Ping prevention using IP Security Policies

The Ping Command can send a small packet to the address you provide, and then listen on whether the machine has "answers ". Find which machines are active on the network. Ping intrusion is an ICMP intrusion. The principle is to send a large number of requests to the computer in a period of time through ping, so that the CPU usage of the Computer remains high to 100%, and the system crashes or even crashes. Based on this, write this article anti-ping IP Security policy to protect your system security.

In fact, anti-ping installation and firewall setting can also solve the problem, but not every computer will install the firewall. Consider resource occupation and setting skills. It is useless if you have installed a firewall but have not modified or added IP rules. Some configurations are not very high. To avoid occupying resources for the firewall, you can set security in your system manually.

The specific creation process is as follows:

(1) Create an IP Security Policy

1. Click Start> Control Panel> Administrative Tools> Local Security Policy. Then, click Local Security Settings, and right-click "IP Security Policy" on the left side of the dialog box, run the "Create IP Security Policy" command on the local computer.

2. In the displayed "default response rule authentication method" dialog box, select the "this string is used to protect key exchange (pre-shared key)" option, enter a string in the text box below. (For example, "Ping prohibited ")

3. After creating an IP Security Policy, click "add" in the "IP Filter list" window. The "IP Filter wizard" window appears, click "Next". The "ip address-to-source" page is displayed. on this page, set "Source Address" to "my IP Address "; the "target address" is "any IP Address". Computers with any IP address cannot ping your machine.

You can disable ports in Filter Properties. For example, to close TCP port 135: Select "TCP" in the drop-down list of "select protocol type", and then enter "135" in the text box under "to this port ", click "OK" to add a filter to block TCP 135 (RPC) port, which can prevent external connection to your computer through port 135. You can repeat tcp udp and other ports that you think need to be closed.

4. Click "Next"> "finish" in sequence. At this time, you will see the created filter in the "IP Filter list", select it, and click "Next ", on the "filter operation" page that appears, set the filter operation to "require security.

(2) assigning IP Security Policies

 

The security policy cannot take effect immediately after it is created. We also need to use the "Assign" function to make it take effect. To enable the policy, right-click the "new IP Security Policy" item in "Console Root Node", and then execute the "Assign" command in the pop-up context menu.

So far, this host has the ability to reject any other machine from pinging its own IP address, but it can still ping itself locally. After such settings, all users (including administrators) cannot ping the server on other machines. From then on, you no longer have to worry about being pinged. If you shut down the ports frequently used by hacking tools and Trojans, your system will become more solid.