After five passes, the six will be: the actual WinXP SP2 firewall

★ Windows XP SP2 firewall work For the network applications that only use browsing, e-mail and other systems, Windows Firewall will not affect. In other words, using IE, Outlook Express and other systems to connect to the network, the firewall is not intervened by default. When Microsoft set the built-in rules of the firewall, it has already opened a "green channel" for its own applications, so after installing SP2, even if you open its firewall and enable "no exceptions", you can add Internet to "exceptions". And the firewall will not ask if you want to allow IE to pass.

★ The difference between SP2 firewall and third-party firewall software

As far as firewall function is concerned, Windows Firewall only blocks all incoming unsolicited traffic, and ignores the traffic that is actively requested. Third-party virus firewall software generally monitors and audits access in both directions, which is the biggest difference between them. If an intrusion has already occurred or spyware is installed and actively connected to the external network, the Windows Firewall is at a loss.

However, since the attacks are mostly external, and if the spyware secretly opens the port to allow external requests to connect, the Windows Firewall will immediately block the connection and pop up a security warning, so the average user does not have to worry too much about this.

This is like the door in the hotel - the outside person has to enter the door with a key, and the person in the house has to go out, just pull the door handle.

Combat 1: Difference between Skynet Firewall and Windows Firewall

We use two kinds of software to monitor QQGame network requests separately.

Step 1: Confirm that you don't add the QQGame program to your "Exceptions" rule, and then log in to the QQ game lobby;

Step 2: At this point you will find that Skynet The personal firewall immediately blocks the network access of the QQ game, and then asks whether to give access (see Figure 1);

Figure 1 Skynet warning message

Step 3: And Windows Firewall is active The outbound request does not do anything, just like there is no firewall. After entering the account information and logging in to the game platform, QQGame has actually completed the access to the network; at this time, the game information needs to be downloaded to the local (that is, there is an external access request). The firewall pops up the "Windows Security Alert" (see Figure 2).

Figure 2 QQ game to contact the network pop-up warning

Tip: Cancel the "Windows security alert" method: After opening the firewall settings, deselect in the "Exceptions" tab Notify me when the Windows Firewall blocks the program.

Combat 2: Let XP SP2 correctly recognize UPnP (Universal Plug and Play)

Pre-war analysis: BitComet has its own intranet interconnection (NAT Traversal) technology
And support UPnP NAT and Windows XP firewall, so that friends on the intranet can get quite fast download speed when doing BT download. But since upgrading to SP2 and enabling Windows Firewall, BitComet software has become very slow! This is because the firewall is not set up, so the system does not recognize the UPnP device correctly.

Step 1: Windows XP supports UPnP by default. If you do not see this option in the "Exceptions", it means that UPnP device support is not installed. Open the "My Network Places" window and click "Show icon of networked UPnP device" in the toolbar on the left side. If the UPnP device file is not installed or installed incorrectly, the system will be installed automatically (see Figure 3); >
Figure 3 shows the UPnP device
Step 2: Open the firewall in the "Control Panel" and start, confirm that the "Do not allow exceptions" option is not checked; when you open BitComet, Windows Firewall may prompt Do you want to block the program and choose "Unblock";
Step 3: Click on the "Exceptions" tab and check "UPnP Framework".
Practical combat 3: Open a pass for remote management
Pre-war analysis: Manage other computers on the LAN through remote management programs such as Computer Management and Disk Management in the MMC console. The computer must have TCP port 445 open. If you are remotely operating a computer that has XP SP2 installed and has a firewall enabled, you will have to manually open this TCP port.
Step 1: Open the Firewall Settings window, switch to the "Exceptions" tab, check "File and Printer Sharing"
Step 2: Click the "Edit" button in the "Edit Service" window that opens Select "TCP 445", click Change scope, check "My network only" or check "Custom list" and enter the IP address of the computer to be controlled (see Figure 4).

Figure 4 Enter the IP address of the computer to be controlled
Tips
The above steps can be replaced by commands, ie enter "netsh firewall set portopening TCP 445 TCP445 ENABLE" in the command prompt window. (Does not include quotes).
Practical 4: Completely "remote desktop" connection
Pre-war analysis: The method of remote collaboration through Windows XP SP2 firewall is very simple, remote collaboration uses dynamic ports. Select the Remote Collaboration project in the Programs and Services list on the Exceptions tab of the Firewall Settings dialog so that Windows automatically monitors and properly handles all communication requests from the sessmgr.exe application to complete the connection. Windows NetMeeting Remote Desktop to be complex, despite the "Remote Desktop" option in the Exceptions tab, but if you choose this option,

actually open TCP port 3389, may not be able to complete the Remote Desktop connection.
Method: With Windows Firewall turned on, you must use Windows NetMeeting and %systemroot in the Programs and Services list on the Exceptions tab of the Windows Firewall before you can use the Remote Desktop Sharing feature of Windows NetMeeting. Add an entry to the %\\System32\\Mnmsrvc.exe file and the C:\\Program Files\\NetMeeting\\conf.exe file respectively.
Actual combat 5: Only let the intranet "Ping" me!
Pre-war analysis: By default, the XP SP2 firewall does not allow ICMP inbound data to enter, and will not reply to ICMP return data. This prevents the commonly used command tool "Ping" from checking network faults to detect your computer. However, for some users who have enabled shared Internet access, the intranet cannot use Ping to check their network conditions.
Method 1: According to the actual 2 method, the TCP port opened in "File and Printer Sharing" can be applied to the subnet.
Method 2: Open Windows Firewall, switch to the "Advanced" tab, double-click the "Local Area Connection" connected to the intranet, switch to the "ICMP" tab, and check "Allow incoming echo requests". Confirm all operations (see Figure 5).

Figure 5 Advanced Settings
ICMP Protocol
ICMP is the abbreviation of "Internet Control Message Protocol", which is a sub-protocol in the TCP/IP protocol suite. Transfer control messages between IP hosts and routers. The control message refers to the network itself, such as the network is unreachable, the host is reachable, and the route is available. These control messages do not transmit user data, but play an important role in the transmission of user data. We often use the ICMP protocol in the network, but we are not aware of it. For example, the Ping command we often use to check the network is not working is actually the process of ICMP protocol work, and the Tracert command such as traceroute is also based on ICMP protocol.