Simple setting to protect against ICMP attacks

Source: Internet
Author: User
Tags filter cpu usage server port firewall

Using the system's own flaws to carry out a variety of intrusion has always been an important way for hackers to often succeed, especially for the prevention of low awareness of home users is easier for hackers to succeed, understand the computer network knowledge readers know that ping commands are often used to check the network is unblocked, But this command can also have serious consequences for Windows system, that is, ping intrusion is the ICMP attack.

ICMP protocol is the Internet Control message Error Message Protocol, the principle of using ICMP attack is actually by ping a large number of packets to make the computer's CPU usage is high and crash, in general, hackers usually in a period of time to the computer issued a large number of requests, resulting in high CPU occupancy rate and panic.

Although many firewalls can filter ping, how can we effectively prevent ICMP attacks when there is no firewall installed? In fact, just configure the system with the default firewall on it. The method is as follows:

First step: Open on the computer's desktop, right click on "Network Neighborhood → properties → local connection → attribute →internet protocol (TCP/IP) → properties → advanced → options-tcp/ip Filter-Properties".

Step two: In the TCP/IP filter window, click to select Enable TCP/IP filtering (all adapters). Then, respectively, in the TCP port, UDP port and IP protocol on the Add box, click "Allow only", then press the Add button, and then in the pop-up dialog box input port, usually we use the Internet port is: 80, 8080, and mail server port is: 25, 110,ftp port is 20, 21, the UDP port and the IP protocol are also added.

Step three: Open the control panel → admin tools → local security policy. Then right-click IP Security Policy, select Manage IP filters and IP filter actions on the local machine, and add a new filter rule in the Manage IP filter and IP filter actions list, with the name input "prevent ICMP attack". Then press Add, select any IP address at the source address, select My IP address for the destination address, and the protocol type is ICMP, set up.

Fourth step: In Manage filter actions, uncheck the Use Add Wizard, add, enter the first name "Deny" in the general, and the security is "block." So we have a filter that focuses on all incoming ICMP packets and discards all messages.

Fifth step: Click on "IP Security Policy, on the local machine, select Create IP Security Policy-next-Enter name as ICMP filter, by adding the Filter Rule Wizard, assign the" Prevent ICMP attack "filter policy just defined to the ICMP filter, and then select the action that just defines" deny " , then right-click "Prevent ICMP attack" and enable.

Summary: After setting up our computer can prevent ping attack, and many attack methods have a preventive and immune function. Our system security level has also been greatly improved.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.