" dialog box, remove the hook on the left of the "Add Wizard", and then click the Add button to add a new rule, then pop up the "New Rule Properties" conversation Box, click the "Add" button on the screen, pop up the IP filter list window; in the list, first remove the hook on the left of the "Use Add Wizard", then click the "Add" button to add a new filter.
In the third step, enter the Filter Properties dialog, first see the address, the source address is selected, the target address is selected "My IP Address"; click the Protocol tab, "Select" "TCP" in the drop-down list of the protocol type, then enter "135" in the text box under "to this port", click "OK" button (such as the left), which adds a shielded TCP 135 (RPC ) Port filter, it prevents the outside world from connecting to your computer through the 135 port.
After clicking "OK" and returned to the filter list, you can see that a policy has been added. Repeat the above steps to continue adding TCP 137, 139, 445, 593 ports and UDP 135, 139, 445 ports to establish corresponding Filter.
Repeat the above steps to add a shielding strategy of the TCP 1025, 2745, 3127, 6129, 3389 port, establish a filter for the above port, and finally click the "OK" button.
In the fourth step, in the "New Rules Properties" dialog box, select "New IP Filter List", then click on the circle on the left, indicate that it is activated, and finally click the Filter Actions tab. In the Filter Actions tab, remove the hook on the left of the "Add Wizard", click the "Add" button, add "Block" operation (right): "Security Measures" in "New Filter Operation Properties" In the tab, select "Block" and click the "OK" button. Step 5, enter the "New Rules Properties" dialog, click "New Filter Actions", the circle on the left will add a point, indicating that it is activated, click the "Close" button, close the dialog; IP Security Policy Properties dialog box, hook on the left of the "New IP Filter List", press the "OK" button to close the dialog. In the Local Security Policy window, right click on the newly added IP security policy and select Assignment.
So after restarting, the above network ports in the computer are turned off, and the viruses and hackers can never connect to these ports, thus protecting your computer.
