关闭445端口方法windows7(关闭445端口方法xp)

前面讲过命令行创建IP安全策略(IPSEC),让系统更安全,但是IPSEC只能针对IP、端口、协议等进行简单限制,而防火墙功能更强大!除了IPSEC的功能,还可以对文件、网卡等进行限制。

操作之前,需要先确定两个东西,一个是防火墙的服务处于运行状态:

关闭445端口方法windows7(关闭445端口方法xp)插图

另一个是防火墙的设置没有被关闭:

关闭445端口方法windows7(关闭445端口方法xp)插图1

netsh advfirewall firewall add rule name="QQ" dir=in program="C:\Program Files (x86)\Tencent\QQ\Bin\QQ.exe" action=block

netsh advfirewall firewall add rule name="QQ" dir=out program="C:\Program Files (x86)\Tencent\QQ\Bin\QQ.exe" action=block

netsh advfirewall firewall add rule name="QQ" dir=in program="C:\Program Files (x86)\Tencent\QQ\Bin\QQ.exe" action=allow

netsh advfirewall firewall add rule name="QQ" dir=out program="C:\Program Files (x86)\Tencent\QQ\Bin\QQ.exe" action=allow

netsh advfirewall firewall add rule name="QQ" dir=in program="C:\Program Files (x86)\Tencent\QQ\Bin\QQ.exe" security=authenticate action=allow

netsh advfirewall firewall add rule name="网站端口" dir=out protocol=TCP remoteport=80,443 action=block

netsh advfirewall firewall set rule "网站端口" new enable=no

netsh advfirewall firewall delete rule name="网站端口"

netsh advfirewall firewall add rule name="安全防护" dir=in protocol=TCP localport=135,139,445 action=block

netsh advfirewall firewall add rule name="谷歌DNS" dir=out remoteip=8.8.8.8,8.8.4.4 action=block

限制单个IP访问本机:

netsh advfirewall firewall add rule name="禁止访问IP" dir=in remoteip=192.168.1.1 ?action=block

限制一段IP访问本机:

netsh advfirewall firewall add rule name="禁止访问IP" dir=in remoteip=192.168.1.1-192.168.1.100 ?action=block

限制一个子网访问本机:

netsh advfirewall firewall add rule name="禁止访问IP" dir=in remoteip=192.168.1.0/24 ?action=block

禁止本机ping其它机子:

ipv4:

netsh advfirewall firewall add rule name="ipv4禁Ping" dir=out protocol=icmpv4 action=block

ipv6:

netsh advfirewall firewall add rule name="ipv6禁Ping" dir=out protocol=icmpv6 action=block

禁止其它机子ping本机:

ipv4:

netsh advfirewall firewall add rule name="ipv4禁Ping" dir=in protocol=icmpv4 action=block

ipv6:

netsh advfirewall firewall add rule name="ipv6禁Ping" dir=in protocol=icmpv6 action=block

netsh advfirewall firewall add rule name="无线网络" dir=out interfacetype=wireless action=block

运行中输入:wf.**** 回车,可以快速打开防火墙的高级设置:

dir=in 是入站规则。其它主动访问本机,属于“入站”

dir=out 是出站规则。本机主动访问其它,属于“出站”

限制访问的规则优先于允许访问的规则!

?

版权声明:本文内容由互联网用户自发贡献,该文观点仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如有侵权请联系网站管理员删除,联系邮箱1856753@qq.com。

0
显示验证码
没有账号?注册  忘记密码?