不通如何设置ip策略使别人ping不通自已(How to set IP strategy to make others Ping impassability)

ping不通  时间:2021-03-14  阅读:()

如何设置ip策略使别人ping不通自已Howto set IP strategy tomake others Ping impassability

By default, all Internet control message protocol (ICMP)options are disabled. If the ICMP option is enabled, yournetwork will be visible in Internet and vulnerable to attack.If you want to enable ICMP, must be as an administrator or amember of the Administrators group on computer, right-click onthe "network neighborhood", on the shortcut menu, select"properties" to open the "network connection", selectedconnection enabled the Internet connection firewall, open theproperties window, and switch to the "advanced" tab. Click the"Settings", then the "advanced settings" dialog window, in the"ICMP" tab, check that type of response to a request forinformation from your computer, check the box next to the tableto enable this type of request, such as to disable thecorresponding request please clear the type of information canbe.

Two, use network firewall to block Ping

Usingfirewalls to blockPing is the simplest andmost effectiveway, and now basically all firewalls have enabled ICMPfiltering by default. Here, with Kingsoft net 2003 and Skynetfirewall 2.50 edition for blue, originally explained.For the use of Kingsoft Internet Security 2003 users, pleaseright-clickmouse Kingsoft 2003 icon in the system tray, selectthe "utility" in the "custom IP rules editor on the shortcutmenu, select the type of ICMP attack defense rules" in the

window that appears, allowing others to eliminate "thedetection" rules with the ping command to save the applicationafter effect.

If you are using a Skynet firewall, in the main screen clickon "custom IP rules", and then uncheck "to prevent others fromusing the ping command detection rule, check the" defense ICMPattack"rules, and then click" save/application"to IP rules.Three, enable IP security policy, prevent Ping

The IP security mechanism (IP Security) , that is, the IPSecpolicy, is used to configure IPSec security services. Thesepolicies provide various levels of protection for mostcommunication types in most existing networks. You canconfigure IPSec policies to meet the security needs of yourcomputer, application, organization, unit, domain, site, orglobal enterprise. You can use the Windows XP in the "IPsecurity policy management unit for Active Directory in thecomputer (for domain members) or the local computer (for do notbelong to the domain of computer) definition of IPSec strategy.Here, for example, WINDOWS XP, through the "control panel" -"management tool" to open the "local security policy", selectthe IP security policy, where we can define their own IPsecurity policy. A IP security filter consists of twocomponents: filtering policies and filtering operations. Tocreate anew IP security filter, youmust create a newfilteringstrategy and filtering operation of its own, right click on theleft sideof thewindowof the"IP securitypolicies on the localmachine", select "create IP security strategy" on the shortcut

menu, click next, and then enter the name and description ofstrategy strategy. Click next to select the activate thedefault response rule check, and then click next". Startsetting response rule authentication method, select the stringused to protect key exchange (pre shared key) "option, and thenenter some characters (these characters will be used later) ,click"next ", itwill prompt the completed IP security strategy,confirm select the check box, click edit properties the" finish"button, the dialog box will open.

Next, you will configure the new security policy. In "GoodbyePing properties" dialog window "rules" in the options page,click the Add button, and in turn the Safety Rules Wizard, clicknext to the end of the tunnel set here, "this rule does notspecify the tunnel". Click next, and select all networkconnections to make sure that all computers are Ping blocked.Click next to set authentication mode,

As above, select the third option. This string is used toprotect the key exchange (pre shared key) and fill in the samecontent as before. Click "next" to open the "IP filter list"window"in the IP filter list" and select "new IP filter list,click on the right side of the" Edit ", click" in the windowthat appears to add ", click" next ", " set the source addressfor "my IP" address ", click"next ", set up the target addressfor any" IP address ", click" next ", select the protocol typefor ICMP, click" finish "and then click" OK "to return to thewindow as shown in Figure 9, click next, select the filteraction for" safety requirements "option, and then click" next", " complete ", " OK ", " close "button to save the settingsrelated to the return management console.

Finally, in the local security settings, right-click theconfiguration of the "Goodbye Ping" strategy, select

"assigned" command on the shortcut menu to apply thisconf igurat ion.

After the settings above, when other computers Ping thecomputer, there is no Ping connection. But if you are Ping localcomputer, you can still Ping. In Windows 2000, the operationis basically the same.

Four, modify the TTL value, prevent Ping

Many invaders love to judge the operating system by the TTLvalue, they will first Ping of your machine, such as see theTTL value of 128 that your system is Windows NT/2000, if theTTL value of 32 is that the target host operating system forWindows 95/98, if 255/64 is that UNIX/Linux operating systemfor the TTL value. Since the intruder believes in the resultof the TTL value, then we might as well modify the TTL valueto deceive the intruder and achieve the purpose of protectingthe system. Method is as follows:

Open the Notepad program that comes with Windows, and write thebatch command as follows:

@echo REGEDIT4>>ChangeTTL.reg

@echo.>>ChangeTTL.reg

@echo

[HKEY_LOCAL_MACHINESystemCurrentControl SetServicesTcpipParameters]>>ChangeTTL.reg

@echo DefaultTTL=dword:000000ff>>ChangeTTL.reg

@REGEDIT /S /C ChangeTTL.reg

In order to save as a.Bat extension of the batch file, clickon the file, the default value of the TTL operating system youwill be modified for FF, 255 decimal, namely your operatingsystem artificially changed to UNIX system!

DefaultTTL=dword:000000ff is used to set the default value ofthe TTL system, if you want to own the TTL operating system toother operating system of the ICMP echo reply, please changethe DefaultTTL key, should pay attention to its value as 16hexadecimal.

How to prohibit others Ping own host (2000 comes)

My computer-control panel -management tools-local securitypolicy, -ip security policy

This is the 2000 to our configuration IP management tool, I'mhere to say only how to ban others, Ping my host.

There are four steps:

1. Set up a no Ping rule

2. Establish a rule of prohibition / permission

3. Tie the two rules together

4. Assign

Detail:

1. Right click the IP security policy management IP filter listsand filter -ip filter list - added: Name: Ping; Ping;Description: (check"use addWizard") , -added-the next step:Specifies the source / destination IP, protocol type (ICMP) ,the next step to complete, closed this dialog box.

2. Manage the IP filter list and filter operations - managefilter actions-add (check the use of add wizard) -next: Name:refuse; Description: refuse--, next: stop - next, untilcomp let ion.

3. Right click the IP Security Policy- create the IP SecurityPolicy - next: Name: Ping; next: deactivate the defaultresponse rule - next: select the edit attribute selected -finish.

Then add the attribute Ping "" no - (check "use add Wizard")-the next step until the "authentication method"; choose third,enter a shared string - the next step: in the IP filter listand choose "ping-- the next step:" the next step to completerefuse-.

This is your "local security settings" on the right, you willsee "Ping forbid" this rule, but now he has not worked.

4. Right click "no Ping" -- assign.

This time, a IP strategy for banning others from Ping' s ownmachines has been completed.

Try to find a machine, your machine does not work. Will prompt:request timeout (timeout)

The above is only a small IP filter. You can make other IPstrategies yourself

Dynadot COM特价新注册48元

想必我们有一些朋友应该陆续收到国内和国外的域名注册商关于域名即将涨价的信息。大概的意思是说从9月1日开始,.COM域名会涨价一点点,大约需要单个9.99美元左右一个。其实对于大部分用户来说也没多大的影响,毕竟如今什么都涨价,域名涨一点点也不要紧。如果是域名较多的话,确实增加续费成本和注册成本。今天整理看到Dynadot有发布新的八月份域名优惠活动,.COM首年注册依然是仅需48元,本次优惠活动截止...

tmhhost:全场VPS低至6.4折,香港BGP200M日本软银美国cn2 gia 200G高防美国三网cn2 gia韩国CN2

tmhhost放出了2021年的端午佳节+618年中大促的优惠活动:日本软银、洛杉矶200G高防cn2 gia、洛杉矶三网cn2 gia、香港200M直连BGP、韩国cn2,全都是高端优化线路,所有这些VPS直接8折,部分已经做了季付8折然后再在此基础上继续8折(也就是6.4折)。 官方网站:https://www.tmhhost.com 香港BGP线路VPS ,200M带宽 200M带...

CloudCone闪购优惠洛杉矶MC机房VPS月$1.99 便宜可随意删除重开

CloudCone商家我们很多喜欢低价便宜VPS主机的肯定是熟悉的,个人不是特别喜欢他。因为我之前测试过几次,开通的机器IP都是不通的,需要删除且开通好几次才能得到一个可用的IP地址。当然他们家的优势也是有的,就是价格确实便宜,而且还支持删除重新开通,而且机房只有一个洛杉矶MC。实话,如果他们家能多几个机房,保持现在的特点,还是有很多市场的。CloudCone是来自美国的主机销售商,成立于2017...

ping不通为你推荐
易烊千玺弟弟创魔方世界纪录易烊千玺带弟弟参加的那个节目是什么原代码源代码是什么意思啊www.jjwxc.net晋江文学网 的网址是什么?曲妙玲张婉悠香艳版《白蛇传》是电影还是写真集?月神谭求几个个性网名:www.e12.com.cn有什么好的高中学习网?16668.com香港最快开奖现场直播今晚开菊爆盘请问网上百度贴吧里有些下载地址,他们就直接说菊爆盘,然后后面有字母和数字,比如dk几几几的,www.toutoulu.com外链方案到底应该怎么弄呢sodu.tw给个看免费小说的网站
域名买卖 个人域名备案流程 ddos singlehop 美国主机推荐 博客主机 英文简历模板word css样式大全 魔兽世界台湾服务器 北京双线机房 亚马逊香港官网 百度云空间 卡巴斯基官网下载 wordpress空间 sonya 远程登录 侦探online 日本小学生 ddos攻击软件 qq空间登陆首页 更多