windows2019关闭常见病毒端口脚本

netsh firewall set opmode enable

%关闭病毒端口start%

netsh advfirewall firewall add rule name=”DenyTCP135-139″ dir=in action=block localport=135,136,137,138,139 remoteip=any protocol=tcp

netsh advfirewall firewall add rule name=”DenyTCP445″ dir=in action=block localport=445 remoteip=any protocol=tcp

netsh advfirewall firewall add rule name=”DenyTCP444″ dir=in action=block localport=444 remoteip=any protocol=tcp

netsh advfirewall firewall add rule name=”DenyTCP5800″ dir=in action=block localport=5800 remoteip=any protocol=tcp

netsh advfirewall firewall add rule name=”DenyTCP5900″ dir=in action=block localport=5900 remoteip=any protocol=tcp

netsh advfirewall firewall add rule name=”DenyTCP6667″ dir=in action=block localport=6667 remoteip=any protocol=tcp

netsh advfirewall firewall add rule name=”DenyTCP28867″ dir=in action=block localport=28867 remoteip=any protocol=tcp

netsh advfirewall firewall add rule name=”DenyUDP137-138″ dir=in action=block localport=137,138 remoteip=any protocol=UDP

netsh advfirewall firewall add rule name=”DenyUDP69″ dir=in action=block localport=69 remoteip=any protocol=UDP

netsh advfirewall firewall add rule name=”DenyUDP1434″ dir=in action=block localport=1434 remoteip=any protocol=UDP

%关闭病毒端口end%

%开启使用端口start%

netsh advfirewall firewall add rule name=”AllowTCP3389″ dir=in action=allow localport=3389 remoteip=any protocol=tcp

netsh advfirewall firewall add rule name=”AllowTCP1433″ dir=in action=allow localport=1433 remoteip=any protocol=tcp

netsh advfirewall firewall add rule name=”AllowTCP1521″ dir=in action=allow localport=1521 remoteip=any protocol=tcp

netsh advfirewall firewall add rule name=”AllowTCP3306″ dir=in action=allow localport=3306 remoteip=any protocol=tcp

netsh advfirewall firewall add rule name=”AllowTCP80″ dir=in action=allow localport=80 remoteip=any protocol=tcp

netsh advfirewall firewall add rule name=”AllowTCP8080-8088″ dir=in action=allow localport=8080,8081,8082,8083,8084,8085,8086,8087,8088 remoteip=any protocol=tcp

netsh advfirewall firewall add rule name=”AllowTCP443″ dir=in action=allow localport=443 remoteip=any protocol=tcp

netsh advfirewall firewall add rule name=”AllowTCP8890″ dir=in action=allow localport=8890 remoteip=any protocol=tcp

netsh advfirewall firewall add rule name=”AllowTCP234″ dir=in action=allow localport=234 remoteip=any protocol=tcp

%开启使用端口end%

%启用密码策略，审计开启，不显示最后一次登录账户，屏保%

pause()