收本機連線資訊,從而調整本機防火牆設定

使用 python 寫的小工具,使用情景為特定主機原本沒有開啟伺服器防火牆,或防火牆的規則不完整,使用 netconn 收集一段時間的連線(入)資訊,從而審視與調整本機防火牆設定




當初寫完時附在github上的說明文檔與示例

netconn

collect network establish info 1. Get list of listening port 2. wait for an interval(default is 60 seconds) and collect remote address who connect to listen port. 3. check countdown to 0(default is 1440 times). if not go back to step2. 4. display collect info and write it to file. filename pattern is netconn_date_time_ix_cx.log 5. press ctrl+c to break waiting time. and write the result to file just like step 4.

requirement

parameter

default python netconn.py or netconn.exe (win32)
equal python netconn.py 60 1440 netconn_date_time_i60_c1440.log wait 60 seconds, collect connection info 1440 times, write to netconn_date_time_i60_c1440.log
quick result python netconn.py 1 10
wait 1 second, collect connection 10 times

result

:445 to :80 are listen ports on my desktop remote address 192.168.3.41 connect to my desktop 10 times in collect periods
Listen   Program name
--------------------------
:445     System                                                
:5357    System                                                
:55491   ?                                                     
:3389    svchost.exe                                           
:49671   lsass.exe                                             
:51384   C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkypeHost.exe
:139     System                                                
:50037   sqlservr.exe                                          
:49667   svchost.exe                                           
:49665   svchost.exe                                           
:139     System                                                
:49685   services.exe                                          
:49666   spoolsv.exe                                           
:135     svchost.exe                                           
:80      C:\tools\nginx-1.8.0\nginx.exe                        
:49664   wininit.exe                                           
:38415   C:\Program Files (x86)\Skype\Phone\Skype.exe          
:23443   C:\Program Files\Ditto\Ditto.exe                      
:80      C:\tools\nginx-1.8.0\nginx.exe                        

Listen   Program name                                           RemoteAddr  Count
--------------------------------------------------------------------------------
:38415   C:\Program Files (x86)\Skype\Phone\Skype.exe           192.168.3.41  10  

留言

熱門文章