Frequent use of Ping commands can cause network congestion and reduce transmission efficiency. To avoid malicious network attacks, users are generally rejected to Ping the server. To achieve this goal, you can not only set in the firewall, but also on the vro, and also use the functions of the Windows 2000/2003 system. In either way, Ping is denied by forbidding ICMP protocol. The following describes how to set an IP policy in Windows Server 2003 to deny the user's Ping to the Server:
1. Add IP Filter
Step 2: Click Start/Administrative Tools/Local Security Policy in sequence to open the local security settings window. Right-click the "IP Security Policy, on local computer" option in the left pane and execute the "manage IP Filter tables and Filter Operations" shortcut command. In the "manage IP Filter list" option, click the "add" button and name the filter "PING prohibited". The description language can be "PING my host from any other computer ", click "add ,.
Add IP Filter
Step 2: click "Next"> "Next", select "IP communication Source Address" as "My IP Address", and click "Next; select "IP communication target address" as "any IP Address", click "Next", select "IP protocol type" as ICMP, and click "Next. Click "finish"> "OK" to end adding ,.
Select IP protocol type
Step 2: switch to the "manage Filter Operations" tab, click "add"> "Next", and name the filter operation as "block all connections ", the description language can be "block all network connections", click the "Next" button, and click the "Block" option as the action of this filter, click "Next"> "finish"> "close" to complete all add operations ,.
Set the action of the filter operation
2. Create an IP Security Policy.
Right-click the "IP Security Policy, on local computer" option in the console tree, execute the "Create IP Security Policy" shortcut command, and then click the "Next" button. Name this IP Security Policy "PING prohibited hosts", the description language is "reject PING requests from any other computer", and click "Next. Then, select "Activate default response rules" and click "Next. In the "default response rule authentication method" dialog box, click the "use this string to protect key exchange" option, and enter a string such as "no ping" in the text box below ", click "Next. Finally, click "finish" to end the creation ,.
Set authentication method
3. Configure an IP Security Policy.
In the "Rules" tab of the "PING prohibited host properties" dialog box that appears, click "Add/next" in turn, by default, click "this rule does not specify a tunnel" and click "Next". Click "all network connections" to ensure that all computers cannot PING the host and click "Next. In the "IP Filter list" box, click "Disable PING" and click "Next". In the "Filter Operations" list box, click "block all connections" and click "Next; cancel the "Edit attributes" option and click "finish" to end the configuration ,.
Select IP Filter
4. assign an IP Security Policy.
After creating a security policy, it cannot take effect immediately. You need to assign a security policy to it. Right-click the "Disable host PING" policy in the right pane of the "Local Security Settings" window and run the "Assign" command to enable this policy ,.
Assign an IP Security Policy
After such settings, the server has the ability to reject any other computer from pinging its own IP address. However, local Ping is still successful.