防火墙win7防火墙的设置(Win7 firewall settings)

win7防火墙设置  时间:2021-02-28  阅读:()

win7防火墙的设置Win7 firewall settings

In the security on the win7 than the windows XP has been greatlyimproved, we now take a look at some of the design aspects ofthe firewall in win7.

About win7 firewall.

In the setting of the win7 firewall, we need to pay attentionto these problems.

1, we must first turn off the win7 automatic restore function.Automatic reduction called intelligent win7 reduction, whensetting up a firewall for me

Is very depressed, I do not know what' s wrong. Because aftera restart when it is set to restore it. Do I think the trojan,So also uninstall the software 360. Turn off the automaticreduction of operation is as follows: click Start - controlpanel - System - system protection

Select the local disk (C:) (system) -closed. One possible UAC,you need to enter the administrator password.

2, start - enter CMD in the search programs and files in thebox, showing the presence of the cmd.exe program, right clickin the administrator

If you are already running status, administrator, UAC promptsyou to yes or no, if not the administrator, you need to enterthe administrator

Password. Now at the command line. Run the secpol.msc, open thelocal security policy dialog box. Note the difference betweenwin7 and Win XP

In Win XP, the administrator account must have administratorprivileges, they are consistent. But in win7, although theadministrator account, but still

To run the program as ordinary account. From CMD can also seeif the administrator, it will display the administrator, if thegeneral body

That is not displayed. But if you take a administrator accountto run the program, you are running with administratorprivileges. This is

The difference between administrator and other administratoraccount. In the win7 administrator is disabled by default.3, navigate to the Windows firewall with advanced security.Right click the Windows firewall with advanced security - lgpo- attribute point open

The properties dialog box. For home users, the general publicdomain, special, set to the same, actually if you only use thepublic network

The network, you only need to set the public profile tab. Butfor simple, we set it as consistent. Firewall status: enabled(recommended) ;

Inbound connections: block all connections; outboundconnections: stop. We do not choose the default settings, thedefault security settings below us.

For home users, if you choose inbound connections: stop allconnections, then your computer may not make the server willstop,

EMule, KuGoo, and many other functions of the software, if youdon' t want to be so strict, for example, you want to use remotedesktop, set for the inbound connection:

Stop (default) . We do not use the default connection out of thestation, stop using.

We conducted a simple introduction to these two.

Inbound connections if the default value, then in accordancewith the rules of the inbound connection is allowed, if set toblock all connections, so as

Where inbound connections are prohibited, even if it is notconnected to conform to the rules of the machine. So in suchcircumstances, not remote desktop

Use。

If set to allow outbound connections (default) , any program canaccess the Internet, this is not what we want, we only hope

We allow the program to access the internet.

A good point to determine. If no accident, then any program atthis time will not be able to access the Internet. (if IE,indicating that it has been added

Into the rules of the. We would not need IE access rules. )4 point, inbound and outbound rules can see the rules, thefollowing is empty. Because we are not allowed to access thenetwork program. We do not rule into the station

We need to set up, because the front has prevented allconnections, the design is useless.

The station is that we need to set the rules, otherwise how canwe use the Internet? Right click the station -- a new rule --Rule dialog box, select the program

Enter the systempath in this process in the next step, the nextstep, followed by set to allow the connection, in the name ofthe input "to allow system access

Network, complete. You can modify this rule we establish therules on the right side of the box. Wedo not need tobemodifiedfor system. Note that if you are in a time when the InternetYour network of a private network, you need special tick ratherthan the public. After this rule configuration is good, the restis similar.

We need to build three rules, to lay a good foundation for theinternet. The other two rules are as follows:

Name: DNS (1) allows programs and services; - thisprogram:%SystemRoot%\System32\svchost.exe; protocol and port- protocol type: UDP

Local port: 1024-65535, remote port: 53; senior public.

(2) Name: allow back; procedures and service: all meet thespecified conditions and procedures; protocol port andprotocol type: ICMPv4; senior public.

And in front of that allow system to access the network, a totalof three. Well, this phase is complete.

5 point control panel --windows firewall --windows advancedsettings, UAC control dialog box, asking you to confirm whetheror not to continue, if not the administrator

Ask you to enter the administrator password. Open the advancedwindows security firewall on the local computer, the inboundconnections, outbound connections, and we

In the Group Policy under the same setting, same. The three ruleis set in front of the US, this can not be changed. groupThe strategy is set higher than the setting. We have derivedthe rules here saved in a file for later retrieval, if youunderstand, don

Do not need to recover, here is just in case you made a mistakeof reduction. Then delete delete (or to ban are forbidden, donot need to

Derived) . Of course we are located in front of the three is notdeleted. Point out of the stationrule, anewrule is as followsName: "IE is allowed access to the Internet" programs andservices:%ProgramFi les%\Internet; Explorer\iexplore.exe;protocol and end

Export-protocol type: TCP, 1024-65535, remote port local port:80; senior public.

The open IE, you can see, the internet.

The other is similar, so, only after we allow the program toaccess a network.

The setting of QQ:

Name: QQ is allowed access to the Internet; protocol and port- protocol type: UDP, remote port: 8000, senior public.If you QQ were set up as above will be landing in the port numberQQ landing interface named QQ. If you do not specify a remoteport number, do not have.

If you're not sure for a program with arbitrary port number.Use the port number after some more stringent restrictions.

From our previous settings can be seen, only system is open.The svchost.exe port is open, and it only

Andremote port 53 communication is essentially closed. Becausethe horse is not possible with the remote port 53 communication.In the group policy setting, I'm not sure whether to open system.When I first most, if not open, if not like the internet.And now I don't have this rule as it can. The remaining two isto open. You can't get on the internet.

器安装环境和运维管理工具推荐

今天看到一个网友从原来虚拟主机准备转移至服务器管理自己的业务。这里问到虚拟主机和服务器到底有什么不同,需要用到哪些工具软件。那准备在下班之间稍微摸鱼一下整理我们服务器安装环境和运维管理中常见需要用到的软件工具推荐。第一、系统镜像软件一般来说,我们云服务器或者独立服务器都是有自带镜像的。我们只需要选择镜像安装就可以,比如有 Windows和Linux。但是有些时候我们可能需要自定义镜像的高级玩法,这...

CloudCone2核KVM美国洛杉矶MC机房机房2.89美元/月,美国洛杉矶MC机房KVM虚拟架构2核1.5G内存1Gbps带宽,国外便宜美国VPS七月特价优惠

近日CloudCone发布了七月的特价便宜优惠VPS云服务器产品,KVM虚拟架构,性价比最高的为2核心1.5G内存1Gbps带宽5TB月流量,2.89美元/月,稳定性还是非常不错的,有需要国外便宜VPS云服务器的朋友可以关注一下。CloudCone怎么样?CloudCone服务器好不好?CloudCone值不值得购买?CloudCone是一家成立于2017年的美国服务器提供商,国外实力大厂,自己开...

提速啦(69元起)香港大带宽CN2+BGP独享云服务器

香港大带宽服务器香港大带宽云服务器目前市场上可以选择的商家十分少,这次给大家推荐的是我们的老便宜提速啦的香港大带宽云服务器,默认通用BGP线路(即CN2+BGP)是由三网直连线路 中国电信骨干网以及HGC、NTT、PCCW等国际线路混合而成的高品质带宽(精品带宽)线路,可有效覆盖全球200多个国家和地区。(适用于绝大部分应用场景,适合国内外访客访问,域名无需备案)提速啦官网链接:点击进入香港Cer...

win7防火墙设置为你推荐
站长故事爱迪生发明东西的故事最新qq空间代码QQ空间代码免费开通黄钻如何免费开通qq黄钻flash导航条如何制作flash导航条渗透测试网站渗透测试怎么做?ps抠图技巧ps的抠图技巧是什么qq怎么发邮件用QQ怎样发送文件数据库损坏数据库损坏是怎么回事啊?系统分析员系统分析师是什么职业?主要做什么工作?什么是云平台什么是云系统?
租服务器价格 谷歌域名邮箱 息壤备案 韩国俄罗斯 分销主机 账号泄露 北京双线机房 699美元 银盘服务 网页提速 酸酸乳 免费稳定空间 服务器托管价格 重庆联通服务器托管 hosting comodo 连连支付 nano 瓦工工具 电脑主机启动不了 更多