How to use the firewall in vista and precautions

Although the firewall is familiar to many users, it is still used too little, or little understanding of the firewall. Microsoft has made significant changes to Windows Firewall in Vista, which enhances security and makes it easier for advanced users to configure and customize while retaining the simplicity that novice users need.

First, use two interfaces to meet different needs

Vista Firewall has two independent graphical configuration interfaces: one is the basic configuration interface, you can pass the security center & rdquo; and & ldquo The control panel is accessed; the second is the advanced configuration interface, which can be accessed as a plugin after the user creates a custom MMC. This prevents unintentional changes by novice users from causing connection disruptions, and provides a way for advanced users to fine-tune firewall settings and control outbound and inbound traffic. Users can also use the commands in the netshadvfirewall context to configure the Vista firewall from the command line. Scripts can also be used to automatically configure the firewall for a group of computers. Group Policy can also be used to control the settings of the Vista firewall.

Second, the security under the default settings

Windows Firewall in Vista uses security configuration by default, while still supporting the best ease of use. By default, most inbound traffic is blocked and outbound connections are allowed. The Vista firewall works in conjunction with Vista's new Windows Service Hardening feature, so if the firewall detects behavior that is prohibited by Windows Service Hardening Network Rules, it will block the behavior. The firewall also fully supports a pure IPv6 network environment.

Third, basic configuration options

With the basic configuration interface, users can start or shut down the firewall, or set the firewall to completely block all programs; can also allow exceptions exist (can specify which do not block which Program, service, or port), and specify the scope of each exception (whether it applies to traffic from all computers, including computers on the Internet, computers on the LAN/subnet, or computers to which you specify an IP address or subnet) ); you can also specify which connections you want the firewall to protect and configure security logs and ICMP settings.

IV. ICMP Message Blocking

By default, inbound ICMP echo requests can pass through the firewall, while all other ICMP messages are blocked. This is because the Ping tool is periodically used to send an echo request message for troubleshooting. However, the hacker can also send an echo request message to lock the target host. The user can block the response request message through the “Advanced” tab on the basic configuration interface.

V. Multiple Firewall Configuration Files

The Vista Firewall with Advanced Security MMC plug-in allows users to create multiple firewall profiles on their computers so that different firewalls can be used for different environments. Configuration. This is especially useful for portable computers. For example, when a user connects to a public wireless hotspot, it may require a more secure configuration than when connected to a home network. Users can create up to three firewall profiles: one for connecting to a Windows domain, one for connecting to a private network, and one for connecting to a public network.

VI. IPSec Function

Through the advanced configuration interface, users can customize IPSec settings, specify security methods for encryption and integrity, determine the lifetime of the key, or press the session. Calculate and select the desired Diffie-Hellman key exchange algorithm. By default, the data encryption feature of an IPSec connection is disabled, but it can be enabled and which algorithms are selected for data encryption and integrity.