2K/XP uses Ipsec to block QQ method

  
        

After a friend asks about blocking QQ, there are many ways to achieve this problem. If you use Win2k or XP, the best way is to use IPsec to block it. What is IPsec? Please see win2000. Help file.

The specific operation is as follows (the following only describes the method of blocking QQ on the local computer, the same in the blockade domain, omitted):
1. Click the "Start" menu - >"Programs"->"Administrative Tools"->"Local Security Settings", open the local security policy.

2. Right click on "IP Security Policy, on Local Machine" in the left tree, Option "Create IP Security Policy", start "IP Security Policy Wizard".

3. Skip the welcome page in the wizard, enter the "IP Security Policy Name" page, take a nice name, call it" Block QQ", the description can be filled or not, press Next to continue.

4. On the "Secure Communication Request" page, remove the checkmark in front of "Activate Default Response Rule", ie leave it unchecked. Next step.

5. After completing the IP Security Policy Wizard, select the "Edit Properties" option. This is selected by default. Press Finish.

6. The wizard will pop up when it is closed." seal The QQ Properties dialog box has two tabs: Rules and General. We use the contents of the rule.

7. Press the "Add" button under the "Rules" tab to launch the "Security Rules Wizard". ", skip the welcome page, press Next to continue.

8. Use the default entry "This rule does not specify a tunnel" on the "Tunnel Endpoint" page. Press Next to continue.

9. Select the appropriate network type in the "Network Type" page, use the default "All Network Connections". Click Next to continue.

10. Use the default on the "Authentication Method" page. the "Windows 2000 default value (Kerberos V5 protocol)" button. press Next to continue.

11. in the "IP filter list" page, click "Add" button to add a new IP filter.

12. In the pop-up "IP Filter List" dialog box, give this filter a name, we are "QQ Filter", press "Add" to start the "IP Filter Wizard", jump After the welcome page, press Next to continue.

13. In the "IP Communication Source" page, use the "My IP Address" in the source address and press Next to continue.

14." IP communication directory "The destination address in the page uses "any IP address", here can also be straight Use Tencent's server address, but because there are several servers, it is convenient to use "any IP address" directly. Press Next to continue.

15. In the "IP Protocol Type" page, please select the protocol type. "UDP", press Next to continue.

16. On the "IP Protocol Port" page, select "From this port", fill in the following port number "4000". Others use the default value. Press Next to continue.

17. Press Finish on the completion page. Go back to the "IP Filter List" dialog box. Press "Close" to return to the "IP Filter List" page of the "Security Rules Wizard". Select "In the list" QQ Filter", press Next to continue.

18. On the "Filter Action" page, select a suitable filter action. Here we create one. Press the "Add" button on the page to start " Filter Operation Wizard ".

19. Skip the welcome page, fill in a nice name on the "Filter Operation Name" page on the second page, just call "Reject QQ", press Next to continue.

20. Select "Block" on the "Filter Operation General Options" page. Press Next to continue. Complete the filter operation to add.

21. Back to the "Security Rules Wizard" Filter action "page, In the "Reject QQ" operation we just created. Press the next step to continue.

22. On the "Complete Security Rules" wizard page, uncheck "Edit Properties", press Done, complete all operations. Go to the "Local Security Settings" MMC snap-in.
We will see our newly created IP security policy "Block QQ" in the details pane on the right, but now it has not been assigned, it has not yet worked.

23. assignment. Right-click the "blockade QQ" this IP security policy, select the "assignment." Note that at the same time, there is only one IP security policy is assigned, if you assign a blockade QQ, your Other security policies will automatically expire.

24. Wait for the policy to take effect or use the command to directly refresh the policy. The command is as follows:
secedit /refreshpolicy Machine_policy /enforce
The policy will take effect immediately. Now my QQ it is offline, it seems I have just set the policy in force :)

25. to test to see if they really take effect
first method: open the QQ, can not see the connection .
The second method: use the netdiag command, please open the remote registry access service before use, otherwise you can not use. I use The results returned by the commands are as follows:

IP Security test . . . . . . . . : Passed
Local IPSec Policy Active: 'Block QQ'
IP Security Policy Path:

SOFTWARE\\PolicIEs\\Microsoft\\Windows\\IPSec\\Policy\\Local\\ipsecPolicy{FDAF5244-B808-4EA5-8B70-C4367509F773}

There are 1 filters
No name
Filter Id: {E56E5429-D3DB-4E44-B1EE-0A3E06420A3B}

Policy Id: {99F57DA5-011B-4A77-9A66-8AA9290B54C7}

Src Addr : 192.168.168.11 Src Mask : 255.255.255.255< BR>
Dest Addr : 0.0.0.0 Dest Mask : 0.0.0.0
Tunnel Addr : 0.0.0.0 Src Port : 4000 Dest Port : 0
Protocol : 17 TunnelFilter: No
Flags : Outbound Block

above it shows QQ blockade strategy has already been closed. :)


Copyright © Windows knowledge All Rights Reserved