First declare. After setting this way, it can prevent DDOS and 70% of SYN semi-connection attacks |
First, make the following settings for your machine!
Use local security policies to block all open ports that are not legendary. The method of blocking is shown on the network, many,
It is a way to block 3000! You can access it internally, but not externally.
Then open 7000. 7100 7200 port! (Remember not to block it)
Then download a hardware firewall software simulation tool! (Haha, is there this one?)
The name is MapPort Port Allusion Tool!
Open, enter the first group of hidden groups
7000 - > 30000(LoginGate)
7100 - > 31000(SelChrGate)
7200 - > 32000(RunGate)
To give a brief explanation, here, 7000 7100 7200 is only a port that is open to the outside world, not a legendary real port,
After being alluded to by the software, the real port of the legend becomes 30000 (LoginGate), 31000 (SelChrGate), 32000 (RunGate)
Because these ports are only used as internal access, external access is hidden from port 7000 7100 7200 using software, so it can work normally
do
Remember the ports of the three gateways of Legend also need to be changed
This is the setup,
Open MapPort and set it up!
In security, you can set: Maximum connection, Single IP connection, Blacklist settings!
Maximum connection:
7000 -> 30000(LoginGate) Set to 40 Single IP connection Set to: 20
7100 -> 31000(SelChrGate) Set to 30 Single IP connection Set to: 20
7200 -> 32000(RunGate) Set to 1000 Single IP connection Set to: 20
In this way, we can effectively prevent DDOS or other variant attacks!
Defend SYN attacks!
You can set up a blocked IP segment in the blacklist, which is a little troublesome!
Add non-existent IP addresses in turn:
193.0.0.1 - 193.255.255.254
194.0.0.1 - 194.255.255.254
66.0.0.1 - 66.255.255.254
30.0.0.1 - 30.255.255.254
This is for reference only, there are many more, add it yourself
First, make the following settings for your machine!
Use local security policies to block all open ports that are not legendary. The method of blocking is shown on the network, many,
It is a way to block 3000! You can access it internally, but not externally.
Then open 7000. 7100 7200 port! (Remember not to block it)
Then download a hardware firewall software simulation tool! (Haha, is there this one?)
The name is MapPort Port Allusion Tool!
Open, enter the first group of hidden groups
7000 - > 30000(LoginGate)
7100 - > 31000(SelChrGate)
7200 - > 32000(RunGate)
To give a brief explanation, here, 7000 7100 7200 is only a port that is open to the outside world, not a legendary real port,
After being alluded to by the software, the real port of the legend becomes 30000 (LoginGate), 31000 (SelChrGate), 32000 (RunGate)
Because these ports are only used as internal access, external access is hidden from port 7000 7100 7200 using software, so it can work normally
do
Remember the ports of the three gateways of Legend also need to be changed
This is the setup,
Open MapPort and set it up!
In security, you can set: Maximum connection, Single IP connection, Blacklist settings!
Maximum connection:
7000 -> 30000(LoginGate) Set to 40 Single IP connection Set to: 20
7100 -> 31000(SelChrGate) Set to 30 Single IP connection Set to: 20
7200 -> 32000(RunGate) Set to 1000 Single IP connection Set to: 20
In this way, we can effectively prevent DDOS or other variant attacks!
Defend SYN attacks!
You can set up a blocked IP segment in the blacklist, which is a little troublesome!
Add non-existent IP addresses in turn:
193.0.0.1 - 193.255.255.254
194.0.0.1 - 194.255.255.254
66.0.0.1 - 66.255.255.254
30.0.0.1 - 30.255.255.254
This is for reference only, there are many more, add it yourself