Helps you become an expert in setting up your own soft "walls"

Source: Internet
Author: User

Once upon a time, the firewall in the anti-virus policy suite has become a standard. The reason is simple. Information security threats have passed the simple virus ERA. network terminal devices can only use firewalls to defend against ARP attacks, worms, and other security threats.

Although many users already use the terminal firewall, the protection effect is not satisfactory. The reason is that the installation is not feasible. Many users do not set the terminal firewall rules, the terminal firewall has undoubtedly become a "deaf ear"-decoration.

The default settings of the terminal firewall can only be general, that is to say, such settings should be roughly suitable for thousands of users. Q: Will this setting be 100% suitable for you? Certainly not. Next, we will give some practical suggestions to many netizens based on our practical experience ......

Rules cannot be blocked.

Icmp igmp bombs have all surprised some users. Therefore, some users simply disable all ICMP and IGMP requests.

In this way, it is obviously not a good setting. Why? Because although icmp igmp is used as a bomb, it is impossible to "Kill error 10 thousand rather than let it go" to block all attacks. Not to mention anything else, it means that the system resources used to intercept all icmp igmp will be numerous ......

I suggest that only the ICMP type 1 (echo requset) is enough. Why? Type 1 of ICMP interception is mainly used to prevent hackers from using ping commands to check whether you are online. Therefore, such ICMP must be intercepted.

If you are still worried about the icmp igmp bomb, you may try to patch it at Microsoft.

A major function of the terminal firewall is to prevent Trojans and hackers. Therefore, it is necessary to set rules to intercept Trojans and intercept hackers.

You may say that the terminal firewall does not have default rules? Indeed, yes. However, this is only the most common Trojan and vulnerability. I am afraid that the old rules will not be competent for new Trojans and vulnerabilities that are dangerous.

So how do we set rules?

First, we must use the information provided by the website of the anti-virus manufacturer. Because it details the analysis results and vulnerability information of many viruses and Trojans. I think that even if you have the ability to analyze the Trojan source program and identify vulnerabilities, you do not have to do anything yourself, because there are too many Trojans and vulnerabilities, and all the code is analyzed by yourself, it is impractical.

Then, set your own firewall. The firewall setting rules of different manufacturers are different, so this article cannot be explained in detail.

Of course, this requires some professional knowledge. For general users, it may be a little difficult. What should I do? Not afraid. You can borrow others' achievements. For example, you can go to the Forum to consult experts or directly send emails to ask experts.

We should also remind you not to repeat the firewall rules, let alone conflict. Repeated rules waste system resources. conflicting rules make the firewall difficult and allow others to take advantage ...... Function settings are external settings. Why? The main reason is that these settings do not change the rules that require interception and allow objects.

For broadband users who frequently access the Internet, random start is absolutely indispensable. For dial-up users or users who do not frequently access the Internet, firewall can be started in two ways:

Solution 1: manually enable the firewall before accessing the Internet (for general users)

Solution 2: Use a file to Enable Firewall and network connection (Advanced User)

Generally, the terminal firewall has a security level option. This option cannot be selected at will. Many users are unable to use certain network resources or be used by hackers because they are not selected based on the actual situation.

For a technical LAN User like me with a fixed ip address, I think it is only possible to set it to medium. Because, unlike some users, we can change their own ip addresses at will, so our defense must be higher than dynamic ip users.

But is the higher the better? No. Some users cannot use certain network resources, such as online live broadcast, because they do not set the security level to advanced, but do not set the corresponding network rules in the Rules.

Therefore, we recommend that you set the rule to medium or low.

I don't want to talk about other alarm settings. However, I still want to remind you that the interception must be recorded in the log. So that we can review.

Terminal firewall settings are endless learning. If you are interested, you can study them.

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.