Use vro technology to prevent malicious Network Attacks

Source: Internet
Author: User

Currently, the vro technology has been very well developed. So I have studied how to use the vro technology to prevent malicious cyberattacks. I would like to share with you here and hope it will be useful to you. In addition to ADSL dial-up Internet access, residential broadband Internet access is also a common Internet access method. If you use residential broadband Internet access, Do you think vro technology is just an Internet tool? Otherwise, you can take advantage of your vro to prevent hacker attacks. Let's take a look at it.

Objective: To restrict external computers from connecting to ports 23 (telnet), 80 (www), and 3128 of the host in the community. Premise: the interface connecting the Router to the internal network is Ethernet0/1. After each command is run, press Enter. Refer to the Cisco Route.

Step 1 Select Run from the Start Menu. In the displayed dialog box, enter "cmd" and press Enter. After the window appears, connect to the vrotelnet at the prompt. The Instruction format is "telnet vrotelnet IP Address ". When the screen requires entering the telnet password ("Login" is displayed on most routers), enter the password and confirm it is correct, and then enter the command enable, on the screen, enable password is required. Tip: These two passwords are generally provided by the router technology manufacturer or dealer. You can call them to query them.

Step 2 enter the command Router # configure termihal to enter the vro configuration mode. You can only set the vro in this mode.

Step 3 enter the configuration mode and enter the command Router (config) # access-list 101 deny tcp any host eq telnet. This command sets the access list ), this command rejects any requests from the host whose IP address is that belong to Port 23 (telnet.

Step 4 enter the Router (config) # aecess-list 101 deny tcp any host eq www command to reject port 80 (www) from any address to the host whose IP address is

Step 5 the last thing to deny is access from any address to the host with the IP address belonging to port 3128, which requires entering the command Router (config) # access list 101 deny tcp any host eq 3128.

Step 6: We have configured the expected access list. However, to allow access from all other IP addresses, we also need to enter the Router (config) # aceess-list 101 permit ip any to allow other access requests.

However, to enable the router technology to execute the access list we have made, we also need to add this list to the Interface Check Program. The specific operations are as follows. Enter the command Router (config) # interface eO/1 to enter interface ethernet 0/1, and then enter the command Router (config-if) # ip access-group 101 out implements the access list on this interface. In this way, any TCP packet to exit the interface must be checked by this access list rule, that is, from anywhere on the host whose IP address is, port) all access requests belonging to telnet (23), www (80), and 3128 are rejected. Finally, input the write command to set the write STARTUP configuration.

In this way, your host is much more secure. Although only a few common ports are prohibited, it can shut down a lot of people who are prank. In addition, if you see any port that may be attacked or has a vulnerability, you can use the above method to block the vulnerability.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.