LAN IP address is occupied by others, not carefully occurred from time to time, seriously affecting the local area network management and maintenance efficiency; In order to improve the efficiency of management and maintenance of LAN, there is a need to be modified IP addresses conduct restrictions. In this paper we provide for the protection of IP addresses Several of the fresh tactics.
First, out of network connectivity services
As we all know, if restricted users modify TCP / IP parameters, then even these users modify IP address, they can not use the new IP address, so will lose the significance of IP piracy. Limit users to be successful and easily modified TCP / IP parameters, the most direct way is to make it impossible for users to open TCP / IP Settings window. To achieve this, you can take out system "Network Connections" service, TCP / IP parameter setting window hidden, This makes users will not be able to enter the window, use the new IP address.
First click the "Start" menu in the "run" command, the system is running in the open dialog box, type "services.msc" order, click "OK" button, the system is turned on the list of services interface, which selected "Network Connections" service projects, and right click on the.
From the quick pop-up menu, click "Properties" command to open the service as shown in Figure 1 attribute settings interface, click the interface in the "out" button at the same time, "startup type" elected "has been banned "and then click on the" OK "button.
At this point you can turn click "Start", "set up" and "dial-up networks and" order, then in the window that appears, you will find "Internet Connection" or "local connection" icon, then you will naturally inaccessible to TCP / IP Settings window, to modify IP addresses and other parameters, such a limitation to the realization of the illegal changes the purpose of the IP address.
Of course, the use of "out of network connections Services Act" to protect the IP address to the normal Internet access has brought trouble, after all, network connectivity services has been banned, and any of the network's visit will be followed termination. If you want the protection of IP addresses at the same time do not affect the normal operation of the Internet, then you might try to in accordance with the same steps, the system will be "Plug and play" service out of that, so it can be a TCP / IP parameters Setup window hidden, but without affecting the normal network access.
Second, the revised limit of network parameters
If ordinary users directly to the competence of the management restrictions, so the right to open TCP / IP Settings window, then ordinary users can not be arbitrarily modified the IP addresses. For Windows 98, in order to restrict users to change network parameters, as long as you modify the registry keys in the related network will be able to achieve the objective.
Kliknite "Start" | "Run" command, in the subsequent operation of the dialog box, type "regedit" order, click "OK" button, open the System Registry Editor window, the mouse will be located in HKEY_USERS \ . DEFAULT \ Software \ Microsoft \ Windows \ CurrentVersion \ Policies \ Network branch.
Then in the right side of Figure 2 interface in the region, followed by the menu bar click the "Edit", "new", "Dword value" option, and the new Dword value of the name "NoNetSetup", then its numerical input "1", the final restart a computer; time you try right-clicking the Internet neighbours icon in the shortcut menu and the implementation of the "attribute" order, you can not find prompted to enter the network properties window, so restrictions The purpose of amending IP addresses will be realized. However, this method only Windows 98 operating system effectively.
Third, restrict access to the network attributes of
This approach with the thinking of the same, the method is different devoted to the above version of the Windows 2000 operating system. Below is the method to achieve specific steps.
First open system operation box, and in which the input "gpedit.msc" string order, click "OK" button, the system is turned on the Group Policy Editor window. Then in the edit window, followed by double-click "user profile" | "management template" | "network" | "network and dial-up" icon in the pop-up interface shown in Figure 3, selected right "No Access LAN connectivity components Properties" option, and double-click the mouse in the subsequent settings box, select "open" option, and click "OK" button at this time you will access to the network interface connection attribute, which selected the "Internet Protocol (TCP / IP)", will see the corresponding "Properties" button has become grey, such an ordinary users will not be able to open the TCP / IP parameters Setup window, it can not tinker the IP address.
4, hidden by connecting to a local icon
Under normal circumstances, modify computer IP addresses, we need to find a system of local connection icon, and right-click the icon, from the pop-up menu on the right side of the implementation of the "attribute" order to be entered into the TCP / IP parameters Setup window. If you would like to advance local connection icon hide, then ordinary users also have no way to open TCP / IP Settings window to be modified IP addresses. To hide the local connection icon, according to the following steps to achieve.
Connect with the local icon system Netcfgx.dll, Netshell.dll, Netman.dll dynamic link these three documents, if these three dynamic link-registration documents, then connecting to a local icon will be automatically hidden the. Anti-registered in the dynamic link above three documents, the operating system could be open box, and in which the input string order "regsvr32 Netcfgx.dll / u" command (which regsvr32 command, dynamic links between documents to be retained a space) , click on the "OK" button, we will be able to document anti-Netcfgx.dll registered;
Using the same approach against two other registration documents, to the computer system to restart, and then try to open the window and dial-up networks, connecting to a local icon really disappeared from the front.
5, hidden-line neighbors law
If the Internet icon neighbors hide, then are not allowed to enter the TCP / IP Settings window, so the local computer's IP address, you can not be arbitrarily changed. Although online neighbors hide a lot of ways, but in this paper presented to you here is a little used in peacetime methods - strategy, the method can in the Windows 98 and Windows 2000 systems in use:
Kliknite "Start" | "Run" command, in the subsequent operation of the dialog box, enter "poledit" string order, click "OK" button, open the System Policy Editor interface, click interface of the "document" menu items in the "open registry" order;
Later in the pop-up interface, double-click the "local users" icon, then followed by a "local users", "shell interface", "restricted" branch, then Figure 4 interface in the "hidden-line neighbors" selected and click "OK" to return; |
