Windows system TCP /IP settings typical application case (1)

TCP/IP is the foundation of the network. For Windows systems, the so-called TCP/IP settings are mainly the network parameter settings related to the network card. In fact, this part of the content requires administrators to dig deeper. Below I will list a few typical application cases related to this, I hope to help friends who have encountered similar problems.

1. Modify MAC, you can't manage me

The staff of the planning department didn't work for the business, and finally the leaders couldn't bear it. So they ordered the network administrator Xiao Zhang to resolutely put an end to this situation. Xiao Zhang chose to bind the MAC and IP on the router, and all the hosts of the planning department were included in the "blacklist" - Internet connection was forbidden.

This is hard to beat "master" Kobayashi, he found the pony of the sales department, got the MAC address and IP address of her network card (take the MAC address, IP address method is, at the command prompt Enter ipconfig /all under the symbol). Then operate on your own computer. First, modify the MAC address of the network card. The operation steps are as follows: Select “Network and Dial-up Connection” in the control panel, select the corresponding network card and click the right mouse button, select the property, and click the “Configure” button on the “General” page of the property page. . In the configuration property page, select "Advanced", then select "Network Address" in the "Properties" column, select the input box in the "Value" column, and then enter the obtained MAC address in the input box. (Figure 1)

Then, modify the IP address as follows: Select "Internet Protocol (TCP/IP) under the "General" page of the previous NIC property page. Click on the "Properties" button below, and then set the IP address, subnet mask, etc. to the corresponding value just obtained. After the above settings are completed, Kobayashi can swim again on the Internet.

2. Port operation, refusal to scan

Xiaohu's computer is often attacked by others, and attackers often leave provocative messages on the desktop. It is hard to bear, he couldn't bear to find Xiaolin for help. After a diagnosis of Xiaolin's diagnosis, Xiaohu's computer has too many open ports, and some ports need to be closed or blocked.

(1). Shut down the port

It is convenient to close some idle ports in the Windows NT core system (Windows 2000/XP/2003), you can use the "directed shutdown specified service" "Port" (blacklist) and "Open only allow port" (whitelist) settings. Some network services of the computer will have a default port assigned by the system, some idle services will be turned off, and the corresponding ports will be closed.

Go to the "Control Panel" → "Administrative Tools" → "Services" item, turn off some unused services of the computer, and their corresponding ports are also disabled. As for "only open the way to allow ports", you can use the system's "TCP /IP filtering" function. Right click on "Local Area Connection", select "Properties", select "Internet Protocol (TCP/IP)", click the "Properties" button, then click the "Advanced" button, under the "Options" tab, select "TCP/IP Filter" and click "Properties". "Open the filter settings window. When set, "only allow" some of the basic network communication required by the system. In addition to the above methods, some ports can be disabled via IPsec. (Figure 2)

(2). Fake deception

With his own way to cure his body, Xiaolin feels helpless to export Xiao Hu I fooled the attacker and made Xiaohu’s computer a honeypot, waiting for the attacker to hook. Defnet HoneyPot is a well-known honeypot system. The virtual system is no different from the real system, but it is a trap for malicious attackers. However, this trap tricks a malicious attacker into being able to record which commands he has executed, what actions he has taken, and which malicious attack tools he has used. Through the recording of traps, you can understand the habits of attackers, grasp enough evidence of attack, and even counterattack the attacker. Using this tool to deploy a honeypot system is very simple, open the software and enter the appropriate parameters. Then it will start randomly and it will be logged if it is scanned maliciously.