Disable Ping (ICMP)

Disable Ping (ICMP)

I. IPSec

Add the rule to shield ICMP:

IP Security Policy-manage IP Filter tables and Filter Operations-manage IP Filter lists-add-start a name (for example, :) --- add-next-source address-any IP address-target address-my IP address-select protocol type-ICMP-complete.
IP Security Policy-manage IP Filter tables and Filter Operations-manage filter lists-add-next-name (for example, :)-block-complete.
IP Security Policy-create an IP Security Policy-next-Name (for example, :) -- activate the default response rule-Win2000 default value-finish-rule-add-next-this rule does not specify a tunnel-all networks connection-Win2000 default value-IP Filter list-"ICMP"-"block"-next-complete.

Ii. Routing and Remote Access:
Select IP route-General-specified NIC-input filter-add-Protocol-ICMP-type 8-encoding 0-accept all packets except for the following conditions.

The experiment shows that the level of Routing and Remote Access is higher than that of IPSec. That is to say, when the two settings conflict, the system will take the route and remote access settings as the standard.

3. Simply Disable ICMP response (to) through TTL)
Many people asked how to disable ICMP responses in Windows 2000. In the past, I used IPSec to verify ICMP. Today I occasionally tried it and share it with you!

Client: 192.168.7.89
Server: 192.168.7.40

Before modification:
C:/scripts> Ping 192.168.7.40
Pinging 192.168.7.40 with 32 bytes of data:
Reply from 192.168.7.40: bytes = 32 time <10 ms TTL = 128
Reply from 192.168.7.40: bytes = 32 time <10 ms TTL = 128
Reply from 192.168.7.40: bytes = 32 time <10 ms TTL = 128
Reply from 192.168.7.40: bytes = 32 time <10 ms TTL = 128

Modify the registry, change defaultttl to 63, and ping the result.
C:/scripts> Ping 192.168.7.40
Pinging 192.168.7.40 with 32 bytes of data:
Reply from 192.168.7.40: bytes = 32 time <10 ms TTL = 63
Reply from 192.168.7.40: bytes = 32 time <10 ms TTL = 63
Reply from 192.168.7.40: bytes = 32 time <10 ms TTL = 63
Reply from 192.168.7.40: bytes = 32 time <10 ms TTL = 63

Modify the registry, change defaultttl to 0, and ping the result.
C:/scripts> Ping 192.168.7.40
Pinging 192.168.7.40 with 32 bytes of data:
Request timed out.
Request timed out.
Request timed out.
Request timed out.

Ping statistics for 192.168.7.40:
Packets: Sent = 4, received = 0, lost = 4 (100% loss ),
Approximate round trip times in Milli-seconds:
Minimum = 0 ms, maximum = 0 ms, average = 0 ms

On 192.168.7.40, Ping is not a problem, but it cannot provide external services. At the same time, you can only Ping what you do. Hey, play with yourself ~ (We recommend that you change the value to 255. For Linux and Solaris, it seems that most of them are this value. I remember someone used TTL to judge the Operating System. Haha, it's a scam :)

Hive: HKEY_LOCAL_MACHINE/system/CurrentControlSet/services/TCPIP/parameters
Subkey: defaultttl
Value: REG_DWORD 1-255
Default: 128

Reboot will take effect after modification ~
(Note: This method provides an error message to the other party. It does not block the ICMP packet,ArticleSource: Adam)

4. Set in ISA:
Disable Ping (ICMP): IP packet filters-name -- block packet transmission-predefine-ICMP ping query-default IP address for each external on the ISA Server computer-all remote computer-finish.

5. Use the personal firewall software:
Generally, firewall software provides the function of Disabling ICMP, but some are stronger and some are weaker, such: skynet, green alert, china wall, Norton, eTrust wall, zone alarm, black ice, ice shield, and so on, let alone professional ones.

as you can see, there are still many ways To Disable ICMP.