Blocking Trojans' new method IP security strategy to recruit

  

Whether it is ordinary users or professionals, once you hear the Trojans have a feeling of fear, and the Trojans are really pervasive, we should increase the defense against him, To avoid porting, in addition to anti-virus software, IP security policies can come in handy.

Regardless of the 2000/XP/2003 system, the Microsoft Management Console (MMC) system has configured functions into a configuration module, which greatly facilitates our special settings (Telnet uses port 23, for example, the operating system is Windows XP).

Steps

First, click on the “Run” box to enter “mmc”ENTER“ console window will pop up, select ”file → add/remove snap-in → In the separate tab bar, click 'Add' & Rarr; IP Security Policy Management & ldquo; Finally, follow the prompts to complete the operation. At this time, we must add the IP security policy on the local computer (hereinafter referred to as "IP Security Policy") to the console root directory.

Now double-click on the IP Security Policy to create a new management rule. Right-click "IP Security Policy", in the shortcut menu that pops up, select "Create IP Security Policy", open the IP Security Policy Wizard ", click & rdquo; next → name default "ldquo; new IP security policy '→ next → do not select “ activate → default response rule '” (Note: click “ next, you need to confirm & rdquo; attribute & ldquo; selected), then select & rdquo; complete & ldquo ; new IP security policy attribute → add → do not have to choose 'use add wizard' & ldquo;.

Select “ any IP address, the source address of the destination address in the address bar should select “IP address“ (do not have to choose mirror). In the Protocol tab, note that the type should be TCP, and set the IP protocol port from any port to this port 23, and finally click the <;OK” button. A “New IP Filter” will appear, then select it in the “IP Filter List”, switch to the “Filter Action” tab, click “Add → Name Defaults to 'New Filter operation '→ add → block & rarr; complete “.

The new strategy needs to be activated. To work, the specific method is: right click on the new IP security policy “, "Assign"

Effects

Now, when Telnet from another computer to this station, the system will report a login failure. Scan the tool to scan the computer and you will find that port 23 is still providing service. In the same way, we can block any other suspicious ports.

Trojans are well guarded, and they are more reassured about network security. We can safely watch videos online, prevention is better than killing, and it is too late for him to invade the computer.

Copyright © Windows knowledge All Rights Reserved