Disable modifying IP addresses
Disable modifying IP addresses
Regsvr32/u Netcfgx.dll
Regsvr32/u Netshell.dll
Regsvr32/u Netman.dll
Allow IP Address modification
Regsvr32 Netcfgx.dll
Regsvr32 Netshell.dll
Regsvr32 Netman.dll
The other inch is. bat
Clever use of three strokes to protect the IP address in the LAN
1) Disable Network connection service
the simplest way to restrict users from modifying TCP/IP parameters is to let users not open the TCP/IP parameter Settings window. Open start, run, enter the Services.msc command, select the Network Connections service, right-click, select the Deactivate button from the properties, choose Startup type as disabled, and OK. This way, if you go from "Start" to "Network connection", you will not find the "Local Area Connection" icon. This will also give their own network parameter changes caused trouble, you can disable the "Plug and play" service, it will not affect your normal network access
2) Restricting modification of network parameter method
Modify the registry of the relevant network key values can be achieved. Go to "Run" input "regedit" command, open Registry Editor, determine the hkey_users\default\software\microsoft\windows\currentversion\policies\ Network Branch, in the right area, select the edit, new, DWORD value option, name the new DWORD value "Nonetsetup", enter its value as "1", restartComputer, the system will be prompted not to enter the Network Properties Settings window.
3) Hide Local connection icon method
The local connection icon is related to the system's Netcfgx.dll, Netshell.dll, Netman.dll three dynamic link files, once the three dynamic link files are unregistered, then the local connection icon will be automatically hidden. In the anti-registration of the above three dynamic link files, you can first open the system run box, and enter the string command "regsvr32 netcfgx.dll/u" command, click the "OK" button, you can Netcfgx.dll file anti-registration
Switch-sealed MAC Address table resolves LAN ip conflicts
Ping this conflicting IP on my machine, then, by arp-a This command to view the native ARP table, first can find the IP corresponding to the MAC address and recorded, first determine the MAC address is not a legitimate user. On the telnet to switch, enter the following command:
[H3c]mac-address blackhole ****-****-**** (Illegal mac) VLAN 1
In this way, the purpose of the illegal Mac is achieved, so that illegal users can not access the Internet.
This article is from the "Start from the Heart" blog, please be sure to keep this source http://fuquanjun.blog.51cto.com/5820068/1436622