Information Center

[About the blue screen problem of Windows Series 03 system server]

  

About the blue screen problem of Windows Series 03 system server

At present, our company has found that the server room has been attacked by TCP 135/137/138/139/445 and UDP 135/445 injection, which has led to the continuous blue screen (restart) of the server. Please check whether there is a "Close Dangerous Port Policy" in the local security policy of the Windows series system. If there is no "Close Dangerous Port Policy" for the security of your server, please add a policy to close dangerous ports in the "Local Security Policy" of the server. Closed ports include TCP139, 445, 593, 1025, UDP 123, 137, 138, 445, 1900, and some popular virus backdoor ports TCP 2513, 2745, 3127, 6129. For the server in use rented before May 15, users are advised to add local security policies on the server in the following ways to prevent virus propagation and intrusion. If you need help, you can also contact us for after-sales treatment.
Operation method Run CMD in administrator mode and execute the following commands:
######################################################
netsh ipsec static ^
Add policy name=Close dangerous port
netsh ipsec static ^
Add filteraction name=Block port action=block
netsh ipsec static ^
Add filterlist name=Dangerous port closed
netsh ipsec static ^
Add filter filterlist=Close dangerous port srcaddr=any dstaddr=me description=Reject TCP 445 port dstport=445 protocol=tcp mirrored=yes
netsh ipsec static ^
Add filter filterlist=Close dangerous port srcaddr=any dstaddr=me description=Reject UDP 445 port dstport=445 protocol=udp mirrored=yes
netsh ipsec static ^
Add filter filterlist=Close dangerous port srcaddr=any dstaddr=me description=Reject TCP135 port dstport=135 protocol=tcp mirrored=yes
netsh ipsec static ^
Add filter filterlist=Close dangerous port srcaddr=any dstaddr=me description=Reject UDP 135 port dstport=135 protocol=udp mirrored=yes
netsh ipsec static ^
Add filter filterlist=Close dangerous port srcaddr=any dstaddr=me description=Reject TCP139 port dstport=139 protocol=tcp mirrored=yes
netsh ipsec static ^
Add filter filterlist=Close dangerous port srcaddr=any dstaddr=me description=Reject TCP593 port dstport=593 protocol=tcp mirrored=yes
netsh ipsec static ^
Add filter filterlist=Close dangerous port srcaddr=any dstaddr=me description=Reject TCP1025 port dstport=1025 protocol=tcp mirrored=yes
netsh ipsec static ^
Add filter filterlist=Close dangerous port srcaddr=any dstaddr=me description=Reject TCP2531 port dstport=2531 protocol=tcp mirrored=yes
netsh ipsec static ^
Add filter filterlist=Close dangerous port srcaddr=any dstaddr=me description=Reject TCP2745 port dstport=2745 protocol=tcp mirrored=yes
netsh ipsec static ^
Add filter filterlist=Close dangerous port srcaddr=any dstaddr=me description=Reject TCP3127 port dstport=3127 protocol=tcp mirrored=yes
netsh ipsec static ^
Add filter filterlist=Close dangerous port srcaddr=any dstaddr=me description=Reject TCP6129 port dstport=6129 protocol=tcp mirrored=yes
netsh ipsec static ^
Add filter filterlist=Close dangerous port srcaddr=any dstaddr=me description=Reject UDP 123 port dstport=123 protocol=udp mirrored=yes
netsh ipsec static ^
Add filter filterlist=Close dangerous port srcaddr=any dstaddr=me description=Reject UDP 137 port dstport=137 protocol=udp mirrored=yes
netsh ipsec static ^
Add filter filterlist=Close dangerous port srcaddr=any dstaddr=me description=Reject UDP 138 port dstport=138 protocol=udp mirrored=yes
netsh ipsec static ^
Add filter filterlist=Close dangerous port srcaddr=any dstaddr=me description=Reject UDP 1900 port dstport=1900 protocol=udp mirrored=yes
netsh ipsec static ^
Add rule name=BlockAllAccess policy=Close dangerous port filterlist=Close dangerous port filteraction=Block port
Netsh ipsec static set policy name=Close dangerous port assign=y
exit
######################################################

Haoyou Cloud focuses on cloud computing US vps, Hong Kong ECS, advanced anti DDoS server, physical server, station cluster server, Hebei Unicom, Jiangsu Telecom, Beijing BGP multi line provider!

  Business License of the People's Republic of China for Value added Telecommunications Business: B1-B2-20222826 YUICPB No. 2023040088    

2013~2023 © HaoYouYun Inc. All rights reserved.    Powered By www.HaoYouYun.com

Links of the whole site: Haoyouyun    Server lease