Prevent attacks and invasion! Thoroughly blocked ping command vulnerability

xiaoxiao2021-03-06  113

Prevent attacks and invasion! Thoroughly blocked the ping command vulnerability originating from: Tianji

First, safety instructions

Windows's operating system who knows is more dangerous, the reason is a lot of vulnerabilities. It is more troublesome to make the patch, if it is grateful by hackers or the consequences of the virus damage. Often use the system's own defects to carry out various invasion is an important way for hackers. With the popularity of broadband Internet, the use of networks in households has gradually increased. The security issues brought also threaten by the computer. People who know how to know how we often use the ping command to check if the network is smooth, but this ping can also bring serious consequences to the Windows system, that is, ping invading is ICMP (Internet Control and Message Protocal is the Internet Control Message Error Packet Protocol) Invasion, the principle is to make the computer's CPU usage is high and crash through the PING CPU usage, which is usually continuously issued to a large number of requests to the computer during one period of time.

Second, preventive measures

Step 1: Need to open the desktop of the computer, right-click "Online Neighbors → Properties → Local Connection → Internet Protocol (TCP / IP) → Properties → Advanced → Option -TCP / IP Filter - Properties".

Step 2: You see a window is about "TCP / IP Filter", first click on "Enable TCP / IP Filter (All Adapters)". On the "TCP port, UDP port, IP protocol" add box, click "Allow", then press the Add button, then enter the port on the dialog box, usually the port we use to access the Internet is: 80, 8080 And the port of the mail server is: 25, 110, and the port of FTP is 20, 21, and the UDP port and IP protocol are also added.

Step 3: Open "Control Panel → Administration Tools → Local Security Policy", then right-click on the "IP Security Policy," Manage IP Filters and IP Filters ", manage IP filters and IP filters Add a new filter rule to the list, name Enter "Prevent ICMP Attack", then press Add, select any IP address in the source address, the target address selects my IP address, the protocol type is ICMP, the setting is complete.

Step 4: In "Manage Filter Actions", uncheck "Use Add Wizard", add, enter the name "DENY operation" in the regular, and the security measures are "blocked". In this way, we have a filtering policy that comes to enter ICMP packets and discards filtering of all packets.

Step 5: Click on "IP Security Policy, in Local Machines", select "Create IP Security Policy - Next - Enter Name ICMP Filter", by adding the Filter Rule Wizard, specify the "Prevention ICMP Attack" filtering strategy for just defined Give the ICMP filter, then select "Deny's Actions" and right click to "prevent ICMP attack" and enable.

Third, summary

After using security strategy, your computer is safe to prevent ICMP attacks and intrusion. It can intercept the large number of packets from those who have invaded, and ensure that your computer is from damage.

转载请注明原文地址:https://www.9cbs.com/read-104445.html

New Post(0)