Enabling the "Internet Connection Firewall" of Windows XP can effectively prevent port scanning and DoS attacks, so as to surf the Internet with peace of mind. Security is guaranteed, but new problems may occur. If you are on a LAN, you will find that the file sharing Function in Windows is not working properly. Is it true that the fish and the bear's paw cannot have both sides? No! Let's build it together --
Knowledge: What is Internet Connection Firewall?
A firewall is a security system that acts as a protection barrier between the network and the outside world. Windows XP/2003 includes Internet Connection Firewall (ICF). Once ICF is enabled, only authenticated users can access the host normally, all other TCP/ICMP link packages from the Internet will be discarded. It can be used to protect NAT machines and internal networks when using Internet Connection Sharing (ICS). Of course, it can also be used to protect a single machine.
1. Enable "Internet Connection Firewall"
Double-click "network connection" in "Control Panel" to open the "Network Connection" window. Right-click the dial-up, lan, or high-speed Internet connection to be protected, for example, "Local Connection 3", select the "properties" command, and in the "local connection 3 properties" dialog box that appears, click to switch to the "advanced" option page, and select "Protect my computer and network by limiting or blocking access to this computer from the Internet" option (1 ), in this way, the Internet Connection Firewall is enabled.
2. Secure and share peaceful coexistence
In Figure 1, click "Settings" to bring up the "Advanced Settings" window. Some common network services have been listed on the "service" option page, but there is no "network sharing" rule we want to use. Therefore, we need to add rules. Click the "add" button in the lower part to open the "service settings" dialog box. In "service description", enter the file sharing service port number, and enter 127.0.0.1 in the "computer name or IP address" column. The port protocol can be TCP or UDP, enter "135" in the "external port number" column of the service and "internal port number of the Service" column ". Because the file sharing Function of Windows requires TCP and UDP communication ports 135, 136, 137, 138, 139, and 445, therefore, we need to add six TCP port services and six UDP port services (2) in sequence ).
After the service is added, select the 12 services you just added on the "service" option page in the "Advanced Settings" dialog box. In this way, the "Internet Connection Firewall" and "network sharing" of Windows can coexist, and you can freely access the shared folder!
Tips
For computer security, do not share file resources easily. You must use shared resources. Set Reasonable access permissions for each shared resource.