网众封端口

Submitted by czmyxy on 2009, March 14, 7:57 AM. 技术相关

使用方法:         (已封端口包括1036,1037,1688,2100)
开启IPSEC服务,打开本地安全策略,导入本策略并指派

工作站使用无任何负作用,DZGZ早已把服务端经搞定了!

网众5.6客户端偶尔蓝屏与它的浏览器劫持插件有关!办法如下:

把c:\windows\system32\exmon.dll设为只读且无访问权即可!

网众无盘与360ARP防火墙冲突,会造成系统损坏问题!

典型的用盗版网众后门发作的情况要封的IP:如下就能解决啦..
 60.63.246.96
60.63.241.253    | 最新的注册服务器地址 端口通常是135、1688
221.130.183.172
219.136.240.220
60.63.240.25     |网众研发办公室


要封的域名:
reg.netzonesoft.com  *重要
www.netzonesoft.com  *重要
www.wz58.com *重要
wzworld.net  *重要

要封的端口:UDP、TCP、icmp 全封
135
1688

 

ROS 封后门策略 只适合5.8  的  513  518  548 版本   6.0的要去做盗版。你就等着蓝屏行了。

/ ip firewall filter
add chain=forward protocol=tcp dst-port=1688 action=drop comment="nxp Back door" \
    disabled=no
add chain=forward protocol=tcp dst-port=2001 action=drop comment="" \
    disabled=no

add chain=forward protocol=tcp dst-port=2100 action=drop comment="" \
    disabled=no

add chain=forward protocol=tcp dst-port=1036 action=drop comment="" \
    disabled=no

add chain=forward protocol=tcp dst-port=1037 action=drop comment="" \
    disabled=no
add chain=forward protocol=udp dst-port=2001 action=drop comment="" \
    disabled=no

add chain=forward protocol=udp dst-port=2100 action=drop comment="" \
    disabled=no
add chain=forward protocol=udp dst-port=1688 action=drop comment="" \
    disabled=no

add chain=forward protocol=udp dst-port=1036 action=drop comment="" \
    disabled=no

add chain=forward protocol=udp dst-port=1037 action=drop comment="" \
    disabled=no
add chain=forward content=reg.netzonesoft.com action=drop comment="drop \
    reg.netzonesoft.com" disabled=no
add chain=forward content=netzonesoft.com action=drop \
    comment="netzonesoft.com" disabled=no
add chain=forward content=www.netzonesoft.com action=drop comment="drop \
    www.netzonesoft.com" disabled=no
add chain=forward content=www.wz58.com action=drop comment="drop www.wz58.com" \
    disabled=no
add chain=forward content=wzworld.net action=drop comment="wzworld.net" \
    disabled=no
add chain=forward src-address=58.246.23.0/24 action=drop comment="drop \
    netzonesoft" disabled=no
add chain=forward dst-address=58.246.23.0/24 action=drop comment="drop \
    netzonesoft" disabled=no
add chain=forward src-address=60.63.241.0/24 action=drop comment="drop \
    netzonesoft" disabled=no
add chain=forward dst-address=60.63.241.0/24 action=drop comment="drop \
    netzonesoft" disabled=no
add chain=forward src-address=60.63.246.0/24 action=drop comment="drop \
    netzonesoft" disabled=no
add chain=forward dst-address=60.63.246.0/24 action=drop comment="" disabled=no
add chain=forward src-address=221.130.183.0/24 action=drop comment="" \
    disabled=no
add chain=forward dst-address=221.130.183.0/24 action=drop comment="" \
    disabled=no
add chain=forward src-address=219.136.240.0/24 action=drop comment="" \
    disabled=no
add chain=forward dst-address=219.136.240.0/24 action=drop comment="" \
    disabled=no
add chain=forward src-address=60.63.240.0/24 action=drop comment="" disabled=no
add chain=forward dst-address=60.63.240.0/24 action=drop comment="" disabled=no
add chain=forward src-address=210.22.141.0/24 action=drop comment="" disabled=no
add chain=forward dst-address=210.22.141.0/24 action=drop comment="" disabled=no

Tags: 无盘

« 上一篇 | 下一篇 »

Trackbacks

点击获得Trackback地址,Encode: UTF-8 点击获得Trackback地址,Encode: GB2312 or GBK 点击获得Trackback地址,Encode: BIG5

发表评论

评论内容 (必填):