Let PC directly exposed on the Internet, like do not lock the door when you leave home, the end result is that some people intentionally or unintentionally, into your room, will be swept away gold and silver jewelry. How can we protect the system security? Install firewall software be the most commonly used measure of the bar, but usually as a complement to, installation hardware-based firewall is commonly used measures.
And even if you are a seasoned veteran, configure the firewall also not an easy job. If you've given up the idea of installing a firewall or firewall can not determine whether a comprehensive protection system, it does not matter, today we'll resolve one in secret.
Open Webster Dictionary (Merriam-Webster), "Firewall" the original meaning is: a wall to block the spread of the fire wall. In the field of information technology, a firewall is used to protect your computer against harmful intrusions from the Internet. And fire different, not just the threat from the network affect those close to the computer, if someone use your IP address and TCP or UDP port, regardless of distance, your system will be hit.
Whenever you use a browser, E-mail, or from the Internet site, the remote server to download files, data systems through one or more ports for delivery. Those computer hackers, whether spy system, genius teenager, wily spyware, or Windows XP Messenger Service pop-up spam, its attack strategy is the same - that is, find a system to enter the open ports, or to deceive you open a such ports.
Firewalls can monitor thousands of ports - both dial-up connection or broadband network - it can prevent unauthorized access to those requests. Hardware-based firewalls are usually integrated into router and gateway products, they are between PC and Cable or DSL Modem. The firewall software is running on the PC.
For hardware firewalls, they are more adept at protection of those PC network via broadband. More importantly, they are not only both the routing function, but also act as a NAT (network address translation, Net Address Translation) server, you can hide the IP address of the visitor outside computers on the LAN.
For this reason alone, the hardware firewall is enough to be a wise choice for broadband users, even if you have only one PC only. And you may wish to purchase as Linksys VEFSR41 or D-Link DI-704P 4-port router, their prices are not high, about 300 to 400 yuan. Some products are also built-in wireless access module may be slightly more expensive price, you can find detailed information on the relevant sites.
Optional firewall policy
Hardware firewall is highly configurable: it can block specified port outside all data access. Therefore, planning and configuration of hardware firewalls need to do a lot of work. Instead, the software firewall running on your PC, is relatively easy to set up and maintain. In addition to blocking unauthorized access through an open port, the software firewall can also block malicious programs to send data (like those prepared by talented young Trojans, spyware, and backdoor software, etc.) to the remote server.
If you connect to the Internet via dial-up, then the external hardware firewall will not necessarily be your best choice, software firewall advantage in this regard is very clear. For Windows XP users, if only through the system integration of ICF (Internet Connection Firewall, Internet Connection Firewall) to protect the PC is more risky.
ICF enabled method is to select "Start" * "Control Panel" * "Network Connections", Internet connection, right-click on the need to protect, select "Properties" option from the shortcut menu, go to "Advanced" tab, select "by limiting or preventing access to this computer from the Internet to protect my computer and network "complex options, click on the" OK "button.
Although this number will reduce the pressure on some system security, but this is not enough. After setting according to the above method, there is no firewall security than many, but compared to other professional software firewall, Windows XP built-in firewall can monitor incoming connections. So, like Back Orifice, NetBus, or other backdoor programs will take advantage of, ICF for this type of illegal access is powerless.
Free PC Firewall
Below, to introduce you to four kinds installed on your PC free firewall software, namely: Kerio Personal Firewall 2, Outpost Firewall Free, Sygate Personal Firewall 5.1, ZoneAlarm 3.7. Although some of their features are slightly different, but all for the PC brought total security (for details of these four products, see the text color "3.4 completely free firewall").
Firewall software installation is relatively simple, but it needs to have a short commissioning time. In the meantime, the software will detect the firewall may be connected to a remote server application that, such as the browser, Email, Internet, and other applications.
When a program first attempts to connect to a remote server, this 4 firewall software will automatically pop up a prompt dialog box, you can click "Yes" or "No" button to set whether to allow the connection to proceed. Most firewall software will also provide an option, it allows the user to set the option to define a permanent, being added to the firewall rules (Figure 2). According to the previous method used normally 1 to 2 days, your firewall rules have been more perfect, if not then install or upgrade a new application, you will not even feel the presence of the firewall.
Firewall warning appropriate and effective treatment methods to create a policy rule is: To clearly understand which programs are safe and which are unsafe. In most cases, you can judge by the name of the program - such as Outlook, Internet Explorer or Netscape and the like. However, there are some programs did not use common names, such as most Windows XP networking features by a program called svchost.exe provide background support, but at first glance, it is difficult to guess what to do with. On the contrary, a lot of spyware or other malicious programs in order to make itself more secure, often give yourself a more common name, such as "clever screensaver", if you mistakenly thought it was a screen saver and allow it to access the network, so it's deceiving purpose is achieved. Then, as the operator of the firewall should we do it? Here we need to remind you that strict custom firewall rules is the most important. Remember first to ban all uncertain application to access the Internet, because after this, you have many opportunities to amend these rules.
Second, if you are unable to determine whether the program is safe, then choose a firewall can provide more information about it! In addition to the program name, Kerio and Sygate not provide more clues are monitoring procedures, but on the contrary provides many functions outside the firewall. Therefore, they seem to be more suitable for those professional users, for the novice, more program information is very necessary.
ZoneAlarm is to provide a lot of information about the inspection program (Figure 3), and includes an embedded link in the prompt dialog box button, which enables you to Zone Lab's website for a detailed description of the program information. ZoneAlarm also provides a pre-configured file in the default state allows IE and Windows XP svchost.exe program to access Internet, in order to minimize the user needs to access the assembly set
Outpost given pop-up dialog will by default create a permanent rule, but you can also click "Allow Once" or "Block Once" button to change them. In addition, although Outpost offers many fancy features, such as blocking IE pop-ups, e-mail attachment protection, but the program does not provide much information on it than Kerio and Sygate.
Adjust the filtering mechanism
After completing the basic configuration of the firewall, you may also want to change, delete or adjust these rules. This 4 firewall software can be aware of the list of rules and procedures to manage and maintain.
Kerio: Right-click the program icon in the system tray, select "Administration" * "Firewall" * "Advanced". In the list of known programs among the programs you want to modify the filter rules, click on the "Edit" button to open the "Filter rule" (filter rules) dialog box. In order to switch to the default state of the program, select the dialog box below the "Permit" (allowed) or "Deny" (Prohibition) button. Other options can be used to restrict remote server's IP address and the port number used by the program. If you set some rules not appropriate, this might be modified, and finally click "OK" to save the modifications.
Outpost: Right-click the system tray "Outpost" icon, select "Options" * "Application", at the stop, and section allows fully trusted program list, select a program, click the "Edit" button through "Always block this app "(always block this program) or" always trust this app "(always trust this program) option to adjust the firewall rules list. The best solution is: a fully trust the program moves to a block list (for example, click "Edit" button and select "choosing Create rules using preset" * "Browser"); then the program was given the right to access the Internet, but it is in a certain rule-bound work. Related ruleset browser (Outpost can also apply these rules to Email, instant messaging and other programs) on the TCP or UDP port that Web browsers fewer calls has been limited and will likely come from the Web or HTML e-mail minimize the hazards.
Sygate: To modify firewall rules, you need to right-click on the system tray "Sygate" icon and select "Applications" option. In the known list of programs, right-click the name of the program you want to modify, select "Allow" or "Block" option. You can also select "Ask" option so that when the program Sygate will each have access to the Internet to ask your opinion.
ZoneAlarm: To modify the program's licensing status, right-click the ZoneAlarm system tray icon, select "Restore ZoneAlarm Control Center" (return to the ZoneAlarm control center) option. Select "Program Control" option in the left pane of the Control Center and enter the "Programs" tab. Here you can make an application for the status of each set, including four status options: In the Internet and trusted the two regions, you can define the program to "allow access to remote servers" or "self-acting as a server "status. "Hit to mention" means allowed access, "x" indicates block access, then let ZoneAlarm an inquiry at the time the program each time you access the network "?"; And finally, in a new pop-up menu to select the default action.