Uluvala njani uqhagamshelo olukrokrelayo kwi-CMD

Uhlaziyo lokugqibela: 19/11/2025
umbhali: UIsake
  • Ibona umsebenzi ongaqhelekanga nge-netstat kunye neebhloko zelogi kwi-pfirewall.log
  • Vimba ii-IPs kunye noluhlu nge-netsh/PowerShell ngaphakathi Windows kunye ne-UFW/ip indlela phakathi Linux
  • Yenza kwaye uqinise ukhuseleko lwakho lwe-IPsec, kunye nokunciphisa izinga lokunciphisa kunye nee-CDN.

Vimba uqhagamshelo olukrokrisayo oluvela kwi-CMD

Xa ubona i-spikes ye-traffic engaqhelekanga, iiseshini ezivulekileyo ezingenanjongo, okanye amachweba ukumamela apho kungafanelekanga ukuba abekho, eyona nto ilungileyo yokwenza kukusabela ngaphandle kokuchitha ixesha kwi-console. Vimba imidibaniso ekrokrisayo ukusuka CMD (o kwisigxinaIyakhawuleza, iyaphicothwa, kwaye ayixhomekeke kujongano lwegraphical, ke iyakukhupha kwiqhina kuzo zombini iiWindows kunye neLinux.

Kwesi sikhokelo uya kufumana yonke into ukusuka kusetyenziso lwe netstat ukufumanisa ukuba kuthethwa ntoni kumatshini wakho, nkqu imithetho ye Windows Firewall nge netsh kunye PowerShell, kunye nezinye iindlela ezifana ne-UFW kunye ne-firewalld kwi-Linux, ivalela nge.htaccess, iimeko ezibandakanya i-FortiGate, kunye nezilumkiso malunga seo kunye nokusebenza Konke nge imiyalelo ezicacileyo, ezona ndlela zilungileyo kunye neenketho zokuzenzekela.

I-Netstat: yintoni, yenzelwe ntoni kwaye ungafumana njani okuninzi kuyo

Igama elithi netstat livela kwiNethiwekhi + yeNkcazo kwaye injongo yalo kukukubonisa, kwimo ekrwada, ubume bonxibelelwano lwakho kunye namazibuko. Idityaniswe kwiWindows, Linux, macOS kunye neenkqubo amashumi eminyaka. UnixAyinayo imbonakalo yomzobo kwaye ilungele ukuxilongwa ngokukhawuleza okanye uphicotho olusisiseko.

Ukongeza kuluhlu lwe-TCP/UDP (IPv4/IPv6) uqhagamshelo kunye neziseko, i-netstat inikeza iitafile zomzila, iimetrics ngokweprotocol, kunye neempazamoPhambi kohlahlelo olunzulu, vala isoftware engafunekiyo okanye uqalise kwakhona kwaye uqhube i-netstat ngobuncinci obusebenzayo, ngaloo ndlela unqanda ingxolo kwimveliso. Ukuba ukhetha into ebonakalayo kwiWindows, i-TCPView ibonisa imuvi efanayo kunye nojongano lomsebenzisi..

Impembelelo ekusebenzeni xa usebenzisa i-netstat

I-Netstat ngokwayo ayisayi kwaphula nantoni na, kodwa ukuyiqhuba kwiluphu enewaka leeparamitha kunokutya i-CPU kunye nememori ukuba unonxibelelwano oluninzi. Nciphisa impembelelo, yisebenzise kuphela xa kukho imfuneko, hluza kuphela into oyifunayo, kwaye unqande ukuyisungula rhoqo ngemizuzwana embalwa ngaphandle kwesizathu..

  • Nciphisa ukusetyenziswa kwayo kumaxesha okuxilonga okanye okuqinisekisa.
  • Sebenzisa iiparamitha ezithile ukunqanda ukuginya uluhlu olukhulu.
  • Ukuba ufuna ukubekwa esweni rhoqo, cinga ukusebenzisa izixhobo zenethiwekhi ezizinikeleyo.

Kwiindawo ezinkulu okanye ezinzima, hlaziya inkqubo kunye neqela leenkqubo. Ukucwangcisa ukuba njani, nini, kunye nokuba zeziphi izihluzi zokuqhuba i-netstat kuthintela iindleko kunye nokulibaziseka.

Izinto eziluncedo kunye nokungalunganga kwe-netstat

Phakathi kwamandla ayo kukubonakala kwawo onke amaqhagamshelo asebenzayo, ukulandelela iseshoni, kunye nokujongwa kweprotocol. Inceda ukufumanisa ukungena, imiqobo, kunye nokusombulula iziganeko..

  • Ukubonakala kunye nokulawulwa kwamazibuko okuphulaphula kunye neenkqubo.
  • Ukujongwa kokusetyenziswa kwenethiwekhi kunye nokufumanisa ukuxinana.
  • Ukuchonga imidibaniso engagunyaziswanga ukuze inqunyulwe ngexesha.
  • Ukufumanisa iingxaki zokusebenza kunye noqhagamshelwano oluqhubekayo.
  Yintoni iTotshi? Usetyenziso, Iimpawu, Izimvo, Amaxabiso

Kwicala elisezantsi, imveliso yayo ixinene kubasebenzisi abangezizo ezobuchwephesha, ayifihli nto, kwaye iyawa mfutshane kwiindawo ezinkulu. Ngaphaya koko, kwiinkqubo zanamhlanje imisebenzi emininzi iye yasiwa kwiPowerShell kwiWindowsebhetyebhetye ngakumbi kwaye ibhalwe.

  • Ijika lokufunda ukuba awulolwazi lwenethiwekhi.
  • Ukunqongophala kwe-scalability kuthungelwano olukhulu.
  • Uhlalutyo olulinganiselwe: ngobunzulu bokwenyani ufuna ezinye ii-suites (umzekelo, i-Wireshark).

Ukusebenzisa i-netstat kwi-Windows: iiparamitha eziluncedo kunye nemizekelo

Vula i-Command Prompt okanye i-terminal njengomlawuli kwaye usebenzise i-netstat. Uza kubona iProto (TCP / UDP), iidilesi zendawo / ezikude, kunye nesimo (UKUMAMELA, KUSEKWE, njl.). Ukubona izibuko kumanani, sebenzisa i-netstat -nUkuba ufuna ukuhlaziya ngokuzenzekelayo, yongeza ikhefu ekupheleni (umzekelo, imizuzwana esi-7).

Iiparamitha eziphambili zophando olongezelelweyo: -a (lonke unxibelelwano kunye namazibuko okuphulaphula), -e (ujongano manani), -f (FQDN ekude), -n (amanani), -o (PID ngoqhagamshelo ngalunye), -p X (Hluza ngeprothokholi), -q (amazibuko adityanisiweyo), -r (itafile yomzila), -s (izibalo ngokweprothokholi), -t (ukukhupha), -x (NetworkDirect)

  • netstat -ano Ibonisa amazibuko avulekileyo, uqhagamshelo, kunye nee-PIDs ukuwela-ireferensi kunye ne Umlawuli weMisebenzi. Ilungele ukuzingela iinkqubo ezinqabileyo.
  • netstat -p IP Uluhlu loqhagamshelo lweprotocol ye-IPv4 ngokwemveliso yenkqubo. Ukuba unomdla kuphela kwi-IPv4, uyahluza ingxolo.
  • netstat -a Ifundisa yonke into esebenzayo kunye nokuphulaphula.
  • netstat | findstr ESTABLISHED Hluza uqhagamshelo olusekiweyo (tshintsha ukuya KULAMULA, CLOSE_WAIT okanye TIME_WAIT njengoko kufuneka). I-grep ekhawulezayo yamazwe.
  • netstat -s y netstat -e Baqokelela izibalo ngeprotocol kunye nojongano.
  • netstat -r ibonisa iindlela ezisebenzayo; netstat -f Sombulula i-FQDN (yidibanise nayo findstr ngokwedomeyini ukwahlula iziphumo).

Vimba ii-IPs ezikrokrelekayo kunye noqhagamshelo olusuka kwi-CMD/Terminal

Xa ubhaqa idilesi ye-IP engaqhelekanga kwi-netstat okanye kweyakho logsInto enengqondo yokwenza kukuyivimba kwi-firewall. KwiWindows unokwenza oku nge... netsh Kwaye nayo PowerShell; kwi Linux, nge indlela ye-ip, UFW okanye iptables/firewalld. Ukuba iwebhusayithi yakho isebenza kwi-Apache, unokukhanyela ukufikelela kwifayile yakho ye-htaccess..

IiWindows: netsh (IWindows Firewall)

Sebenzisa i-CMD njengomlawuli kwaye ungenise umxholo ophambili: netsh advfirewallUkwenza i-firewall kwiprofayile esebenzayo: set currentprofile state on. Oku kuqinisekisa ukuba imithetho iyanyanzeliswa..

  • Vala idilesi ye-IP engenayo kuzo zonke iinkqubo: netsh advfirewall firewall add rule name=Bloqueo_IP dir=in action=block remoteip=203.0.113.5
  • Nqanda uluhlu: ... remoteip=203.0.113.0/24
  • Cima umthetho: netsh advfirewall firewall delete rule name=Bloqueo_IP
  • Buyisela amaxabiso amiselweyo: netsh advfirewall reset

Ukuba ukhetha ikhonsoli yomzobo: vula "iWindows Firewall enoKhuseleko oluPhezulu" kwaye wenze i Umgaqo wokungena oqhelekileyo ukuvala i-IP okanye uluhlu kwi "Scope". Khetha "Vala unxibelelwano" kwaye usebenzise kwi-Domain/Private/Public.

  IFirefox 136 yazisa iithebhu ezithe nkqo kunye nophuculo kwiLinux

IiWindows: I-GUI yakudala inyathelo ngenyathelo (bhloka i-IP)

Enye indlela efanelekileyo kakhulu kukudala umgaqo ovela kwi-Firewall (MMC): khetha "Umgaqo omtsha"> "Custom", sebenzisa "Kuzo zonke iinkqubo", iprotocol "Nayiphi na", kwaye kwi "Scope" yongeza i-IP okanye uluhlu lokuvimba. Khetha "Vala uqhagamshelo", lusebenzise kuzo zontathu iiprofayili kwaye uyithiye igama.

Linux: Vimba nge "blackole" indlela

Ukuba ufuna ukulahla i-traffic kwi-IP okanye uluhlu kwinqanaba lokuhamba, unokwenza iindlela ezimnyama. Iyakhawuleza kwaye iyasebenza, ilungile ngokuchasene nohlaselo olunengxolo.

  • Idilesi ye-IP ethile: ip route add blackhole 24.92.120.34/32
  • Uluhlu / 24: ip route add blackhole 22.118.20.0/24
  • Bona itheyibhile: ip route
  • Susa: ip route del blackhole 22.118.20.0/24

Kwiinkqubo ezindala uya kubona route add -host 24.92.120.34 rejectKodwa namhlanje kuqhelekile ukusetyenziswa indlela ye-ip. Zombini iindlela zalatha kwinto enye: umngxuma omnyama.

Vimba ukusuka .htaccess (Apache hosting)

Ukuba into ekukhathazayo kukufikelela kwiwebhu (izimvo ze-spam, iinzame kwiphaneli), ungayithintela nge-IP kwi-hosting yakho (Plesk / Apache). Hlela ifayile ye-httpdocs .htaccess emva kokwenza ikopi.

Order Allow,Deny
Deny from 192.168.10.10
Allow from all

Kwimvelaphi ezininzi, yongeza ngakumbi Ilayini yelayini. Soloko usenza ikopi yefayile yakho .htaccess ngaphambi kokuba wenze naluphi na utshintsho; iya kukusindisa kwizinto ezothusayo ezingemnandanga..

I-Geoblocking kunye ne-SEO

Ngeemodyuli ze-GeoIP ungathumela kwakhona ngelizwe ukusuka .htaccess, umzekelo kwiphepha lephutha ukuba ikhowudi yelizwe ihambelana. Yisebenzise kuphela ukuba umncedisi uxhasa i-geoblocking kwaye uyazi ukuba ichaphazela i-SEO kunye nabasebenzisi VPN.

RewriteEngine on
RewriteCond %{ENV:GEOIP_COUNTRY_CODE} ^CN$
RewriteRule ^(.*)$ http://tu-dominio.com/pagina-de-error.html [R=301,L]

Kuphephe ukuvimba i-bots ye-injini yokukhangela okanye uya konakalisa isalathiso. Phatha ngaphandle kweGooglebot/Bingbot kwaye ujonge kwakhona iConsole yoPhendlo.

Iindlela ezizezinye zokuthintela ngqo

Ngaphambi kokuba ubhenele ekudilizeni, qwalasela ukungqubana okunengqondo: I-CAPTCHA, ukunciphisa izinga kunye nee-CDN efunxa izikhonkwane kunye ne-DDoS yokucoca. La manyathelo awaphazamisi kangako kwaye ayanda..

Imithetho yokuzenzekela ngePowerShell (Windows) kunye ne-IPsec

I-PowerShell ikuvumela ukuba wenze, utshintshe, uthumele ngaphandle kwi-GPO, kwaye uphicothe imigaqo yomlilo ngokuchanekileyo. Kwaye ukuba ufuna i-packet-level network security, yongeza i-IPsec..

  Yintoni i-Single Sign-On (SSO) kunye ne-Social Login: isikhokelo esipheleleyo

Yenza umthetho wokuvalela ngaphandle nge-app kunye nezibuko kwi-GPO: New-NetFirewallRule -DisplayName Block_Out_Telnet -Direction Outbound -Program %SystemRoot%\System32\telnet.exe -Protocol TCP -LocalPort 23 -Action Block -PolicyStore domain.contoso.com\gpo_name

Ukunciphisa umthwalo kubalawuli, cache i-GPO kwiseshoni, sebenzisa utshintsho, kwaye ugcine: Vula-NetGPO, New-NetFirewallRule -GPOSession, Gcina-NetGPO. Uyakuphepha ukuhamba ngokungeyomfuneko ukuya kwi-DC.

Ukuguqula imithetho ekhoyo kulula njengokubonisana nabo Get-NetFirewallRule kunye nezihluzo zayo ezinxulumene (iizibuko, iidilesi) kunye nekhonkco nge Set-NetFirewallRule. Ungayenza kwakhona ngeqela ngalinye nge-Enable-NetFirewallRule -DisplayGroup.

Ukucoca okulawulwayo: Remove-NetFirewallRule -Action Block okanye qala ujonge, gcina kwizinto eziguquguqukayo uze ucime ngesiqinisekiso. -Isenzo semposiso ngokuthule Qhubeka Yiphephe ingxolo xa kukho into engasekhoyo.

Ulawulo olukude: sebenzisa -CimSession ukubonisana okanye ukutshintsha imithetho kwamanye amaqela (New-CimSession kwaye wenze). WinRM yenziwe ngokungagqibekanga..

IPsec: yenza imithetho yezothutho, chaza izindululo ze-cryptographic, sebenzisa i-IKEv2 ukuba iqabane lakho liyayifuna, kwaye usebenzise ukuhlukaniswa kwesizinda (Kerberos). Ungafuna "ukuvumela ukuba ukhuselekile" kwi-firewall kwaye uyixhase nge-IPsec yoqinisekiso kunye nemithetho yofihlo..

Ukwahlula ukufikelela ngamaqela, yakha imitya ye-SDDL kunye nomsebenzisi / izixhobo ze-SID kwaye uzibhekise kumgaqo. Ngale ndlela kuphela iseti esezantsi esemthethweni enofikelelo kwaye itrafikhi ifihliwe..

Iilogi, yintoni i-firewall evalayo, kunye novavanyo lwezibuko

Kuyacetyiswa ukuba uvule ukugawulwa kweepakethi eziwisiweyo "kwiWindows Firewall enoKhuseleko oluPhezulu"> IiPropathi zeFirewall> Log On> "Iipakethi eziwisiweyo zokungena: Ewe". Ifayile yelog engagqibekanga ithi %systemroot%\system32\LogFiles\Firewall\pfirewall.log.

Apho uyakubona ukuba yintoni, nini, kwaye kutheni ivaliwe. Iluncedo ekulungiseni imigaqo okanye ekubhaqeni iimpawu ezingezizo.

Ukujonga izibuko ezivulekileyo kwi-IP yakho yoluntu ukusuka ngaphandle, i-YouGetSignal ikunika isigwebo esikhawulezayo (i-Port Forwarding Tester). Ngena izibuko kwaye ngemizuzwana uya kuyazi ukuba iyaphendula.

Ukuba uyakrokrela ukuba i-firewall ivalela usetyenziso, yiya ku-"Vumela usetyenziso okanye inqaku ngeWindows Defender Firewall" kwaye uhlengahlengise iisetingi zenethiwekhi nganye (yaBucala/Yoluntu). Lawula uluhlu lwakho olumhlophe ngokufanelekileyo kwaye uyakuphepha iibhloko ezisileyo..