1 Prohibit empty connection to enumerate (this operation does not block the establishment of empty connections)
First run the regedit, find the following set [HKEY_LOCAL_MACHINE / SYSTEM / CURRENTCONTROLSET / CONTROL / LSA] to change the key value of Restrictanonymous = DWORD to: 00000001 (If set to 2, there are some problems, such as some Win service, etc. Wait)
2 prohibit default sharing
1) Take out local shared resources
Run -cmd-Enter net Share
2) Delete Sharing (one input one)
NET Share IPC $ / Delete
NET Share Admin $ / Delete
NET Share C $ / Delete
NET Share D $ / Delete (if there is e, f, ... can continue to delete)
3) Stop Server service
NET STOP Server / Y (Restart after restarting)
4) Modify the registry
Run -Regedit
Server version: Find the following primary key [HKEY_LOCAL_MACHINE / SYSTEM / CURRENTCONTROLSET / SERVICES / LANMANSERVER / Parameters] change the key value of AutoShareserver (DWORD) to: 00000000.
Pro version: Find the following primary key [HKEY_LOCAL_MACHINE / SYSTEM / CURRENTCONTROLSET / SERVICES / LANMANSERVER / Parameters] change the key value of AutoShaRewks (DWORD) to: 00000000.
If the primary key mentioned above does not exist, you will be built (right-click-new-double-byte value) a primary and re-change key value.
3 Permanent Close IPC $ and the Default Sharing Related Service: LanmanServer is Server Services
Control Panel - Management Tool - Service - Find server service (right-click) - Property - General - Start Type - Disabled
4 Install the firewall (selected related settings), or port filtering (filtered out 139, 445, etc.)
5 Setting complex password to prevent passwords of IPC $
