Completely block Ping Vulnerability

I. Security notice

Windows operating systems are known to be dangerous because of many vulnerabilities. Patch alone is enough to worry about it. If hackers target or damage the virus, the consequences will be even more serious. It has always been an important way for hackers to take advantage of system defects for various intrusions. With the popularization of broadband Internet, the number of households using the network has gradually increased. The resulting security issues also threaten computer security. Anyone who knows the network knows that we often use ping commands to check whether the network is smooth. However, this Ping can also cause serious consequences for Windows systems, that is, Ping intrusion refers to the intrusion of ICMP (Internet control and message protocal are Internet Control Message error message protocols). The principle is to ping a large number of data packets to cause the computer to crash due to high CPU usage, generally, a large number of requests are sent continuously to the computer within a period of time, resulting in insufficient CPU processing and crash.

Ii. Preventive measures

Step 1: You need to open the desktop on your computer, right-click "network neighbor → properties → local connection → properties → Internet Protocol (TCP/IP) → properties → advanced → options-TCP/IP filtering-properties ".

Step 2: You can see a window about "TCP/IP filtering". First, click "enable TCP/IP filtering (all adapters )". Then, in the "TCP port, UDP port, and IP protocol" add box, click "only allow", then press the Add button, and then enter the port in the displayed dialog box, generally, the ports used for accessing the Internet are 80 and 8080, while the mail server ports are 25 and 110, and the FTP ports are 20 and 21, add UDP ports and IP protocols.

Step 3: Open "Control Panel> Administrative Tools> Local Security Policy", right-click "IP Security Policy", and select "manage IP Filter and IP Filter operation" on the local machine ", add a new filter rule to manage IP filters and IP filters. Enter "ICMP attack prevention" in the name, and then press add to select any IP addresses from the source address, select My IP address as the target address. Set the protocol type to ICMP.

Step 4: In "manage Filter Operations", deselect "use add wizard", add, and enter "Deny operation" in general. The security measure is "Block ". In this way, we have a filtering policy that follows all incoming ICMP packets and discards all packets.

Step 5: click "IP Security Policy, on the local machine" and select "create IP Security Policy-next-enter the name" ICMP filter ". In the Add filter rule wizard, specify the "ICMP attack prevention" filter policy that you just defined to the ICMP filter, select the "Deny operation" that you just defined, right-click "ICMP attack prevention", and enable it.

Iii. Summary

By setting security policies like this, your computer is much more secure in preventing ICMP attacks and intrusions. It can intercept a large number of data packets from attempted intrusions, protect your computer from damages