Close Ping (ICMP) method
First, IPsec
Add a rule of blocking ICMP:
IP Security Policy - Manage IP Filter Table and Filter Actions - Manage IP Filter List - Add - A Name (such as:) --- Add - Next - Source Address - No IP Address - Target Address - My IP Address - Select Protocol Type -ICMP- Finish. IP Security Policy - Manage IP Filter Table and Filter Actions - Manage Filter List - Add - Next - Name (such as:) - Block - Complete. IP Security Policy - Create IP Security Policy - Next - Name (, for example:) - Activate Default Response Rules - Win2000 Default - Completed - Rules - Add - Next - This rule does not specify tunnel - all network connections --Win2000 default value -IP filter list - "ICMP" - "block" - Next - Complete.
Second, Routing and Remote Access: IP Routing - General - Specified NIC - Enter Filter - Add - Protocol -ICMP-Type 8 - Coding 0 - Accept All packets other than the following conditions.
Through the experiment, the level of routing and remote access is higher than IPsec, that is, when two settings have conflicts, the system will be based on routing and remote access.
Third, through the TTL simple shutdown ICMP response (transfer) Many people ask how to turn off ICMP in Windows 2000, I used to use IPsec to verify ICMP, I occasionally a trial, with everyone Share !
Client: 192.168.7.89Server: 192.168.7.40
Before modified: c: / scripts> ping 192.168.7.40 for 192.168.7.40 with 32 bytes of data: reply from 192.168.7.40: Bytes = 32 TIME <10MS TTL = 128Reply from 192.168.7.40: Bytes = 32 TIME <10MS TTL = 128Reply from 192.168.7.40: Bytes = 32 Time <10ms TTL = 128Reply from 192.168.7.40: Bytes = 32 TIME <10MS TTL = 128
Modify the registry, change Defaulttt to 63, ping results C: / scripts> ping 192.168.7.40 on 32 bytes of data: reply from 192.168.7.40: BYtes = 32 TIME <10MS TTL = 63Reply from 192.168. 7.40: Bytes = 32 TIME <10MS TTL = 63Reply from 192.168.7.40: Bytes = 32 Time <10ms TTL = 63Reply from 192.168.7.40: BYtes = 32 TIME <10MS TTL = 63
Modify the registry, change Defaulttt to 0, ping results C: / scripts> ping 192.168.7.40 on 32 bytes of data: request timed out.Request timed out.Request timed out.Request timed out.
Ping statistics for 192.168.7.40:packets: Sent = 4, Received = 0, LOST = 4 (100% Loss), Approximate Round Trip Times in Milli-Seconds: minimum = 0ms, Maximum = 0ms, Average = 0ms and in 192.168. On 7.40, there is no problem outside, but it is not possible to provide services. At the same time, you can't do anything, just ping, hey, play it ~ (It is recommended to change to 255, Linux, Solaris seems to be much This value, remember that someone wrote through TTL to judge the operating system, huh,, 人 玩 :)
Huest: HKEY_LOCAL_MACHINE / SYSTEM / CURRENTCONTROLSET / SYSTEM / TCPIP / ParametersSubkey: DefaulttlValue: REG_DWORD 1 - 255DEFAULT: 128
After changing the reboot, it will take effect ~ (Note: This method is to provide the other party with an error message, not really shielding the ICMP package, the article Source: ADAM)
Fourth, in ISA Setting: Turn off Ping (ICMP): IP Packet Filters - The name - Block Packet Transmission-Predefine-ICMP Ping Query-Default IP Address for Each External On The Isa Server Computer-All Remote Computer- complete.
V. Use personal firewall software: General firewall software provides the ability to turn off ICMP, just some, some weak, such as: Tianwang, Green Alert, China Wall, Norton, ETRUST WALL, ZONE ALARM, Black ICE , Ice shield, etc., etc., don't say anything.
It can be seen that there are still many ways to close the ICMP protocol.
