Kaspersky Firewall Anti-hacker setup skills

Intermediary transaction http://www.aliyun.com/zixun/aggregation/6858.html ">seo diagnose Taobao guest cloud host technology Hall

Used a period of time Kaspersky's own firewall, for the "anti-hacker" has a little experience to share with you.

Settings for application

For applications, we know that they all have the suffix ". exe" name, which is the executable file, and all programs run, including viruses, to perform tasks with executable files. The "Application" item in "anti-hacker" is used to monitor the network status of an application, and the user chooses "allow" or "block" to control whether it is networked or not. This setting allows us to monitor all applications to be networked and allow and block.

When you set up "anti-hacker" as "learning (Training) mode", any application that does not set rules and wants to be networked will pop up the window and ask the user. We can also set it up autonomously.

Into the "Kabbah Kis main interface--settings--anti-hacker--Click the first ' setting ', go to the Settings window, and then select Application Rules. If you want to add a rule, select "Add", edit the Rule select "edit", delete rule Select "Delete", also can "import" and "Export" database (no use).

When you want to add, select "Add", there will be a "browse" and "Application" options, the "Application" option is already running the application, "Browse" you need to find the application to add rules. After the selection, enter the editing interface, and then click "Add", the edit window appears. The rule name is best filled in with the name of the application. "Remote IP Address" means "whether to allow programs to access this remote IP address", such as QQ issued after it to connect QQ server IP; Remote port "means" whether to allow the program through a certain IP (not its own) access to a certain port, such as QQ issued after it to connect QQ server IP port; Local port "means" whether the program is allowed to access through a port of its own IP; Time range means "Allow or prevent this program from making network access during this time." Additional operation we all know what it means, and we will not introduce it. Are you done? You also need to set up in the "Rule description", select "Allow or block", "out of the Net", "TCP or UDP packets", "Port, IP and Time" settings.

After setting up, you can at any time in the "template" of the rules of "Allow or block" settings, do not need to re-enter the modification.

Settings for package filtering rules

What is "packet filtering"? That is, through the firewall settings, monitoring package characteristics to "release or block", "Allow, block or limit" the number of packets per IP transmission and connection, block attacks, prohibit access to certain sites. Isn't that the most basic feature of "firewalls"? Yes! With the "packet filter", it is a "firewall".

On the setup, and the application is virtually the same, just a "local IP address." Now, I want to introduce how to set up "IP address". As with application rules, there are many choices after entering remote or local IP addresses, "Computer IP address (that is, set an individual address alone)", "IP address range", and "subnet address." "Subnet Address" application is not much, I am not very understand, do not introduce. "Local IP Address" settings, enter their own local area network IP on the line (excluding themselves), "IP address range" is also the input of the local area network allowed; This is a connection within the LAN. "Remote IP Address" application is not much, I will not introduce.

For packet filtering, the rules with Kabbah are generally enough, and no new rules need to be added.

Settings for Area

Areas are existing and connected networks where you can add a trust mechanism for new network connections. The default generally has an "internet" set to "Internet". The LAN will have another connection, preferably the local network. Stealth mode will hide your IP address, protect security.

The difference between "Internet", "local network" and "trustworthy" is:

Internet: Block file and printer sharing, prevent error reporting, apply application rules and packet filtering rules; (apply to public networks)

Local network: Allow file and printer sharing, allow error reporting, apply application rules and packet filtering rules (applied to network with Gateway, LAN)

Trusted: Allows file and printer sharing, error reporting, application rules, and packet filtering rules. (Allow any connection)

You don't have to set it up, you will be prompted automatically when you connect to the new network (the Internet is the default).

"Additional" in the basic need not set, with the best recommended.

Setup of Intrusion Detection system

This is the default to open, is sure to open, according to other people's point of view, in the "Settings" can be "block attack the computer" that time limit of the check out, and will not affect intrusion detection and prevention. Time limits are only used to block your network, making it less useful for attackers to connect to your computer. The default 60 minutes is too long, which means you won't be able to surf the internet for one hours after the attack. If not, you can set it to 2 minutes.

In general, if not frequently attacked, Kabbah's "anti-hacker" personal users will be enough, hackers will not be bored to the point of attacking PCs. But if the problem is more serious, still should pay attention to. This station feeds by www.aiqinghy.cn