How to use IPSec to protect server security

Whether you are enabling a firewall on Windows XP or configuring TCP/IP filtering on Windows Server, you cannot strictly control the flow of traffic out. So if your server has a Trojan horse program (such as the Gray Pigeon Trojan program), the program will actively connect the intruder to establish a session, the intruder can monitor and control your server.

Maximize the configuration of server network security, you can strictly control the traffic to and from the server, such as your server is a Web server, you can configure only TCP destination port 80 packets into the server, TCP source port of 80 packets away from the server. So even if your server in the Gray Pigeon Trojan program, you can not actively connect intruders. This control can be achieved by configuring server IPSec, both Windows Xp,windows Server 2003 and Windows Server 2008 support IPSec.

The following is an example of how to configure Web server security through IPSec to prevent the Gray Pigeon Trojan horse program. Demo Intruder Trojan Horse program, enable Windows Firewall on the server, install Trojan horse program, remote control server in intruders. Configuring IPSec, as shown in Figure 2-143, only allows TCP's destination port to be 80 packets into the server, allowing only TCP's source port of 80 packets to leave the server. Verify that the Trojan cannot connect to the intruder.

The IP address of the intruder is 192.168.1.121, and the IP address of the server is 192.168.1.200.

1. Make a Trojan horse program

Gray Pigeon Trojan Horse program, you can search in http://down.51cto.com/"Gray pigeon", you can find and download.

Gray Pigeon Trojan Horse program, will actively connect to the intruder, the intruder can remotely monitor and control the Trojan server. This requires Trojan can connect to the intruder, so the Trojan horse program must specify the intruder's IP address.

(1) as shown in Figure 2-144, install and run the Gray Pigeon Trojan horse program on the intruder's computer, click the "Configure Service Program" button, prompting: Trojan Horse program in the Recruit computer is in the way of service.

(2) as shown in Figure 2-145, enter the IP address of the intruder in the automatic online settings in the Server Configuration dialog box that appears.

Figure 2-144 Running Gray Pigeon Trojan program ▲ Figure 2-145 "Server Configuration" dialog box