Today, network firewall has become an Internet service for all users, but is it possible for few users to let their network firewall really play its role?
Many people do not set the functions of the network firewall and do not set the rules of the network firewall. In this way, the function of the network firewall will be greatly reduced ......
The default settings of the network firewall can only be general, that is to say, such settings should be roughly suitable for thousands of users. Q: Will this setting be 100% suitable for you? Certainly not. Next, I will share my views with my practical experience.
Function settings
Function settings are external settings. Why? The main reason is that these settings do not change the rules that require interception and allow objects.
For a broadband user who frequently accesses the Internet, random start is absolutely indispensable. For dial-up users or users who do not frequently access the Internet, firewall can be started in two ways:
Solution 1: manually enable the firewall before accessing the Internet (for general users)
Solution 2: Use a file to Enable Firewall and network connection (Advanced User)
Generally, a network firewall has a security level option. This option cannot be selected at will. Many users are unable to use certain network resources or be used by hackers because they are not selected based on the actual situation.
For a technical LAN User like me with a fixed ip address, I think it is only possible to set it to medium. Because, unlike some users, we can change their own ip addresses at will, so our defense must be higher than dynamic ip users.
But is the higher the better? No. Some users cannot use certain network resources, such as online live broadcast, because they do not set the security level to advanced, but do not set the corresponding network rules in the Rules.
Therefore, we recommend that you set the rule to medium or low.
I don't want to talk about other alarm settings. However, I still want to remind you that the interception must be recorded in the log. So that we can review.
Rule settings
Icmp igmp bombs have all surprised some users. Therefore, some users simply disable all ICMP and IGMP requests.
In this way, it is obviously not a good setting. Why? Because although icmp igmp is used as a bomb, it is impossible to "Kill error 10 thousand rather than let it go" to block all attacks. Not to mention anything else, it means that the system resources used to intercept all icmp igmp will be numerous ......
I suggest that only the ICMP type 1 (echo requset) is enough. Why? Type 1 of ICMP interception is mainly used to prevent hackers from using ping commands to check whether you are online. Therefore, such ICMP must be intercepted.
If you are still worried about the icmp igmp bomb, you may try to patch it at Microsoft.
A major function of the network firewall is to prevent Trojans and hackers. Therefore, it is necessary to set rules to intercept Trojans and intercept hackers.
You may say that the network firewall does not have default rules? Indeed, yes. However, this is only the most common Trojan and vulnerability. I am afraid that the old rules will not be competent for new Trojans and vulnerabilities that are dangerous.
So how do we set rules?
First, we must use the information provided by the website of the anti-virus manufacturer. Because it details the analysis results and vulnerability information of many viruses and Trojans. I think that even if you have the ability to analyze the Trojan source program and identify vulnerabilities, you do not have to do anything yourself, because there are too many Trojans and vulnerabilities, and all the code is analyzed by yourself, it is impractical.
Then, set your own firewall. The network firewall setting rules of different manufacturers are different, so this article cannot be detailed.
Of course, this requires some professional knowledge. For general users, it may be a little difficult. What should I do? Not afraid. You can borrow others' achievements. For example, you can go to the Forum to consult experts or directly send emails to ask experts.
We should also remind you not to repeat the firewall rules, let alone conflict. Repeated rules waste system resources. conflicting rules make the firewall difficult and allow others to take advantage ......
Network firewall settings are endless learning. If you are interested, you can study them.