Is there any way to make your server escape searching online? Installing and setting a firewall is of course the best way to solve the problem. If you do not have a firewall installed, you can create a security policy to prohibit all computers from Pinging their local IP addresses. The specific creation process is as follows (taking Windows 2003 Server as an example ).
Step 1: Add IP filters and filters
Choose Start> Administrative Tools> Local Security Policy. In the Local Security Settings dialog box, right-click the "IP Security Policy" option on the left of the dialog box, run the "manage IP Filter tables and Filter Operations" command. In the displayed dialog box, click the [add] button under the "manage IP Filter list" tab, the name of the filter is "Ping prohibited", the description language can be "prohibit any other computer from pinging my host", and click [next]; select "IP communication Source Address" as "My IP Address", click [next], select "IP communication target address" as "any IP Address", and click [next]; select "IP protocol type" as "ICMP" (Ping, tracert, and other command operations are performed using ICMP packets), click [next], and finally click [finish] To End adding. Switch to the "manage Filter Operations" tab, click "add> next", and name the filter action as "block all connections". The description language can be "block all network connections ", click [next], click the "Block" option as the action of this filter, and then click [next] to complete all the Add operations.
Step 2: Create an IP Security Policy
Right-click the "IP Security Policy" option in the console, run the [create security policy] command, and then click the [next] button; name this IP Security Policy "prohibit ping to host", the description language is "Deny ping requests from any other computer", and click [next]. After selecting "Activate default response rule, click [next]. In the "default response rule authentication method" dialog box, click the "use this string to protect key exchange" option, enter a string (for example, "No ping") in the text box below, click [next], select "Edit attribute", and click [finish] to end the creation.
Step 3: Configure an IP Security Policy
In the "Disable Ping properties" dialog box, click "add> next" under the "General" tab, click "this rule does not specify a tunnel", and click [next]. click "all network connections" to ensure that all computers cannot ping the host. Click [next]. In the "IP Filter list" box, click "Disable ping" and click [next]. click "block all connections" in the "Filter Operations" list box, click [next], cancel the "Edit attributes" option, and click [finish] to end the configuration.
Step 4: assign an IP Security Policy
The security policy cannot take effect immediately after it is created. We also need to use the "Assign" function to make it take effect. Right-click the "Disable host ping" policy on the right of the "Local Security Settings" dialog box and run the "Assign" command to enable this policy.
So far, this host has the ability to reject any other machine from pinging its own IP address, but it can still ping itself locally. After such settings, all users (including administrators) cannot ping the server on other machines. Limited by the technical level, I am not able to provide a way to divide user permissions under the IP Security Policy for the time being. I hope my friends with relevant experience can correct me. This solution is also applicable to Windows 2000/XP.
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
