Search This Blog

2011-02-28

Create an Inbound Rule to Block Traffic (ICMP)


I found that my public network settings blocked every other service but ping. As ping can be used to identify which machines are connected on a network it can allow a machine to be subject to many different attacks or DoS.

To configure this go to Control Panel > Windows Firewall > Advanced Settings

On the left navigation bar click "Inbound Rules"


And on the right navigation pane click "New Rule"

Then I clicked "Custom Rule" as I wanted more flexibility in my configuration and also seemed easier to add the rule I wanted to block ICMP.

Select "All Programs"


Select "protocol type" drop-down menu and in my case I selected ICMPv4. You can also select "Customize" to tell it what portions of ICMP you want to block or just block all inbound ICMP messages.


The next window asks you what IP range you want to block for. I just let it block all IP's by not changing anything

Specify an action. Whether to allow or block these messages. I chose block because I don't want these messages to be allowed.


Lastly, the most important part is selecting what network to block these messages on. Whether you want it to be blocked when you have your profile on a public network or a private network or a domain.

I am setting mine up for public network, and domain only so that I still have access to ping at home for troubleshooting.


Finally, Just name the profile and you're done!




No comments:

Post a Comment