以下内容为服务器安全加固学习内容,有一些端口需要禁用外网访问来提高服务器数据库安全 防止注入破解等造成数据丢失
禁止外部访问服务器SQL数据库(端口为1433)
bat执行代码
@echo off title 禁止危险端口## cls ::code by Sunward sc query PolicyAgent|find /i "PolicyAgent" if %errorlevel% == 1 ( sc create PolicyAgent binpath= "%windir%\system32\lsass.exe" type= share start= auto displayname= "IPSEC Services" depend= RPCSS/IPSec ) sc config PolicyAgent start= auto sc start PolicyAgent Services ipseccmd -w REG -p "SUNWARD" -o -x >nul ipseccmd -w REG -p "SUNWARD" -r "Block TCP/135" -f *+0:135:TCP -n BLOCK -x >nul ipseccmd -w REG -p "SUNWARD" -r "Block TCP/139" -f *+0:139:TCP -n BLOCK -x >nul ipseccmd -w REG -p "SUNWARD" -r "Block TCP/445" -f *+0:445:TCP -n BLOCK -x >nul ipseccmd -w REG -p "SUNWARD" -r "Block TCP/1443" -f *+0:1443:TCP -n BLOCK -x >nul ipseccmd -w REG -p "SUNWARD" -r "Block TCP/1444" -f *+0:1444:TCP -n BLOCK -x >nul ipseccmd -w REG -p "SUNWARD" -r "Block UDP/135" -f *+0:135:UDP -n BLOCK -x >nul ipseccmd -w REG -p "SUNWARD" -r "Block UDP/139" -f *+0:139:UDP -n BLOCK -x >nul ipseccmd -w REG -p "SUNWARD" -r "Block UDP/445" -f *+0:445:UDP -n BLOCK -x >nul ipseccmd -w REG -p "SUNWARD" -r "Block UDP/1443" -f *+0:1443:UDP -n BLOCK -x >nul ipseccmd -w REG -p "SUNWARD" -r "Block UDP/1444" -f *+0:1444:UDP -n BLOCK -x >nul ipseccmd -w REG -p "SUNWARD" -x >nul cls @echo 端口屏蔽完成! ping 127.0.0.1 -n 5 1>nul
免代码一键执行bat附件如下
