文章

windows防火墙命令远程桌面

发表于 更新于
作者 夜中空想
3 分钟阅读

Windows防火墙命令&远程桌面

使用命令行配置防火墙

Windows 10 / Windows 8 / Windows 7 / Server 2008 / Vista:
在这几个系统版本中,我们可以用netsh advfirewall命令来配置防火墙。三种网络(域,专用,公共)的防火墙设置都不相同。因此,根据要启用/禁用的网络防火墙,命令将有所不同。

  1. 为当前网络配置防火墙(与域/专用/公用网络无关)

    1. 打开当前网络防火墙
      netsh advfirewall set currentprofile state on
    2. 关闭当前网络防火墙
      netsh advfirewall set currentprofile state off

  2. 域网络

    1. 打开域网络防火墙
      netsh advfirewall set domainprofile state on
    2. 关闭域网络防火墙
      netsh advfirewall set domainprofile state off

  3. 专用网络

    1. 打开专用网络防火墙
      netsh advfirewall set privateprofile state on
    2. 关闭专用网络防火墙
      netsh advfirewall set privateprofile state off

  4. 公用网络

    1. 打开公用网络防火墙
      netsh advfirewall set publicprofile state on
    2. 关闭公用网络防火墙
      netsh advfirewall set publicprofile state off

  5. 所有网络

    1. 打开所有网络防火墙
      netsh advfirewall set allprofiles state on
    2. 关闭所有网络防火墙
      netsh advfirewall set allprofiles state off

  6. 较旧的Windows版本 – XP / Server 2003

    1. 启用防火墙
      netsh firewall set opmode mode=ENABLE
    2. 禁用防火墙
      netsh firewall set opmode mode=DISABLE

  7. 端口配置

    1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16

    ::常用端口
netsh advfirewall firewall add rule name="Allow Ping" dir=in protocol=icmpv4 action=allow
netsh advfirewall firewall add rule name="FTP" protocol=TCP dir=in localport=20 action=allow
netsh advfirewall firewall add rule name="FTP" protocol=TCP dir=in localport=21 action=allow
netsh advfirewall firewall add rule name="SSH" protocol=TCP dir=in localport=22 action=allow
netsh advfirewall firewall add rule name="Telnet" protocol=TCP dir=in localport=23 action=allow
netsh advfirewall firewall add rule name="SMTP" protocol=TCP dir=in localport=25 action=allow
netsh advfirewall firewall add rule name="TFTP" protocol=UDP dir=in localport=69 action=allow
netsh advfirewall firewall add rule name="POP3" protocol=TCP dir=in localport=110 action=allow
netsh advfirewall firewall add rule name="HTTPS" protocol=TCP dir=in localport=443 action=allow
netsh advfirewall firewall add rule name="Netbios-ns" protocol=UDP dir=in localport=137 action=allow 
netsh advfirewall firewall add rule name="Netbios-dgm" protocol=UDP dir=in localport=138 action=allow 
netsh advfirewall firewall add rule name="Netbios-ssn" protocol=TCP dir=in localport=139 action=allow 
netsh advfirewall firewall add rule name="Netbios-ds" protocol=TCP dir=in localport=445 action=allow 
netsh advfirewall firewall add rule name="HTTP" protocol=TCP dir=in localport=80 action=allow
netsh advfirewall firewall add rule name="HTTP" protocol=TCP dir=in localport=8080 action=allow

使用命令行打开远程桌面

  1. 设置远程桌面端口
    reg add “HKLM\System\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp” /t REG_DWORD /v portnumber /d 3389 /f
    这里通过写改注册表来打开3389
  2. 开启远程桌面
    wmic RDTOGGLE WHERE ServerName=’%COMPUTERNAME%’ call SetAllowTSConnections 1
  3. 关闭远程桌面
    wmic RDTOGGLE WHERE ServerName=’%COMPUTERNAME%’ call SetAllowTSConnections 0

  4. 清楚3389登陆痕迹

    1
2
3
4

    @echo off
@reg delete "HKEY_CURRENT_USER\Software\Microsoft\Terminal Server Client\Default" /va /f
@del "%USERPROFILE%\My Documents\Default.rdp" /a
@exit
黑客, windows
windows
本文由作者按照 CC BY 4.0 进行授权