windows2019关闭常见病毒端口脚本-摩杜云开发者社区

netsh firewall set opmode enable

%关闭病毒端口start%

netsh advfirewall firewall add rule name="DenyTCP135-139" dir=in action=block localport=135,136,137,138,139 remoteip=any protocol=tcp

netsh advfirewall firewall add rule name="DenyTCP445" dir=in action=block localport=445 remoteip=any protocol=tcp

netsh advfirewall firewall add rule name="DenyTCP444" dir=in action=block localport=444 remoteip=any protocol=tcp

netsh advfirewall firewall add rule name="DenyTCP5800" dir=in action=block localport=5800 remoteip=any protocol=tcp

netsh advfirewall firewall add rule name="DenyTCP5900" dir=in action=block localport=5900 remoteip=any protocol=tcp

netsh advfirewall firewall add rule name="DenyTCP6667" dir=in action=block localport=6667 remoteip=any protocol=tcp

netsh advfirewall firewall add rule name="DenyTCP28867" dir=in action=block localport=28867 remoteip=any protocol=tcp

netsh advfirewall firewall add rule name="DenyUDP137-138" dir=in action=block localport=137,138 remoteip=any protocol=UDP

netsh advfirewall firewall add rule name="DenyUDP69" dir=in action=block localport=69 remoteip=any protocol=UDP

netsh advfirewall firewall add rule name="DenyUDP1434" dir=in action=block localport=1434 remoteip=any protocol=UDP

%关闭病毒端口end%

%开启使用端口start%

netsh advfirewall firewall add rule name="AllowTCP3389" dir=in action=allow localport=3389 remoteip=any protocol=tcp

netsh advfirewall firewall add rule name="AllowTCP1433" dir=in action=allow localport=1433 remoteip=any protocol=tcp

netsh advfirewall firewall add rule name="AllowTCP1521" dir=in action=allow localport=1521 remoteip=any protocol=tcp

netsh advfirewall firewall add rule name="AllowTCP3306" dir=in action=allow localport=3306 remoteip=any protocol=tcp

netsh advfirewall firewall add rule name="AllowTCP80" dir=in action=allow localport=80 remoteip=any protocol=tcp

netsh advfirewall firewall add rule name="AllowTCP8080-8088" dir=in action=allow localport=8080,8081,8082,8083,8084,8085,8086,8087,8088 remoteip=any protocol=tcp

netsh advfirewall firewall add rule name="AllowTCP443" dir=in action=allow localport=443 remoteip=any protocol=tcp

netsh advfirewall firewall add rule name="AllowTCP8890" dir=in action=allow localport=8890 remoteip=any protocol=tcp

netsh advfirewall firewall add rule name="AllowTCP234" dir=in action=allow localport=234 remoteip=any protocol=tcp

%开启使用端口end%

%启用密码策略，审计开启，不显示最后一次登录账户，屏保%

pause()