j72127
2003-11-06, 10:21 AM
小弟是用win2k,之前因為重灌,在裝防火牆之後,因為一時大
意還是開了別人可以用svchost連進來的權限,今天發現了就趕緊把
它關掉權限,不過發現svchost還是開著在讓等人連線,但是因為我
關掉權限,所以那些人都連不進來,以下是那些被擋的訊息
1,[06/Nov/2003 09:18:43] Rule 'Generic Host Process for Win32 Services': Blocked: In TCP, 210.71.39.210:3088->localhost:135, Owner: C:\WINNT\SYSTEM32\SVCHOST.EXE
1,[06/Nov/2003 09:18:46] Rule 'Generic Host Process for Win32 Services': Blocked: In TCP, class210.ccl.ttct.edu.tw [210.71.39.210:3088]->localhost:135, Owner: C:\WINNT\SYSTEM32\SVCHOST.EXE
1,[06/Nov/2003 09:18:53] Rule 'Generic Host Process for Win32 Services': Blocked: In TCP, class210.ccl.ttct.edu.tw [210.71.39.210:3088]->localhost:135, Owner: C:\WINNT\SYSTEM32\SVCHOST.EXE
1,[06/Nov/2003 09:19:01] Rule 'Generic Host Process for Win32 Services': Blocked: In TCP, 81.222.242.131:4139->localhost:135, Owner: C:\WINNT\SYSTEM32\SVCHOST.EXE
1,[06/Nov/2003 09:19:06] Rule 'Generic Host Process for Win32 Services': Blocked: In TCP, 210.68.61.130:2931->localhost:135, Owner: C:\WINNT\SYSTEM32\SVCHOST.EXE
1,[06/Nov/2003 09:19:09] Rule 'Generic Host Process for Win32 Services': Blocked: In TCP, 210.68.61.130:2931->localhost:135, Owner: C:\WINNT\SYSTEM32\SVCHOST.EXE
1,[06/Nov/2003 09:19:16] Rule 'Generic Host Process for Win32 Services': Blocked: In TCP, h130-210-68-61.seed.net.tw [210.68.61.130:2931]->localhost:135, Owner: C:\WINNT\SYSTEM32\SVCHOST.EXE
1,[06/Nov/2003 09:19:50] Rule 'Generic Host Process for Win32 Services': Blocked: In TCP, 210.66.232.233:3672->localhost:135, Owner: C:\WINNT\SYSTEM32\SVCHOST.EXE
1,[06/Nov/2003 09:19:59] Rule 'Generic Host Process for Win32 Services': Blocked: In TCP, h233-210-66-232.seed.net.tw [210.66.232.233:3672]->localhost:135, Owner: C:\WINNT\SYSTEM32\SVCHOST.EXE
1,[06/Nov/2003 09:21:50] Rule 'Generic Host Process for Win32 Services': Blocked: In TCP, 210.68.123.127:3040->localhost:135, Owner: C:\WINNT\SYSTEM32\SVCHOST.EXE
1,[06/Nov/2003 09:21:56] Rule 'Generic Host Process for Win32 Services': Blocked: In TCP, sw68-123-127.adsl.seed.net.tw [210.68.123.127:3040]->localhost:135, Owner: C:\WINNT\SYSTEM32\SVCHOST.EXE
1,[06/Nov/2003 09:37:21] Rule 'Generic Host Process for Win32 Services': Blocked: In TCP, 210.68.61.237:2760->localhost:135, Owner: C:\WINNT\SYSTEM32\SVCHOST.EXE
之前被連進來,請問會造成什麼樣的影響,我實在很不安心,還有請問要
什麼把那個服務給關了,我實在不知道他是服務裡的那一個項目@@
意還是開了別人可以用svchost連進來的權限,今天發現了就趕緊把
它關掉權限,不過發現svchost還是開著在讓等人連線,但是因為我
關掉權限,所以那些人都連不進來,以下是那些被擋的訊息
1,[06/Nov/2003 09:18:43] Rule 'Generic Host Process for Win32 Services': Blocked: In TCP, 210.71.39.210:3088->localhost:135, Owner: C:\WINNT\SYSTEM32\SVCHOST.EXE
1,[06/Nov/2003 09:18:46] Rule 'Generic Host Process for Win32 Services': Blocked: In TCP, class210.ccl.ttct.edu.tw [210.71.39.210:3088]->localhost:135, Owner: C:\WINNT\SYSTEM32\SVCHOST.EXE
1,[06/Nov/2003 09:18:53] Rule 'Generic Host Process for Win32 Services': Blocked: In TCP, class210.ccl.ttct.edu.tw [210.71.39.210:3088]->localhost:135, Owner: C:\WINNT\SYSTEM32\SVCHOST.EXE
1,[06/Nov/2003 09:19:01] Rule 'Generic Host Process for Win32 Services': Blocked: In TCP, 81.222.242.131:4139->localhost:135, Owner: C:\WINNT\SYSTEM32\SVCHOST.EXE
1,[06/Nov/2003 09:19:06] Rule 'Generic Host Process for Win32 Services': Blocked: In TCP, 210.68.61.130:2931->localhost:135, Owner: C:\WINNT\SYSTEM32\SVCHOST.EXE
1,[06/Nov/2003 09:19:09] Rule 'Generic Host Process for Win32 Services': Blocked: In TCP, 210.68.61.130:2931->localhost:135, Owner: C:\WINNT\SYSTEM32\SVCHOST.EXE
1,[06/Nov/2003 09:19:16] Rule 'Generic Host Process for Win32 Services': Blocked: In TCP, h130-210-68-61.seed.net.tw [210.68.61.130:2931]->localhost:135, Owner: C:\WINNT\SYSTEM32\SVCHOST.EXE
1,[06/Nov/2003 09:19:50] Rule 'Generic Host Process for Win32 Services': Blocked: In TCP, 210.66.232.233:3672->localhost:135, Owner: C:\WINNT\SYSTEM32\SVCHOST.EXE
1,[06/Nov/2003 09:19:59] Rule 'Generic Host Process for Win32 Services': Blocked: In TCP, h233-210-66-232.seed.net.tw [210.66.232.233:3672]->localhost:135, Owner: C:\WINNT\SYSTEM32\SVCHOST.EXE
1,[06/Nov/2003 09:21:50] Rule 'Generic Host Process for Win32 Services': Blocked: In TCP, 210.68.123.127:3040->localhost:135, Owner: C:\WINNT\SYSTEM32\SVCHOST.EXE
1,[06/Nov/2003 09:21:56] Rule 'Generic Host Process for Win32 Services': Blocked: In TCP, sw68-123-127.adsl.seed.net.tw [210.68.123.127:3040]->localhost:135, Owner: C:\WINNT\SYSTEM32\SVCHOST.EXE
1,[06/Nov/2003 09:37:21] Rule 'Generic Host Process for Win32 Services': Blocked: In TCP, 210.68.61.237:2760->localhost:135, Owner: C:\WINNT\SYSTEM32\SVCHOST.EXE
之前被連進來,請問會造成什麼樣的影響,我實在很不安心,還有請問要
什麼把那個服務給關了,我實在不知道他是服務裡的那一個項目@@