Windows system >> Windows Server System Tutorial >> Windows Server Tutorial

Use 2003 built-in ICF to build a security line

  

ICF (Internet Connection Firewall) as a firewall tool that comes with Windows Server 2003 system, so you don't have to buy expensive hardware firewalls or configure complex professional firewalls. software. This is undoubtedly very suitable for newcomers and home users.

First, enable ICF

By default, ICF is not enabled, we need to enable it manually. For example, if we want to enable ICF for “Local Connections, the steps are as follows:

Step 1: Right click on the “Network Neighborhood” icon, execute the “Properties” command, double-click “Local Connection” ;, then click on <;Properties  to enter the “Local Connection Properties” dialog.

Step 2: Click the “Advanced” button to switch to the “Advanced" tab, check “protect my computer and network by restricting or blocking access to this computer from the Internet&rdquo ;Options, click “OK", this will open ICF.

Second, security settings for ICF

If you do not make any settings after enabling ICF, all ports of the server will be disabled and the corresponding services will be stopped. Therefore, we need to make the necessary settings for ICF to meet our actual needs.

1. Setting up regular services

The regular services mentioned here refer to WWW, FTP and other services that we often use. ICF provides several common services for us to set by default. Click the “Settings“ button in the “Advanced” tab to enter the “Advanced Settings” dialog. In the "Services" tab, a list of commonly used services is provided. If our server needs to provide FTP services, then just check the "FTP server" option (Figure 1), in the "Service settings" that are turned on. ” Keep the default computer name in the dialog box.
Figure 1

2. Setting up non-routine services

In order to prevent users from bad access, we often need to mask the default ports of some regular services, and use some non-default ports to provide regular services. For example, we can use the 6000 port to provide WWW services. Click the “Add” button in Figure 1 to open the “Service Settings” dialog. Add the appropriate information in the dialog box. Be sure to add “6000” (Figure 2) to the external and internal port numbers, then click the “OK” button. You can now see the service you just added in the list of services.
Figure 2

3.ICMP Settings

ICMP is the Internet Control Information Protocol. Our most commonly used Ping command is based on ICMP. By default, ICF disables the request for information to apply the protocol, for example, pinging the machine is not allowed. If you want to ping the machine due to special needs, you need to click the “ICMP” tab in the dialog box shown in Figure 1. In the tab that opens, check the "Allow incoming response request" option.

4. Setting up security logs

Establishing a security log allows the server to retain reliable evidence after a malicious attack, and ICF has this capability. In the dialog box shown in Figure 1, click on the "Security Log" tab, and in the "Security Log" tab, check "Delete dropped packets" and "Record successful connections". Option. This allows you to see the visitor's information by looking at the log files saved in the appropriate directory.

ICF can effectively block some users from scanning and attacking the server, and can effectively prevent worms (such as shock waves) that exploit system vulnerabilities for port attacks. It works well for both personal computers and web servers.

Windows Server Tutorial
Windows system
Easily deploy Windows 2003 DHCP service

The scale of the network managed in the morning is rapidly expanding, and the number of computers is
Win2000 SP4 eight hot issues

Microsoft introduced the latest service pack 4 of Windows 2000 (hereinafter referred to as SP4) in J
Talking about Win 2K disk space quota management and allocation method

A. Win 2K disk quota A computer running Windows 2K can allocate the disk space used by the user on

Make your Win2008 more secure Limit anonymous access

Windows Server family operating system has always had a weakness. The Administrators group has high

Leading at the starting point - Win 2000 operating system startup optimization

I believe that many friends are using the Windows 2000 operating system just like me. Like other Win
Introduction to Windows 2000 Browser Window

Before learning to use Internet Explorer 5.0 browser, understand the working window of Internet Expl
  • Windows Server FAQ
  • Server 2000
  • Server 2003
  • Server 2008
  • Windows Server Tutorial

    • Two ways to speed up the copying speed of Linux files

    Win10 application development booming love application multi-generation heavyweight mobile game WP version

    Record the detailed login time of Windows 7 system

    Win10 Tip: How to open the hidden lock screen time setting item?

    Win7 system taskbar does not display the open window how to do

    Win7/Win8.1 helps, IE11 soars

    How to query the version number under Win8 system

    Win10 mapping network drive method

    How to do automatic restart after win7 shutdown What is the reason for automatic restart after win7 shutdown

    Vista system IE protection mode

  • Windows XP System Tutorial
  • Windows 7 System Tutorial
  • Windows 8 System Tutorial
  • Windows 10 System Tutorial
  • Windows 2003 System Tutorial
  • Windows 2008 System Tutorial
  • Windows Vista System Tutorial
  • Windows tutorial synthesis
  • Windows Server System Tutorial
  • Linux system Tutorial
  • Computer software Tutorial
  • Windows NT Tutorial
    • Copyright © Windows knowledge All Rights Reserved