WINXP SP2 firewall secrets

Windows Firewall replaces the latest version of Internet Connection Firewall in Windows XP Service Pack 2. by default, the firewall is enabled on all Nic interfaces. whether Windows XP is completely installed or upgraded, this option can provide more protection for network connections by default. However, if some applications Program If they cannot work in this firewall filter, they will not be compatible with this new operating system.

Update user interface and new features

To configure a Windows Firewall, you can open it from the security center. The security center is located in the control panel. You can also open the Windows Firewall console directly from the control panel. There are also 3rd options, you can go to the firewall console from the Advanced tab of network connection. The main tab has three options:

Enable (recommended)

Exceptions not allowed

Disable (not recommended)

When you choose not to allow exceptions, Windows Firewall will intercept all network requests connecting to your computer, including the applications and system services listed on the exception tab. In addition, the firewall will intercept file sharing and printer sharing, as well as network device detection. Windows Firewall that does not allow the exception option is more suitable for personal computers connected to the public network, such as computers used in public hotels and airports. Even if you use a Windows Firewall that does not allow exceptional options, you can still browse the Web page, send emails, or use communication software.

The exceptions Tab allows you to add programs and ports that block rule exceptions to allow specific inbound communication. You can set a scope for each exception. For home and small office application networks, it is recommended to set the scope to a possible local network. Of course, you can also manually set the IP range in the scope. In this way, only network requests from a specific IP address range can be accepted.

The exception tab also contains a button for adding a program. If you want other clients on the Network (outside the firewall) to access a specific program or service on your local device, but you don't know which port and type of port the program or service will use, in this case, you can add this program or service to the exception of Windows Firewall to ensure that it can be accessed externally.

On the Advanced tab, you can configure the following settings:

Connection rules applied on each network interface

Security record Configuration

Global ICMP rules allow computers on the network to share and transmit error and status information over the Internet.

By default, all Windows Firewall settings can be restored to the default status.

We can configure different rules for different network connections. The combination of the settings in the exception option and the additional settings for network connection in the advanced option is called Windows Firewall "Combine settings (Resultant Set )".

Group Policy Configuration

By using Windows Firewall, administrators can enable necessary protection for public connections to small networks or independent computers connected to the Internet. They deploy appropriate configuration settings for Windows Firewall on the network and enable it to provide security protection for the network. The configuration of Windows Firewall group policies can be found in the following locations on the Group Policy console:

Computer Configuration/Administrative Templates/Network Connections/Windows Firewall

Computer Configuration/Administrative Templates/Network Connections/Windows Firewall/Domain Profile

Computer Configuration/Administrative Templates/Network Connections/Windows Firewall/Standard Profile in Windows XP SP2, Windows Firewall is set to block all ports by default, this also means that the application from the server to the client will not be able to reach the client. In this case, you can set IPSec in the Group Policy to verify and trust the requests sent from the server application to the client. "Windows Firewall: Allow verified IPSec bypass" group policy settings allow you to specify whether to enable the Windows Firewall's IPsec authentication to allow active incoming messages from the specified system.

Command line tool

The configuration and status information of Windows Firewall can be obtained through the command line netsh.exe. We can use the netsh firewall command to obtain firewall information and modify firewall settings.

Commands in this context:

-------------------------------------------------------

? -Displays a list of commands.

Add-adds firewall configuration.

Delete-deletes firewall configuration.

Dump-displays a configuration script.

Help-displays a list of commands.

Reset-resets firewall configuration to default.

Set-sets firewall configuration.

Show-shows firewall configuration.

Security Warning

In Windows XP SP2, when a user runs an application locally and serves as an Internet server, a new security warning dialog box (for example) appears on Windows Firewall ). You can use the options in the dialog box to add this application or service to the Windows Firewall exception. The exception configuration of Windows Firewall allows specific inbound connections. If the program fails to run properly after this method is used, you can isolate the problem through the following analysis steps:

Add the program to the exception;

Add a port to an exception;

Use firewall security records;

Disable firewall (not recommended ).