常见高危端口有哪些？是否有工具能进行快捷开关？

显示全部楼层 · 发表于 2020-8-30 18:58:37

本帖最后由 hey，boy 于 2020-8-30 01:00 编辑

在百度上搜到一些关闭端口的方法，都是用防火墙或者ip策略进行关闭，感觉有点繁琐，不知道有没有小工具可以实现？
另外，有没有高危端口的集合（除139，137，445）

显示全部楼层 · 发表于 2020-8-30 19:10:42

写个批处理不就好了，全部需要关闭的危险端口写在一起。
常会关闭的高危端口大约在十来个，网上一搜不就清楚。

显示全部楼层 · 发表于 2020-8-30 19:27:04

Jomye 发表于 2020-8-30 01:10
写个批处理不就好了，全部需要关闭的危险端口写在一起。
常会关闭的高危端口大约在十来个，网上一搜不就清 ...

emmmm,135 137 138 139 445,还有吗
批处理不会

显示全部楼层 · 发表于 2020-8-30 19:41:32

hey，boy 发表于 2020-8-30 19:27
emmmm,135 137 138 139 445,还有吗
批处理不会

123,135,137,138,139,445,3389端口，卡巴斯基防火墙默认就是这么设置的，自动阻止

显示全部楼层 · 发表于 2020-9-21 16:36:46

看是个人用还是企业用呀

，企业用的那就多了。

显示全部楼层 · 发表于 2020-9-23 21:40:31

%1 mshta vbscript:CreateObject("Shell.Application").ShellExecute("cmd.exe","/c %~s0 ::","","runas",1)(window.close)&&exit
@echo off
color 1f
title 您正在使用一键屏蔽危险端口和服务 by et
echo 您正在使用一键屏蔽危险端口和服务
echo"正在帮您关闭这些危险端口，请稍等"
echo “正在开启Windows防火墙服务”
net start MpsSvc
echo ”正在帮您开启Windows防火墙自启动“
sc config MpsSvc start= auto
echo ”正在启用防火墙“
netsh advfirewall set allprofiles state on
echo"正在帮您屏蔽端口...."
echo.
echo.
echo.
echo 正在屏蔽135端口请稍候…
netsh advfirewall firewall delete rule name = "Disable port 135 - TCP"
netsh advfirewall firewall add rule name = "Disable port 135 - TCP" dir = in action = block protocol = TCP localport = 135
echo.
netsh advfirewall firewall delete rule name = "Disable port 135 - UDP"
netsh advfirewall firewall add rule name = "Disable port 135 - UDP" dir = in action = block protocol = UDP localport = 135
echo.
echo 正在屏蔽137端口请稍候…
netsh advfirewall firewall delete rule name = "Disable port 137 - TCP"
netsh advfirewall firewall add rule name = "Disable port 137 - TCP" dir = in action = block protocol = TCP localport = 137
echo.
netsh advfirewall firewall add rule name = "Disable port 137 - UDP"
netsh advfirewall firewall add rule name = "Disable port 137 - UDP" dir = in action = block protocol = UDP localport = 137
echo.
echo 正在屏蔽138端口请稍候…
netsh advfirewall firewall delete rule name = "Disable port 138 - TCP"
netsh advfirewall firewall add rule name = "Disable port 138 - TCP" dir = in action = block protocol = TCP localport = 138
echo.
netsh advfirewall firewall delete rule name = "Disable port 138 - UDP"
netsh advfirewall firewall add rule name = "Disable port 138 - UDP" dir = in action = block protocol = UDP localport = 138
echo.
echo 正在屏蔽139端口请稍候…
netsh advfirewall firewall delete rule name = "Disable port 139 - TCP"
netsh advfirewall firewall add rule name = "Disable port 139 - TCP" dir = in action = block protocol = TCP localport = 139
echo.
netsh advfirewall firewall delete rule name = "Disable port 139 - UDP"
netsh advfirewall firewall add rule name = "Disable port 139 - UDP" dir = in action = block protocol = UDP localport = 139
echo.
echo 正在关闭445端口请稍候…
netsh advfirewall firewall delete rule name = "Disable port 445 - TCP"
netsh advfirewall firewall add rule name = "Disable port 445 - TCP" dir = in action = block protocol = TCP localport = 445
echo.
netsh advfirewall firewall delete rule name = "Disable port 445 - UDP"
netsh advfirewall firewall add rule name = "Disable port 445 - UDP" dir = in action = block protocol = UDP localport = 445
echo.

echo "危险端口已经用Windows防火墙屏蔽成功"

echo.
echo ----------------
echo “正在关闭Workstation（LanmanWorkstation）服务”
sc stop LanmanWorkstation
sc config LanmanWorkstation start= disabled

echo.
echo ----------------
echo “正在关闭Server（LanmanServer）服务”
sc stop LanmanServer
sc config LanmanServer start= disabled

echo.
echo ----------------
echo “正在关闭TCP/IP NetBIOS Helper（lmhosts）共享服务”
sc stop lmhosts
sc config lmhosts start= disabled

echo.
echo ----------------
echo “正在关闭Distributed Transaction Coordinator（MSDTC）共享服务”
sc stop MSDTC
sc config MSDTC start= disabled

echo.
echo ----------------
echo “正在关闭NetBT服务”
sc stop NetBT
sc config NetBT start= disabled

echo.
echo ----------------
reg add "hklm\System\CurrentControlSet\Services\NetBT\Parameters" /v "SMBDeviceEnabled" /t reg_dword /d "0" /f
reg add "hklm\SOFTWARE\Microsoft\Ole" /v "EnableDCOM" /t reg_sz /d "N" /f
reg add "hklm\SOFTWARE\Microsoft\Rpc" /v "DCOM Protocols" /t reg_multi_sz /d "" /f

echo.
echo ----------------
echo "恭喜您，危险端口已经关闭,请重新启动电脑后用netstat -an查看本地端口"

echo 按任意键退出
pause>nul

把以上文本复制后缀名改为.bat

显示全部楼层 · 发表于 2020-9-23 22:28:11

jckit 发表于 2020-9-23 21:40
%1 mshta vbscript:CreateObject("Shell.Application").ShellExecute("cmd.exe","/c %~s0 ::","","runas",1 ...

谢谢，个人用机暂时用不上，代码已收纳置硬盘，再次感谢

显示全部楼层 · 发表于 2020-9-24 23:48:38

jckit 发表于 2020-9-23 03:40
%1 mshta vbscript:CreateObject("Shell.Application").ShellExecute("cmd.exe","/c %~s0 ::","","runas",1 ...

非常感谢，能写一个还原的批处理吗？怕不小心操作错了，无法还原

显示全部楼层 · 发表于 2020-12-23 08:51:33

jckit 发表于 2020-9-23 21:40
%1 mshta vbscript:CreateObject("Shell.Application").ShellExecute("cmd.exe","/c %~s0 ::","","runas",1 ...

能写一个还原的批处理吗？怕不小心操作错了，无法还原

显示全部楼层 · 发表于 2020-12-23 11:50:33

jckit 发表于 2020-9-23 21:40
%1 mshta vbscript:CreateObject("Shell.Application").ShellExecute("cmd.exe","/c %~s0 ::","","runas",1 ...

这位朋友使用了 VB脚本，编写了这段批处理。

可见，对系统的基本组件，还是相对比较了解的。

学习贴。

[讨论] 常见高危端口有哪些？是否有工具能进行快捷开关？