05:49
Unknown
It's never a good idea to block ICMP in its entirety, as it is an extremely useful protocol. Troubleshooting tools such as ping requests (echo) and time exceeded packets (returned by traceroute requests) are best left alone, otherwise troubleshooting simple network issues will be a nightmare in the future. However, if you are dead-set on blocking ICMP for fear of DoS attacks, you can do this by accomplishing the following in Windows Firewall.
Steps
1. Navigate to the Start screen by either clicking the Start icon in the bottom left corner of the screen, or pressing the Windows key on your keyboard
2. Type “Windows Firewall”. Click Windows Firewall once you see it appear on the right-hand side of the screen.
3. On the left pane of the Windows Firewall menu, click “Advanced settings” and allow access if asked.
4. On the left pane of the Windows Firewall with Advanced Security menu, click “Inbound Rules”.
5. Under “Actions” on the right, select “New Rule…”.
6. Click “Custom”, then “Next”.
7. Leave “All programs” selected, then click “Next”.
8. On the “Protocol type” dropdown menu, select “ICMPv4,” then click “Customize”
This is a good point to be very specific with the functions of ICMP that you want to block. Research the security advantages of blocking ICMP connections and weigh them against the network implications.
9. Once you have selected the specific types you would like to block, click “OK.”
For the Scope, you can configure whether the rule applies to traffic from certain IP addresses or for all traffic on the network
10. On the Action page, select ”Block the connection” then click “Next.”
11. Select which profile you want the rule to apply to and click “Next.”
12. Give the rule a name and click “Finish.”
You have now created a host-based firewall rule for blocking ICMP traffic.
0 comments:
Post a Comment