Building security lines with 2003 built-in ICF firewalls

ICF (Internet Connection firewall,internet Connection Firewall) serves as a firewall tool for Windows Server 2003 systems, making it unnecessary to purchase expensive hardware firewalls or configure complex professional firewall software. This is very suitable for novice and home users of the network.

First, enable ICF

ICF is not turned on by default, and we need to enable it manually. For example, to enable ICF for local Area Connection, the steps are as follows:

Step one: Right click on the "Network Neighborhood" icon, execute the "Properties" command, double-click "Local Area Connection", then click "Properties", go to the Local Connection Properties dialog box.

Step Two: Click on the "Advanced" button to switch to the Advanced tab, check the "Protect my computer and network by restricting or preventing access to this computer from the Internet" option, click "OK", so you can open the ICF.

Ii. Security settings for ICF

When ICF is enabled, all ports on the server will be disabled and the corresponding service will be stopped if no settings are made. Therefore, we need to make the necessary settings for ICF to meet our actual needs.

1. Set up General Service

The General Service mentioned here refers to the WWW, FTP and other services that we often use. ICF provides several common services by default for us to set up. Click the "Settings" button on the Advanced tab to enter the Advanced Settings dialog box. In the Services tab, a list of common services is provided, and if our server needs to provide an FTP service, only the FTP server option should be checked (Figure 1), and the default computer name can be maintained in the Open Service Settings dialog box.

Figure 1

2. Set up the extraordinary service

To prevent bad access for users, we often need to screen out the default ports for some of our regular services and use some Non-default ports to provide general services. For example, we can use 6000 ports to provide the WWW service. Click the Add button in Figure 1 to open the Service Settings dialog box. Add the appropriate information to the dialog box, note that you must add "6000" to the external and internal port numbers (Figure 2), and then click OK. You can see the service you just added in the list of services.

Figure 2

3.ICMP settings

ICMP is the Internet Control Information protocol, our most common ping command is based on ICMP. By default, ICF disables information requests that apply the protocol, such as not allowing ping native. If you want to ping this machine for special needs, click the ICMP tab in the dialog box shown in Figure 1, and check the "Allow Incoming response requests" option on the Open tab.

4. Set up security log

ICF has the ability to establish security logs that allow the server to retain reliable evidence after a malicious attack. In the dialog shown in Figure 1, click the "Security Log" tab, and in the Security Log tab, check the two options "log dropped packets" and "Log successful connections". This allows you to see the visitor's information by looking at the log files that are saved in the appropriate directory.

ICF effectively blocks some users from scanning and attacking the server, and can effectively guard against worm viruses (such as shockwave, etc.) that exploit system vulnerabilities for port attacks. It can be a good protection for PCs and Web servers.