Regarding the firewall banning ping, how can the server be prohibited from being pinged?

For the IP after the ping can not pass, you can use the scanning and sniffing tools to analyze the port vulnerabilities of the PC, so as to achieve the purpose of intrusion, for the lack of security awareness of individual PC users, most of the IP of the specified personal PC The success rate of intrusion is relatively high.

Method 1: Administrators members set up a firewall.

Win2003 system by default, all Internet Control Message Protocol (ICMP) options are disabled, but sometimes you need to use ping to test the network connectivity, here is how to open it:

To enable ICMP, log in to the computer as a member of the Administrator or Administrators group, right-click on "Network Neighbors", select "Properties" in the pop-up shortcut menu to open "Network Connection", select the connection with Internet Connection Firewall enabled, open its properties window, and switch to the "Advanced" options page, click "Settings" below, so that the "Advanced Settings" dialog window appears, on the "ICMP" tab, Check the type of request information you want your computer to respond to, and the checkbox next to it is to enable this type of request, if you want to disable it, please clear the corresponding request information type.

You can also open the "Control Panel" and find the firewall to set it up, as above. (However, this is not possible on the ISA server), and no one else can ping your server after setting it up.

Method 2: Enable the IP address security policy to prevent pinging

Step 1: Add an IP filter and a local security policy.

Click Start [Administrative Tools] [Local Security Policy] to open the Local Security Settings dialog box. Right-click the IP Security Policy on Local Computer option in the console tree on the left side of the dialog box, and run the Manage IP Filter Table and Filter Operations. In the dialog box that opens, click the [Add] button under the [Manage IP Filter List] tab, name the filter "Prohibit ping", and the description language can be "Prevent any other computer from ping my host", and then click the [Add] button.

Next, click Next, select IP Communication Source Address as My IP Address, and click Next. Select "IP Communication Destination" as [Any IP Address] and click [Next]. Select [ICMP] as IP Protocol Type, and then click Next. Click [Finish] [OK] to end the addition.

Then switch to the [Manage Filter Actions] tab, click [Add] [Next], name the filter action name as "Block All Connections", and the description language can be "Block All Network Connections", and click [Next]. Select the [Block] option as the action for this filter, and finally click [Next] [Finish] [Close] to complete all the added operations.

Once a security policy is created, it doesn't take effect immediately, and we need to "assign" it to make it work. Right-click the [Disable ping] policy on the right side of the Local Security Settings dialog box and run the "Assign" command to enable the policy.

The main purpose of disabling ping is to prevent DDoS, so if the network conditions are smooth and there is no need to always check the network conditions, there is still a certain benefit to disabling the ping of the server.