Open the start menu of Windows 2000 system, select the icon "Network and Dial-up Connection" under "Settings", click with the right mouse button, and then click the "Browse" command in the shortcut menu; Select the "Internet Protocol (TCP/IP)" item, and then click the "Properties" button to open the Internet Protocol (TCP/IP) property setting page; Continue to click the "Advanced" button on this page to open the advanced TCP/IP setting window, select the "Options" tab, select "TCP/IP Filtering" in the "Optional Settings" item on this tab page, and then click the corresponding "Properties" button to open the setting window as shown in figure 1; As port 445 belongs to TCP port, you can select the "Allow Only" item in the settings corresponding to TCP port, activate the "Add" button below, and click this button. In the "Add Filter" window that opens later, all necessary service port numbers will be added, but the unused 445 port numbers will be excluded. After setting, click "Add Filter". Considering that the folder or printer * * * can only use port 445, directly stopping the folder or printer * * * can also achieve the purpose of closing port 445, so that hackers cannot destroy all kinds of * * * resources. The following are the specific steps to turn off the folder or printer * * * service: select the "Network and Dial-up Connection" icon, right-click it, and then from the shortcut menu.
In the next window, right-click the "Internet Connection" icon and select the "Properties" option to pop up the Internet Connection Properties window; Open the "General" tab page, and uncheck the "Microsoft network files or printers * * *" option in the "This connection uses the following selected components" list box, as shown in Figure 2. Finally, click the "OK" button to restart the system, and the online "villain" will have no right to access all kinds of * * * resources. Of course, you can also deprive the "big villain" of access without stopping the service; Use the user rights assignment function in local security settings to specify that no user on the Internet can access the local host. The specific steps are as follows: click the local security settings option, then expand the folder of security settings, local policies and user rights assignment, select the option of "Denying access to this computer from the network" in the corresponding right sub-window, and double-click with the left mouse button; Open the setting window as shown in Figure 3, click Add button, select everyone option in the pop-up dialog box for selecting users or groups, click Add button, and finally click OK, so that no users can access the local host from the network. However, this method has a wide range of "attacks". As a result, neither "enemies" nor "good citizens" can access the resources enjoyed by * * *, so this method is suitable for servers that store absolutely confidential information. This method disables the services used by folders or printers by modifying the registry. The specific operation method is as follows: in the start menu of Windows 2000 system, click the "Run" command to open the run dialog box, and enter the "regedit" registry editing command to pop up the registry editing interface;
In this window, use the mouse to expand the branch of "HKEY _ Local _ Machine \ System \ Current-Control Set \ Service \ Network bt \ Parameters" one by one; In the right window corresponding to the branch, create a new double-byte value and name it "SMBDeviceEnabled" (as shown in Figure 4), and then set its value to "0" directly. After setting, exit the registry editing interface and restart the system. This method uses the firewall's security filtering rules to intercept any packet passing through port 445. For example, you can start the "KV3000 anti-Nidhogg firewall" tool, click the "Rule Setting" button in "Firewall Control", and then click the "Add Rule" button in the opened rule setting window to open the setting interface as shown in Figure 5;
In the interface name setting item, name the rule "Close Port 445", and in the network condition setting item, select the "Accept Packet" option; Then set the IP address of the other party as "any address", select the "Specify local IP address" option at the local IP address, and enter the IP address of the local host. Next, click the "TCP" tab in the interface again, select the "Specify Port" option in the local port, and then enter the "445" port number; On the opposite port, select any port option.
Then, select the option "When the system is connected to the network" in the setting item of the rule object, and select the option "Interception" in the setting item "When all conditions are met". After setting all parameters, click OK to create the security filtering rule. Return to the rule setting window of anti-Nidhogg firewall, and select the newly created "close port 445" filtering rule (as shown in Figure 6). All kinds of illegal intrusions from port 445 will be automatically intercepted by anti-Nidhogg firewall. This method is to close the 445 service port by customizing the IP security policy. The specific implementation steps are as follows: In the start menu of Windows 2000 system, click Programs, Administrative Tools and Local Security Policy in turn to open the editing interface of local group policy, right-click the IP security policy in the interface, and click "On local machine" in the shortcut menu that opens. Click the Next button, and then enter the name of the newly created security policy in the Name text box. For example, the input here is "Close Port 445", click the Next button, select "Activate Default Response Rule", and all other parameters are set to default values, thus completing the creation of a new security policy, as shown in Figure 7. In the interface shown in Figure 7, click "Add" to open the security rule setting wizard interface, click "Next", select the option "This rule does not specify a tunnel", then set the network type to "All network connections", select the option "Windows 2000 default value ……", and click "Next" to open the IP filter list interface. Click "Add" in the interface, set the name of the IP filter to "Blocked Port 445", click "Add", then set the source address to "Any IP address" and the target address to "My IP address", and then click "Next" to pop up the protocol type selection box, and set the protocol type to "TCP"; Then in the pop-up window in Figure 8, select the option of "From any port to this port" and set this port to "445". Finally, click the "Finish" button, click the "Close" button to return to the IP filter list page, select the "Block Port 445" filter, click the "Next" button, and click "Next" and "Finish" in the subsequent window to add the "Block Port 445" filter to the IP security named "Close Port 445".
Finally, in the "Local Security Settings" window, right-click the "Close Port 445" policy and click the "All Tasks | Assign" command in the pop-up shortcut menu to make the above settings take effect.