批处理关闭高危端口

swolook 2010-04-20

展开全文

2009年08月24日星期一上午 02:13
@echo off
echo 正在关闭流行危险端口,请稍等……
cls
gpupdate>nul 2>nul
rem For Client only
ipseccmd -w REG -p "HFUT_SECU" -o -x>nul 2>nul
ipseccmd -w REG -p "HFUT_SECU" -x>nul 2>nul
rem ipseccmd -w REG -p "HFUT_SECU" -r "Block TCP/80" -f *+0:80:TCP -n BLOCK -x>nul 2>nul
rem ipseccmd -w REG -p "HFUT_SECU" -r "Block UDP/137" -f *+0:137:UDP -n BLOCK -x>nul 2>nul
rem ipseccmd -w REG -p "HFUT_SECU" -r "Block UDP/138" -f *+0:138:UDP -n BLOCK -x>nul 2>nul
rem ipseccmd -w REG -p "HFUT_SECU" -r "Block TCP/139" -f *+0:139:TCP -n BLOCK -x>nul 2>nul
rem echo 禁止NetBIOS/SMB服务和文件和打印机共享和SAMBA（去掉REM生效）
rem ipseccmd -w REG -p "HFUT_SECU" -r "Block UDP/1433" -f *+0:1434:UDP -n BLOCK -x>nul 2>nul
rem echo 禁止Microsoft的SQL服务开放的端口…………OK!
ipseccmd -w REG -p "HFUT_SECU" -r "Block TCP/23" -f *+0:23:TCP -n BLOCK -x>nul 2>nul
echo 关闭Telnet 和木马Tiny Telnet Server监听端口…………OK!
ipseccmd -w REG -p "HFUT_SECU" -r "Block TCP/3389" -f *+0:3389:TCP -n BLOCK -x
echo 关闭默认 3389端口…………OK!
ipseccmd -w REG -p "HFUT_SECU" -r "Block TCP/135" -f *+0:135:TCP -n BLOCK -x>nul 2>nul
ipseccmd -w REG -p "HFUT_SECU" -r "Block UDP/135" -f *+0:135:UDP -n BLOCK -x>nul 2>nul
echo 禁止Location Service服务和防止 Dos 攻击…………OK!
ipseccmd -w REG -p "HFUT_SECU" -r "Block TCP/445" -f *+0:445:TCP -n BLOCK -x>nul 2>nul
ipseccmd -w REG -p "HFUT_SECU" -r "Block UDP/445" -f *+0:445:UDP -n BLOCK -x>nul 2>nul
ipseccmd -w REG -p "HFUT_SECU" -r "Block TCP/1025" -f *+0:1025:TCP -n BLOCK -x>nul 2>nul
ipseccmd -w REG -p "HFUT_SECU" -r "Block UDP/139" -f *+0:139:UDP -n BLOCK -x>nul 2>nul
ipseccmd -w REG -p "HFUT_SECU" -r "Block TCP/1068" -f *+0:1068:TCP -n BLOCK -x>nul 2>nul
ipseccmd -w REG -p "HFUT_SECU" -r "Block TCP/5554" -f *+0:5554:TCP -n BLOCK -x>nul 2>nul
ipseccmd -w REG -p "HFUT_SECU" -r "Block TCP/9995" -f *+0:9995:TCP -n BLOCK -x>nul 2>nul
ipseccmd -w REG -p "HFUT_SECU" -r "Block TCP/9996" -f *+0:9996:TCP -n BLOCK -x>nul 2>nul
ipseccmd -w REG -p "HFUT_SECU" -r "Block TCP/6129" -f *+0:6129:TCP -n BLOCK -x>nul 2>nul
ipseccmd -w REG -p "HFUT_SECU" -r "Block ICMP/255" -f *+0:255:ICMP -n BLOCK -x>nul 2>nul
ipseccmd -w REG -p "HFUT_SECU" -r "Block TCP/43958" -f *+0:43958:TCP -n BLOCK -x>nul 2>nul
echo 开始关闭流行危险端口…………OK!
ipseccmd -w REG -p "HFUT_SECU" -r "Block TCP/20034" -f *+0:20034:TCP -n BLOCK -x>nul 2>nul
echo 关闭木马NetBus Pro开放的端口…………OK!
ipseccmd -w REG -p "HFUT_SECU" -r "Block TCP/1092" -f *+0:1092:TCP -n BLOCK -x>nul 2>nul
echo 关闭蠕虫LoveGate开放的端口…………OK!
ipseccmd -w REG -p "HFUT_SECU" -r "Block TCP/3996" -f *+0:3996:TCP -n BLOCK -x>nul 2>nul
ipseccmd -w REG -p "HFUT_SECU" -r "Block TCP/4060" -f *+0:4060:TCP -n BLOCK -x>nul 2>nul
echo 关闭木马RemoteAnything开放的端口…………OK!
ipseccmd -w REG -p "HFUT_SECU" -r "Block TCP/4590" -f *+0:4590:TCP -n BLOCK -x>nul 2>nul
echo 关闭木马ICQTrojan开放的端口…………OK!
ipseccmd -w REG -p "HFUT_SECU" -r "Block TCP/1080" -f *+0:1080:TCP -n BLOCK -x>nul 2>nul
echo 禁止代理服务器扫描…………OK!
ipseccmd -w REG -p "HFUT_SECU" -r "Block TCP/113" -f *+0:113:TCP -n BLOCK -x>nul 2>nul
echo 禁止Authentication Service服务…………OK!
ipseccmd -w REG -p "HFUT_SECU" -r "Block TCP/79" -f *+0:79:TCP -n BLOCK -x>nul 2>nul
echo 禁止Finger扫描…………OK！
ipseccmd -w REG -p "HFUT_SECU" -r "Block UDP/53" -f *+0:53:UDP -n BLOCK -x>nul 2>nul
ipseccmd -w REG -p "HFUT_SECU" -r "Block TCP/53" -f *+0:53:TCP -n BLOCK -x>nul 2>nul
echo 禁止区域传递（TCP），欺骗DNS（UDP）或隐藏其他的通信…………OK!
ipseccmd -w REG -p "HFUT_SECU" -r "Block TCP/707" -f *+0:707:TCP -n BLOCK -x>nul 2>nul
echo 关闭nachi蠕虫病毒监听端口…………OK!
ipseccmd -w REG -p "HFUT_SECU" -r "Block TCP/808" -f *+0:808:TCP -n BLOCK -x>nul 2>nul
ipseccmd -w REG -p "HFUT_SECU" -r "Block TCP/520" -f *+0:520:TCP -n BLOCK -x>nul 2>nul
echo 关闭Rip 端口…………OK！
ipseccmd -w REG -p "HFUT_SECU" -r "Block TCP/1999" -f *+0:1999:TCP -n BLOCK -x>nul 2>nul
echo 关闭木马程序BackDoor的默认服务端口…………OK！
ipseccmd -w REG -p "HFUT_SECU" -r "Block TCP/2001" -f *+0:2001:TCP -n BLOCK -x>nul 2>nul
echo 关闭马程序黑洞2001的默认服务端口…………OK!
ipseccmd -w REG -p "HFUT_SECU" -r "Block TCP/2023" -f *+0:2023:TCP -n BLOCK -x>nul 2>nul
echo 关闭木马程序Ripper的默认服务端口…………OK!
ipseccmd -w REG -p "HFUT_SECU" -r "Block TCP/2583" -f *+0:2583:TCP -n BLOCK -x>nul 2>nul
echo 关闭木马程序Wincrash v2的默认服务端口…………OK！
ipseccmd -w REG -p "HFUT_SECU" -r "Block TCP/4444" -f *+0:4444:TCP -n BLOCK -x>nul 2>nul
echo 关闭msblast冲击波蠕虫监听端口…………OK!
ipseccmd -w REG -p "HFUT_SECU" -r "Block TCP/4899" -f *+0:4899:TCP -n BLOCK -x>nul 2>nul
echo 关闭远程控制软件（remote administrator)服务端口…………OK!
ipseccmd -w REG -p "HFUT_SECU" -r "Block TCP/5800" -f *+0:5800:TCP -n BLOCK -x>nul 2>nul
ipseccmd -w REG -p "HFUT_SECU" -r "Block TCP/5900" -f *+0:5900:TCP -n BLOCK -x>nul 2>nul
ipseccmd -w REG -p "HFUT_SECU" -r "Block TCP/8888" -f *+0:8888:TCP -n BLOCK -x>nul 2>nul
echo 关闭远程控制软件VNC的两个默认服务端口…………OK!
ipseccmd -w REG -p "HFUT_SECU" -r "Block TCP/6129" -f *+0:6129:TCP -n BLOCK -x>nul 2>nul
echo 关闭Dameware服务端默认监听端口（可变！）…………OK!
ipseccmd -w REG -p "HFUT_SECU" -r "Block TCP/6267" -f *+0:6267:TCP -n BLOCK -x>nul 2>nul
echo 关闭木马广外女生的默认服务端口…………OK!
ipseccmd -w REG -p "HFUT_SECU" -r "Block TCP/660" -f *+0:660:TCP -n BLOCK -x>nul 2>nul
echo 关闭木马DeepThroat v1.0 - 3.1默认服务端口…………OK!
ipseccmd -w REG -p "HFUT_SECU" -r "Block TCP/6671" -f *+0:6671:TCP -n BLOCK -x>nul 2>nul
echo 关闭木马Indoctrination默认服务端口…………OK!
ipseccmd -w REG -p "HFUT_SECU" -r "Block TCP/6939" -f *+0:6939:TCP -n BLOCK -x>nul 2>nul
echo 关闭木马PRIORITY默认服务端口…………OK!
ipseccmd -w REG -p "HFUT_SECU" -r "Block TCP/7306" -f *+0:7306:TCP -n BLOCK -x>nul 2>nul
echo 关闭木马网络精灵默认服务端口…………OK!
ipseccmd -w REG -p "HFUT_SECU" -r "Block TCP/7511" -f *+0:7511:TCP -n BLOCK -x>nul 2>nul
echo 关闭木马聪明基因的默认连接端口…………OK!
ipseccmd -w REG -p "HFUT_SECU" -r "Block TCP/7626" -f *+0:7626:TCP -n BLOCK -x>nul 2>nul
echo 关闭木马冰河默认端口(注意可变！)…………OK!
ipseccmd -w REG -p "HFUT_SECU" -r "Block TCP/9989" -f *+0:9989:TCP -n BLOCK -x>nul 2>nul
echo 关闭木马InIkiller默认服务端口…………OK!
ipseccmd -w REG -p "HFUT_SECU" -r "Block TCP/19191" -f *+0:19191:TCP -n BLOCK -x>nul 2>nul
echo 关闭木马兰色火焰默认开放的telnet端口…………OK!
ipseccmd -w REG -p "HFUT_SECU" -r "Block TCP/1029" -f *+0:1029:TCP -n BLOCK -x>nul 2>nul
ipseccmd -w REG -p "HFUT_SECU" -r "Block TCP/20168" -f *+0:20168:TCP -n BLOCK -x>nul 2>nul
echo 关闭lovegate 蠕虫所开放的两个后门端口…………OK!
ipseccmd -w REG -p "HFUT_SECU" -r "Block TCP/23444" -f *+0:23444:TCP -n BLOCK -x>nul 2>nul
echo 关闭木马网络公牛默认服务端口…………OK!
ipseccmd -w REG -p "HFUT_SECU" -r "Block TCP/27374" -f *+0:27374:TCP -n BLOCK -x>nul 2>nul
echo 关闭木马SUB7默认服务端口…………OK!
ipseccmd -w REG -p "HFUT_SECU" -r "Block TCP/31337" -f *+0:31337:TCP -n BLOCK -x>nul 2>nul
echo 关闭木马BO2000默认服务端口…………OK!
ipseccmd -w REG -p "HFUT_SECU" -r "Block TCP/45576" -f *+0:45576:TCP -n BLOCK -x>nul 2>nul
echo 关闭代理软件的控制端口…………OK!
ipseccmd -w REG -p "HFUT_SECU" -r "Block TCP/50766" -f *+0:50766:TCP -n BLOCK -x>nul 2>nul
echo 关闭木马Schwindler默认服务端口…………OK!
ipseccmd -w REG -p "HFUT_SECU" -r "Block TCP/61466" -f *+0:61466:TCP -n BLOCK -x>nul 2>nul
echo 关闭木马Telecommando默认服务端口…………OK!
ipseccmd -w REG -p "HFUT_SECU" -r "Block TCP/8787" -f *+0:8787:TCP -n BLOCK -x>nul 2>nul
echo 关闭Back Orifice 2000 Trojan - 1默认服务端口…………OK!
ipseccmd -w REG -p "HFUT_SECU" -r "Block TCP/8879" -f *+0:8879:TCP -n BLOCK -x>nul 2>nul
echo 关闭Back Orifice 2000 Trojan - 2默认服务端口…………OK!