Exercise caution when using IPSec security policies to prevent Ping attacks

As we all know, the Ping command is a very useful network command, which is often used to test network connectivity. But at the same time, it is also a double-edged sword, especially in today's rapid development of the network, some "malicious" people use it in the Internet to detect other people's machines, to achieve ulterior motives. To ensure the security of machines on the network, many people now attach great importance to anti-Ping. Of course, there are many anti-Ping methods and methods, such as using IPSec security policies, Windows built-in firewalls, third-party firewall tools, routes, and remote access components. Is the anti-Ping method suitable for you, let me take you here!

Using the IPSec Security Policy "Ping protection" is a common method. After a few simple steps of configuring the IPSec Security Policy, the Ping protection effect can be achieved. This method is easy to configure, And the IPSec Security Policy is a built-in function component in Windows, which does not require additional installation, so it is favored by many users. However, I would like to remind you that you should be cautious when using the IPSec Security Policy "anti-Ping.

Why? First, let's take a look at how the IPSec Security Policy "prevents Ping". The principle is to filter out all ICMP packets on the local machine by creating an IPSec Policy. This is indeed an effective "anti-Ping" option, but it also leaves sequelae.

Because the Ping command is closely related to the ICMP protocol (Internet Control and Message Protocal), there are 11 packet formats in ICMP protocol applications, the Ping command uses the "Echo Request" packet in the ICMP protocol to work. However, the IPSec Security Policy uses the "Do Not" method to prevent Ping. All ICMP packets are filtered out, especially many useful messages in other formats. Therefore, some LAN environments with special applications are prone to packet loss, which affects users' normal office work. Therefore, we suggest you use the IPSec Security Policy "Ping protection" with caution ".

Use third-party firewall tools

We already know the shortcomings of the IPSec Security Policy "Ping protection". To ensure that packets sent by local machines are correctly transmitted to the target host through the network, you can use other more effective methods, such as using the network firewall "anti-Ping ".

For Internet users, using the personal network firewall "Ping protection" is the simplest method. Using this method to prevent Ping does not require complex settings. As long as you correctly configure the firewall's built-in "anti-Ping" rules, you can easily implement "anti-Ping. There are many types of personal network firewalls, and almost all of them can effectively implement "Ping Protection", such as Skynet personal firewall, rising personal network firewall, and Windows Firewall (or ICF, next, I will take Rising's personal network firewall as an example to introduce how to configure the firewall to achieve the goal of "anti-Ping.

After running the main program of Rising's personal network firewall, click "Settings> set rules" in the main window to bring up the "Rising's personal network firewall rule Settings" window, in the rule list, select the "Default ICMP inbound" rule, and double-click the rule to bring up the "rule attributes" dialog box (1). You can set detailed parameters here, select the System option in the "category" box, select the "receive" option in the "direction" box, and select the "ICMP" protocol used by the Ping command in the "protocol" box, select the "Disable" option in the Operation box. Pay attention to the selection of ICMP message types. Switch to the "ICMP Type" tab, select "Echo Request" in the "type" drop-down list box, and click "modify, save settings. In this way, Rising's personal network firewall can filter out the ICMP packet "Echo Request" used by the Ping command, while other useful ICMP packets can pass safely. After completing the preceding settings, the personal network firewall is used to effectively prevent Ping attacks.