135端口:Microsoft在这个端口运行DCE RPC end-point mapper为它的DCOM服务。这与UNIX 111端口的功能很相似。使用DCOM和RPC的服务利用计算机上的end-point mapper注册它们的位置。远端客户连接到计算机时,它们查找end-point mapper找到服务的位置。

135端口主要用于使用RPC(Remote Procedure Call,远程过程调用)协议并提供DCOM(分布式组件对象模型)服务,通过RPC可以保证在一台计算机上运行的程序可以顺利地执行远程计算机上的代码;使用DCOM可以通过网络直接进行通信,能够跨包括HTTP协议在内的多种网络传输
Windows Firewall: Allow Remote Administration Exception

The Windows Firewall: Allow remote administration exception setting allows you to specify whether computers running Windows XP with SP2 can be remotely administered by applications that use TCP ports 135 and 445 (such as MMC and WMI), and is shown in the following figure.

Services that use these ports to communicate are using remote procedure calls (RPC) and Distributed Component Object Model (DCOM) to access remote hosts. In effect, Windows Firewall adds Svchost.exe and Lsass.exe to the program exceptions list and allows those services to open additional, dynamically assigned ports, typically in the range of 1024 to 1034. Windows Firewall also allows incoming ICMP Echo  messages (also known as the ICMP Echo Request messages).

You can select the following:

  • Not Configured (default)

    Remote administration is not allowed.

  • Enabled

    Windows Firewall allows the computer to receive the unsolicited incoming messages associated with remote administration. InAllow unsolicited incoming messages from, type * to specify traffic originating from any source IPv4 address or a comma-separated list of sources. The sources can be LocalSubnet to specify traffic originating from a directly reachable IPv4 address or one or more IPv4 addresses or IPv4 address ranges separated by commas. IPv4 address ranges typically correspond to subnets. For IPv4 addresses, type the IPv4 address in dotted decimal notation. For IPv4 address ranges, you can specify the range using a dotted decimal subnet mask or a prefix length. When you use a dotted decimal subnet mask, you can specify the range as an IPv4 network ID (such as 10.47.81.0/255.255.255.0) or by using an IPv4 address within the range (such as 10.47.81.231/255.255.255.0). When you use a network prefix length, you can specify the range as an IPv4 network ID (such as 10.47.81.0/24) or by using an IPv4 address within the range (such as 10.47.81.231/24). The following is an example list of sources:

    Note This command is shown on multiple lines for better readability; enter them as a single line.

                      LocalSubnet,10.91.12.56,10.7.14.9/255.255.255.0,10.
    116.45.0/255.255.255.0,172.16.31.11/24,172.16.111.0/24

    IPv6 traffic supports the * and LocalSubnet scopes.

    Note  If you have any spaces between the entries in the list of sources or any other invalid characters, the scope is ignored and the setting behaves as if it were disabled. Please double-check your scope syntax before saving changes.

    Host names, DNS names, or DNS suffixes are not supported.

  • Disabled

    Remote administration is not allowed. Windows Firewall blocks port 135 and does not open 445. Also, in effect, it adds SVCHOST.EXE and LSASS.EXE to the program exceptions list with the Status of Disabled. Because disabling this policy setting does not block TCP port 445, it does not conflict with the Windows Firewall: Allow file and printer sharing exceptionsetting. This does not prevent these programs from running or their corresponding ports from being opened.

Malicious users and programs often attempt to attack networks and computers using RPC and DCOM traffic. We recommend that you contact the manufacturers of your critical programs to determine if they require RPC and DCOM communication. If they do not, then do not enable this setting.

Note  If you only want to open a subset of the ports that this setting opens, leave this setting set to Not Configured and use theWindows Firewall: Define port exceptions setting to selectively open ports.

Windows Server Firewall Exceptions for Remote Administration Tools

by ADMIN on APRIL 17, 2008

Microsoft has a web page that lists the various tools you can use to remotely administer a Windows Server system. The page lists each remote administration tool and the steps that are required to successfully use the tool with the Windows Firewall service enabled on the local or remote machine.

Firewall configuration details for the following remote administration tools are provided:

  • Active Directory Domains and Trusts (Windows Firewall: domain)

  • Active Directory Management (Windows Firewall: admgmt)
  • Active Directory Schema Management (Windows Firewall: schmmgmt)
  • Active Directory Sites and Services (Windows Firewall: dssite)
  • Active Directory Users and Computers (Windows Firewall: dsa)
  • Authorization Manager (Windows Firewall: azman)
  • Certificate Templates (Windows Firewall: certtmpl)
  • Certificates (Windows Firewall: certmgr)
  • Certification Authority (Windows Firewall: certsrv)
  • Certutil command (Windows Firewall: certutil)
  • Cluster Administrator (Windows Firewall: cluadmin)
  • Cluster command (Windows Firewall: cluster)
  • Component Services (Windows Firewall: comexp)
  • Computer Management (Windows Firewall: compmgmt)
  • Connection Manager Administration Kit Binaries (Windows Firewall: cmbins)
  • Connection Manager Administration Kit Wizard (Windows Firewall: cmak)
  • Device Manager (Windows Firewall: devmgr)
  • Dfscmd command (Windows Firewall: dfscmd)
  • DHCP (Windows Firewall: dhcpmgmt)
  • Directory Service Utilities (Windows Firewall: ntdsutil)
  • Disk Defragmenter (Windows Firewall: dfrg)
  • Disk Management (Windows Firewall: diskmgmt)
  • Distributed File System (Windows Firewall: dfsgui)
  • DNS Management (Windows Firewall: dnsmgmt)
  • Dsadd command (Windows Firewall: dsadd)
  • Dsget command (Windows Firewall: dsget)
  • Dsmod command (Windows Firewall: dsmod)
  • Dsmove command (Windows Firewall: dsmove)
  • Dsquery command (Windows Firewall: dsquery)
  • Dsrm command (Windows Firewall: dsrm)
  • Event Viewer (Windows Firewall: eventvwr)
  • Fax client console (Windows Firewall: fxsclnt)
  • Fax Service Manager (Windows Firewall: fxsadmin)
  • File Server Management (Windows Firewall: filesvr)
  • Group Policy Object Editor (Windows Firewall: gpedit)
  • IIS Application Management script (Windows Firewall: iisapp)
  • IIS Backup script (Windows Firewall: iisback)
  • IIS Configuration script (Windows Firewall: iiscnfg)
  • IIS FTP script (Windows Firewall: iisftp)
  • IIS FTP Virtual Directory script (Windows Firewall: iisftpdr)
  • IIS Help script (Windows Firewall: iisschlp)
  • IIS Service Extension script (Windows Firewall: iisext)
  • IIS Virtual Directory script (Windows Firewall: iisvdir)
  • IIS Web Management script (Windows Firewall: iisweb)
  • Indexing Service (Windows Firewall: ciadv)
  • Internet Authentication Service (Windows Firewall: iasmsc)
  • Internet Information Services (IIS) Manager (Windows Firewall: iis)
  • IP Security Monitor (Windows Firewall: ipsecmon)
  • IP Security Policies (Windows Firewall: ipsecpol)
  • Local Security Settings (Windows Firewall: secpol)
  • Local Users and Groups (Windows Firewall: lusrmgr)
  • Network Load Balancing Manager (Windows Firewall: nlbmgr)
  • Network Monitor tools (Windows Firewall: netmon)
  • Performance (Windows Firewall: perfmon)
  • POP3 Service (Windows Firewall: p3server)
  • Public Key Management (Windows Firewall: pkmgmt)
  • Remote Desktops (Windows Firewall: tsmmc)
  • Remote Storage (Windows Firewall: rsadmin)
  • Removable Storage (Windows Firewall: ntmsmgr)
  • Removable Storage Operator Requests (Windows Firewall: ntmsoprq)
  • Resultant Set of Policy (Windows Firewall: rsop)
  • Routing and Remote Access (Windows Firewall: rrasmgmt)
  • Security Configuration and Analysis (Windows Firewall: sca)
  • Services (Windows Firewall: services)
  • Shared Folders (Windows Firewall: fsmgmt)
  • Telephony (Windows Firewall: tapimgmt)
  • Terminal Services Configuration (Windows Firewall: tscc)
  • Terminal Services Manager (Windows Firewall: tsadmin)
  • UDDI Services Console (Windows Firewall: uddi)
  • Windows Management Infrastructure (Windows Firewall: wmimgmt)
  • Windows Media Services (Windows Firewall: wmsadmin)
  • Windows Server 2003 Administration Tools Pack (Windows Firewall: adminpak)
  • WINS (Windows Firewall: winsmgmt)
  • Wireless Monitor (Windows Firewall: wiremon)

Microsoft also has a guide to Windows firewall configuration by server role.

wmi详解,RPC和防火墙的更多相关文章

  1. 详解RPC远程调用和消息队列MQ的区别

    PC(Remote Procedure Call)远程过程调用,主要解决远程通信间的问题,不需要了解底层网络的通信机制. RPC框架 知名度较高的有Thrift(FB的).dubbo(阿里的). RP ...

  2. CentOS7下Firewall防火墙配置用法详解

    官方文档地址: https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Security_Guide ...

  3. Linux防火墙iptables学习笔记(三)iptables命令详解和举例[转载]

     Linux防火墙iptables学习笔记(三)iptables命令详解和举例 2008-10-16 23:45:46 转载 网上看到这个配置讲解得还比较易懂,就转过来了,大家一起看下,希望对您工作能 ...

  4. iptables防火墙详解

    iptables常用命令 iptables -nv -L 查看iptables列表 iptables -F 清空iptables规则 iptables-save > /etc/sysconfig ...

  5. Linux iptables 防火墙详解

    0x00 iptables介绍 linux的包过滤功能,即linux防火墙,它由netfilter 和 iptables 两个组件组成. netfilter 组件也称为内核空间,是内核的一部分,由一些 ...

  6. 防火墙之netfailt、iptables详解

    [TOC] Iptables入门 # 1.iptables介绍 linux的包过滤功能,即linux防火墙,它由netfilter 和 iptables 两个组件组成. netfilter 组件也称为 ...

  7. Linux防火墙iptables基础详解

    原文来自于:https://www.linuxidc.com/Linux/2017-01/140073.htm(引用自) 一:前言 防火墙,其实说白了讲,就是用于实现Linux下访问控制的功能的,它分 ...

  8. 网卡配置文件详解 用户管理与文件权限篇 文件与目录权限 软连接 tar解压命令 killall命令 linux防火墙 dns解析设置 计划任务crond服务 软件包安装 阿里云 yum源 安装

    Linux系统基础优化及常用命令 Linux基础系统优化 引言没有,只有一张图. Linux的网络功能相当强悍,一时之间我们无法了解所有的网络命令,在配置服务器基础环境时,先了解下网络参数设定命令. ...

  9. Spark2.1.0——内置RPC框架详解

    Spark2.1.0——内置RPC框架详解 在Spark中很多地方都涉及网络通信,比如Spark各个组件间的消息互通.用户文件与Jar包的上传.节点间的Shuffle过程.Block数据的复制与备份等 ...

随机推荐

  1. ntp -q 输出说明

    -bash-3.00# ntpq -p      remote           refid            st t when poll reach   delay   offset    ...

  2. Unity5的AssetBundle的一点使用心得

    昨天一位朋友在我这里留言,想让我写点Unity5的AssetBundle心得.于是我就看了相关的介绍,和自己确切的做了一次.下面来谈谈所谓的心得. 如果你觉得自己对AssetBundle不熟悉,建议先 ...

  3. [keepalved]主从上同时出现VIP,无法消失情况

    双主架构中,keepalived日志出现: more /var/log/messageOct 9 03:16:22 mysql-dzg-60-148 Keepalived_vrrp[8526]: VR ...

  4. React Native填坑之旅--HTTP请求篇

    如果不能从头到尾的建立一个RN应用,那么RN将失色不少.本以为HTTP请求部分需要使用Native的实现,Android和iOS各回各家,各调各库了.Google了一下之后居然RN可以使用fetch库 ...

  5. 1.3 Content Provider

    ContentProvider向我们提供了我们在应用程序之间共享数据的一种机制,分为系统的和自定义的,系统的也就是例如联系人,图片等数据. 使用方式:一个应用实现ContentProvider来提供内 ...

  6. 更改OneDrive同步文件夹

    很无奈,自己的硬盘出现了一些小情绪,不能愉快的玩耍了.所以,我需要将我的文件进行转移. 本地文件还好,但是有一个问题——自动同步的OneDrive.总不能说以后每次同步还是原来的文件夹吧? 在OneD ...

  7. C2第七次作业解题报告

    看过题解后如果觉得还算有用,请帮忙加点我所在团队博客访问量 http://www.cnblogs.com/newbe/ http://www.cnblogs.com/newbe/p/4069834.h ...

  8. mysql 语句解释执行顺序

    (7) SELECT (8) DISTINCT <select_list> (1) FROM <left_table> (3) <join_type> JOIN & ...

  9. azure存储压测的问题(农码主观意识太强被坑了)

    由于公司想把部份业务迁到windowsazure,主要是应用winodwsazure的存储;在方案中为了体现存储的可靠性所以对winodwsazure存储进行了一系列的测试.但在读取压力测试环节中发现 ...

  10. Asp.Net Web API 2第二课——CRUD操作

    详情请查看http://aehyok.com/Blog/Detail/69.html 个人网站地址:aehyok.com QQ 技术群号:206058845,验证码为:aehyok 本文文章链接:ht ...