1, with the help of the system's own MS-DOS command to view the open ports (Win2000/XP/server2003).

At start-run-type cmd, type netstat -an (note that there is a small space before-"), and the" "after the IP address is the port number. (-a shows all current connections and listening ports, while -n shows addresses and port numbers in digital format)

Common sense: TCP (Transmission Control Protocol) and UDP (User Datagram Protocol) are communication protocols for transmitting data on the network. UDP protocol is connection-oriented, while TCP protocol is connection-oriented. Their respective port numbers are independent of each other. For example, TCP can have 255 ports and UDP can have 255 ports, and they do not conflict.

2. Check the open ports with the help of third-party software.

(1) For example, Active Ports (produced by Smart Line) can be used to monitor all open TCP/IP/UDP ports, display all your ports, and also display all the ports and the paths where corresponding programs are located, so as to check whether local IP and remote IP (IP trying to connect to your computer) are active.

(2) For example, fpor command line tool: compact in function, but no less functional than the active port, and can also view the port and the corresponding program path. Display mode: Pid process port protocol path, 392 svchost->113tcp, c: \ winnt C:\WINNT\system32\vhos.exe 。

(3) For example, the display of network activities of firewalls or antivirus tools: For example, Rising Firewall can refresh the opened ports and related processes in time, and anti-spyware experts also have this function. There are many such softwares, which can serve multiple purposes.

Second, the method of limiting or closing the port:

1. "Restrict opening" the required ports through the system's own functions (Win2000/XP/server2003)

Restrict the server port through the system's own tcp/ip filtering function, control panel-network connection-local connection-right click-properties, and then select Internet (tcp/ip)- properties-advanced-options-selected TCP/IP filtering-properties, which are divided into three items, namely TCP, UDP and IP protocols. Suppose my system only wants to open four ports (qq is 4000 ports), which are 2 1, 80,25, 1 10. Just tick "Allow Only" on "TCP Ports" and click "Add" to add these ports in turn, then confirm and restart to take effect.

2. Increase the "Allow Pass" port through the firewall of the system itself.

(1) WINXP/Server2003, SP2 will not be upgraded.

Control Panel-Network Connection-Local Connection-Properties-Advanced, select the option under "Inernet Connection Firewall" so that the firewall will start automatically. Click Settings, and we can click Add in the Services tab of the Advanced Settings window. In the Service Settings dialog box, enter the service description, computer name or IP address, and port number. (A cute little lock will appear on the Local Area Connection icon after the firewall is started. )

(2) Upgrade Windows XP of SP2 WIin XP.

Control Panel -windows Firewall-Exceptions-Add Ports. After naming, enter the port number, confirm the TCP or UDP protocol, and then confirm. Check this setting before naming, indicating that it is allowed to pass through this port, and uncheck it to indicate that it is no exception.

3. Use the "Local Security Policy" function to close the port (WINXP Home Edition does not have this function).

Close TCP: 135 (Win2000, WinXP to prevent RPC 135 overflow vulnerability), 139, 445 (Registry "HKEY _ Local _ Machine \ \ System \ \ Current Control Set \ \ Netpt \ \ Add a DWORD value named "SMBDeviceEnabled" to the parameter and set it to 0 to disable ports 445), 593, 1025 and UDP: 135, 65.

⑴ Control Panel-Administrative Tools, open "Local Security Policy", select "IP Security Policy on Local Computer", right-click in the blank of the right window, and select "Create IP Security Policy" to pop up the wizard. Click Next in the wizard to name the new security policy; Press Next again, and the Secure Communication Request screen will be displayed. Remove the check mark to the left of "Activate default mapping rule" on the screen, and then click "Finish" to create a new IP security policy.

⑵ Right-click the IP security policy, remove the hook on the left of "Use the Add Wizard" in the "Properties" dialog box, then click "Add" to add a new rule, then the "New Rule Properties" dialog box pops up, and click "Add" on the screen to pop up the IP filter list window; In the list, first remove the check mark on the left of "Use the Add Wizard", and then click the "Add" button on the right to add a new filter.

(3) into the filter properties dialog box, the first thing you see is addressing. Select "any IP address" as the source address and "My IP address" as the destination address; Click the "Protocol" tab, select "TCP" in the "Select Protocol Type" drop-down list, then enter "135" in the text box under "To this port" and click the "OK" button, thus adding a filter to block the TCP 135(RPC) port, which can prevent the outside world from passing through 6544.

(4) Click OK and return to the filter list dialog box. You can see that a policy has been added. Repeat the above steps, continue to add TCP 137, 139, 445, 593 ports and UDP 135, 139, 445 ports, and establish corresponding filters for them.

5] Repeat the above steps, add the shielding policies of TCP ports 1025, 2745, 3 127, 6 129 and 3389, establish the filters of the above ports, and finally click OK.

[6] In the "New Rule Properties" dialog box, select "New IP Filter List", then click the circle on its left to add a dot to indicate that it has been activated, and finally click the "Filter Action" tab. In the Filter Actions tab, remove the hook on the left side of Using the Add Wizard, click the Add button, add the Block action, select Block in the Security Measures tab of the New Filter Action Properties, and then click the OK button.

Once, enter the "New Rule Properties" dialog box, click "New Filter Action", and a dot will be added in the circle on the left to indicate that it has been activated. Click Close to close the dialog box; Finally, return to the "New IP Security Policy Properties" dialog box, check the "New IP Filter List" on the left, and then press "OK" to close the dialog box. In the Local Security Policy window, right-click the newly added IP security policy and select Assign.

After reboot, these ports will be closed ~ ~

4. Close the port when closing the system service.

Control Panel-Administrative Tools-Services.

(1) Close ports such as 7.9: Close simple TCP/IP services and support the following TCP/IP services: character generator, daytime, discard, echo and quotation of the day.

⑵ Close port 80: Close WWW service. The name displayed in "Service" is "World Wide Web Publishing Service", which provides web connection and management through the snap-in of Internet information services.

⑶ Close port 25: Close the Simple Mail Transfer Protocol (SMTP) service, which provides the function of sending e-mail across the network.

⑶ Close port 2 1: Close FTP publishing service and provide FTP connection and management through Internet information service management unit.

5. Close port 23: Close the Telnet service, which allows remote users to log on to the system and run console programs using the command line.

[6] Shut down the server services that provide RPC support, files, printing and naming pipes. Turning it off will turn off win2k's default * * * enjoyment, such as ipc$, c$, admin$ and so on. The shutdown of this service will not affect your other operations.

(7) Close the port 139, which is a NetBIOS session port for file and print * * *. Note that unix machines running samba also open port 139, which has the same function. In the past, streamer 2000 was not very accurate in judging the host type of the other party. It is estimated that the 139 port is open, and it is considered to be an NT machine, but it is ok now.

Shutdown method: Select the Internet Protocol (TCP /IP) attribute in the local connection in the network connection, enter the advanced TCP/IP settings and WINS settings, and there is an item "Disable NETBIOS of TCP/IP". Check the box to close the port 139. For individual users, it can be set to "Disabled" in various service attribute settings to avoid restarting the service and opening the port next time.

5. Close the port through a third-party firewall.

For example, domestic: Skynet, Jinshan, Rising; Foreign countries: Norton, IIS. This firewall is more convenient to close the port, just add it. There are generally special setting options.