Let me start with some common services provided by the Internet.
When it comes to services, we must first understand the concepts of "connected" and "unconnected". The simplest examples are making phone calls and writing letters. If two people want to talk on the phone, they should first establish a connection-that is, dial a number, wait for an answer, then pass on information to each other, and finally release the connection-that is, hang up. Writing letters is not that complicated. After filling in the address and name, throw it directly into the mailbox and the recipient will receive it.
The most popular protocol on the Internet is TCP/IP protocol. It should be noted that TCP/IP protocol is connectionless at the network layer (data packets are only sent to the Internet, and how to transmit and arrive and whether they arrive are managed by network devices). And once we talk about "ports", we have reached the transport layer. The ports below 1024 in the protocol have exact definitions, which correspond to some common services on the Internet. These common services can be divided into two types: using TCP port (connection-oriented, such as calling) and using UDP port (no connection, such as writing letters).
Commonly used TCP ports are:
Ftp: Define the file transfer protocol and use port 2 1. People often say that the ftp service opened by the host is a file transfer service. Ftp service is used to download files and upload home pages.
Remote login: Do you go to the forum? In the past, BBS was a pure character interface, and the server supporting BBS opened 23 ports to provide services to the outside world. In fact, the real meaning of Telnet is remote login: users can connect to the host remotely as their own identities.
Smtp: Simple mail transfer protocol is defined. Many mail servers now use this protocol to send mail. The server is opened using port 25.
Http: This is the most commonly used protocol-Hypertext Transfer Protocol. It is necessary to browse web pages on the Internet, so the host providing web page resources must open its port 80 to provide services. This is what we often mean by "providing www service" and "Web server".
Pop3: corresponding to smtp, pop3 is used to receive mail. Generally, the pop3 protocol uses the port 1 10. Almost all free mailboxes such as 263 have pop3 receiving function. In other words, as long as you have a corresponding program (such as Foxmail or Outlook) that uses pop3 protocol, you can receive emails from the Web without logging in to the email interface.
Common uses of UDP ports are:
Domain name resolution service. Every computer on the Internet has a corresponding network address. This address is what we often call an IP address, which is expressed in the form of pure numbers. But this is not convenient to remember, so the domain name appeared. You only need to know the domain name when accessing the host, and the conversion of domain name and IP address is completed by DNS server. DNS uses port 53.
Snmp: Simple network management protocol, which uses port 16 1 to manage network devices. Because there are many network devices, connectionless service shows its advantages.
Chat software Oicq:Oicq programs not only accept services, but also provide services, so that two chat talents are equal. Oicq uses connectionless protocol, and its server uses port 8000 to listen to information. The client uses port 4000 to send information to the outside. If both ports are in use (many people are chatting with several friends at the same time), add them in order.
So it can be said that the port is the way for the computer to communicate with the outside world. Without it, the computer would be deaf and dumb.
Ports will not be infected by viruses, but some ports are bridges for hackers to attack your PC, so some ports that may be attacked by hackers should be closed.
How to close ports to prevent viruses and hackers from invading?
Closed ports are: 135, 137, 138,139,445,1025,2475,3127,6/kloc.
The specific operation is as follows: By default, Windows has many ports open. When you surf the Internet, network viruses and hackers can connect to your computer through these ports.
In order to turn your system into an iron wall, you should close these ports, mainly TCP 135,139,445,593, 1025 and UDP 135, 137,/kloc-0. The following describes how to close these network ports under WinXP/2000/2003:
Step 1: Click Start Menu/Settings/Control Panel/Management Tools, double-click to open the local security policy, select the IP security policy on the local computer, right-click the blank position in the right pane to pop up the shortcut menu, and select Create IP security policy (as shown in the right figure), and a wizard will pop up. Click Next in the wizard to name the new security policy; Press Next again, and the Secure Communication Request screen will be displayed. Remove the check mark to the left of "Activate default mapping rule" on the screen, and then click "Finish" to create a new IP security policy.
Step 2: Right-click the IP security policy, remove the hook on the left side of the Use Add Wizard in the properties dialog box, then click Add to add a new rule, and then the new rule properties dialog box pops up, and then click Add to pop up the IP filter list window. In the list, first remove the check mark on the left of "Use the Add Wizard", and then click the "Add" button on the right to add a new filter.
Step 3, enter the Filter Properties dialog box. The first thing you see is the address. Select "any IP address" as the source address and "My IP address" as the destination address. Click the "Protocol" tab, select "TCP" in the "Select Protocol Type" drop-down list, then enter "135" in the text box under "To this port" and click the "OK" button (as shown in the left figure), thus adding a filter to block the TCP 135(RPC) port.
Click OK and return to the filter list dialog box. You can see that a policy has been added. Repeat the above steps, continue to add TCP 137, 139, 445, 593 ports and UDP 135, 139, 445 ports, and establish corresponding filters for them.
Repeat the above steps, add the shielding policies of TCP ports 1025, 2745, 3 127, 6 129 and 3389, establish the filters of the above ports, and finally click OK.
Step 4: In the "New Rule Properties" dialog box, select "New IP Filter List", then click the circle on its left to add a dot to indicate that it has been activated, and finally click the "Filter Action" tab. In the Filter Actions tab, remove the hook to the left of Using the Add Wizard, click the Add button, and then add the Block action (right): in the Security Measures tab of the New Filter Action Properties, select Block, and then click the OK button.
Step 5: Enter the "New Rule Attribute" dialog box and click "New Filter Action". A dot will be added in the circle on the left to indicate that it has been activated. Click Close to close the dialog box; Finally, return to the "New IP Security Policy Properties" dialog box, check the "New IP Filter List" on the left, and then press "OK" to close the dialog box. In the Local Security Policy window, right-click the newly added IP security policy and select Assign.
So after the restart, the above network ports in the computer are closed, and viruses and hackers can no longer connect to these ports, thus protecting your computer. I haven't heard of a patch download.
445
139
1 10
135
1433
2 1
23
80
These are the ports of common viruses.