Qiao set win2003 system comes with a firewall

  

& ldquo; Shockwave & rdquo; One of the characteristics of worms is to use a vulnerable operating system for port attacks, so the simple way to prevent such viruses is to shield unnecessary ports, firewall software has this feature, in fact, for adoption Windows 2003 or Windows XP users do not need to install any other software, because they can use the system's own "Internet connection firewall" to prevent hacker attacks.

First, the basic settings

1, right click on the "My Network Places", select "Attributes".

2, then right-click "“local connection", select "properties", select "advanced" option, select "Internet connection firewall", after the firewall is determined effect.

Second, test the basic settings

1, ping the machine on another machine, Request timed out means ping different local

2, in another A machine scans the machine with a vulnerability scanning tool to find ports that are not open.

After both tests passed, the firewall has been used.

III. Advanced Settings

Click the “Settings(G)...” button to display the advanced interface.

1. Select the service to be opened

If the machine needs to open the corresponding service, you can select the service. In this case, the FTP service is selected, so that FTP can be sent to the machine from other machines. Scan this unit to find that port 21 is open. You can increase the corresponding service port by pressing the “Add” button.

2, set the log

Select the item to be recorded, the firewall will record the corresponding data, the log defaults to c:\\windows\\pfirewall.log, you can open it with Notepad.

3, set the ICMP protocol

The most commonly used ping is the ICMP protocol. After the default setting, the ping cannot pass the machine because the ICMP protocol is blocked. If you want to ping the machine, just Will be allowed to pass the response request & rdquo;

Four, some questions

The setting is very simple, but in the process of setting up others, some people have raised the following questions. I wonder if you have the following confusion?

1, the port is blocked how to communicate with other computers?

After the default settings are completed, you can see that there is no port added, the port is sealed how to communicate with other computers? ?

Intercommunication on the Internet is done by TCP/IP protocol. When accessing the webpage, a random port of more than 1024 is opened on the local machine to connect to the 80 service port of the server. Logging in to other devices also randomly opens a port larger than 1024 on the local machine to connect to the server's 23 service port. "Internet connection firewall" is blocked by the service port, such as HTTP port 80, FTP port 21, TELNET port 23, etc. As long as the system provides these services, these ports are open, waiting for other computers Connected to the computer providing the service, it can be said that these ports are long-term effective. The randomly opened port is temporary. For example, when you access a website online, your computer randomly opens a port 1026 to connect to port 80 of the website server. When the web page is closed after the access is completed, the port 1026 of the unit is closed. The port 80 of the server is always on. It is obvious that the "Internet Connection Firewall" is a sealed service port, not a temporarily opened port, so a port can be accessed without adding it. WIN98 does not provide any services by default, there is no open port, can you still access the Internet?

Generally, Internet users do not need to provide any services, so there is no need to open any ports, but to use some network communication tools, such as If you open the FTP service, you should open the port of "1" and the same reason. If you find that a common network tool does not work, please find out the port it is open on the machine, and then in the Internet connection. Add a port to the firewall.

2, set the "Internet connection firewall" after the netstat & ndash; na command to view, but the port is still open?

Some people think that after the above settings, there is no port open, can After setting, use the netstat–na command to check that the open port is the same as before the setting. Doesn't it work?

Actually, the port is opened by a service process, and you must completely shut down some The port will end the corresponding service, for example, to close the 80 port, the WWW service will be stopped. And we use "Internet connection firewall" is to build a firewall on the periphery, to make a simple analogy, a house has a lot of doors, to ensure safety there are two ways, one is to block the door with bricks; the second is to stay Walk the door and build a wall around the house. The first method is to use the end process to close the port. The second method is used to use the Internet connection firewall. Although the port is open with netstat–na, a secret has been built on the outside. Impervious wall.

How do I know if the firewall is working? The easiest way is to scan the machine with a scan tool such as xscan or superscan on another machine. If there is no open port, it means building a wall around the house. There are no loopholes.

3, no scanning software how to remotely test whether the local port is open

If there is no scanning software at hand, you can use the telnet command to test whether the corresponding port is open, for example, test whether port 21 is open. You can telnet xxx.xxx.xxx.xxx 21 on another machine. If the port is open, a message will appear. If it is not open, a connection failure message will appear.

Copyright © Windows knowledge All Rights Reserved