防火墙win7防火墙的设置(Win7 firewall settings)

win7防火墙设置  时间:2021-02-28  阅读:()

win7防火墙的设置Win7 firewall settings

In the security on the win7 than the windows XP has been greatlyimproved, we now take a look at some of the design aspects ofthe firewall in win7.

About win7 firewall.

In the setting of the win7 firewall, we need to pay attentionto these problems.

1, we must first turn off the win7 automatic restore function.Automatic reduction called intelligent win7 reduction, whensetting up a firewall for me

Is very depressed, I do not know what' s wrong. Because aftera restart when it is set to restore it. Do I think the trojan,So also uninstall the software 360. Turn off the automaticreduction of operation is as follows: click Start - controlpanel - System - system protection

Select the local disk (C:) (system) -closed. One possible UAC,you need to enter the administrator password.

2, start - enter CMD in the search programs and files in thebox, showing the presence of the cmd.exe program, right clickin the administrator

If you are already running status, administrator, UAC promptsyou to yes or no, if not the administrator, you need to enterthe administrator

Password. Now at the command line. Run the secpol.msc, open thelocal security policy dialog box. Note the difference betweenwin7 and Win XP

In Win XP, the administrator account must have administratorprivileges, they are consistent. But in win7, although theadministrator account, but still

To run the program as ordinary account. From CMD can also seeif the administrator, it will display the administrator, if thegeneral body

That is not displayed. But if you take a administrator accountto run the program, you are running with administratorprivileges. This is

The difference between administrator and other administratoraccount. In the win7 administrator is disabled by default.3, navigate to the Windows firewall with advanced security.Right click the Windows firewall with advanced security - lgpo- attribute point open

The properties dialog box. For home users, the general publicdomain, special, set to the same, actually if you only use thepublic network

The network, you only need to set the public profile tab. Butfor simple, we set it as consistent. Firewall status: enabled(recommended) ;

Inbound connections: block all connections; outboundconnections: stop. We do not choose the default settings, thedefault security settings below us.

For home users, if you choose inbound connections: stop allconnections, then your computer may not make the server willstop,

EMule, KuGoo, and many other functions of the software, if youdon' t want to be so strict, for example, you want to use remotedesktop, set for the inbound connection:

Stop (default) . We do not use the default connection out of thestation, stop using.

We conducted a simple introduction to these two.

Inbound connections if the default value, then in accordancewith the rules of the inbound connection is allowed, if set toblock all connections, so as

Where inbound connections are prohibited, even if it is notconnected to conform to the rules of the machine. So in suchcircumstances, not remote desktop

Use。

If set to allow outbound connections (default) , any program canaccess the Internet, this is not what we want, we only hope

We allow the program to access the internet.

A good point to determine. If no accident, then any program atthis time will not be able to access the Internet. (if IE,indicating that it has been added

Into the rules of the. We would not need IE access rules. )4 point, inbound and outbound rules can see the rules, thefollowing is empty. Because we are not allowed to access thenetwork program. We do not rule into the station

We need to set up, because the front has prevented allconnections, the design is useless.

The station is that we need to set the rules, otherwise how canwe use the Internet? Right click the station -- a new rule --Rule dialog box, select the program

Enter the systempath in this process in the next step, the nextstep, followed by set to allow the connection, in the name ofthe input "to allow system access

Network, complete. You can modify this rule we establish therules on the right side of the box. Wedo not need tobemodifiedfor system. Note that if you are in a time when the InternetYour network of a private network, you need special tick ratherthan the public. After this rule configuration is good, the restis similar.

We need to build three rules, to lay a good foundation for theinternet. The other two rules are as follows:

Name: DNS (1) allows programs and services; - thisprogram:%SystemRoot%\System32\svchost.exe; protocol and port- protocol type: UDP

Local port: 1024-65535, remote port: 53; senior public.

(2) Name: allow back; procedures and service: all meet thespecified conditions and procedures; protocol port andprotocol type: ICMPv4; senior public.

And in front of that allow system to access the network, a totalof three. Well, this phase is complete.

5 point control panel --windows firewall --windows advancedsettings, UAC control dialog box, asking you to confirm whetheror not to continue, if not the administrator

Ask you to enter the administrator password. Open the advancedwindows security firewall on the local computer, the inboundconnections, outbound connections, and we

In the Group Policy under the same setting, same. The three ruleis set in front of the US, this can not be changed. groupThe strategy is set higher than the setting. We have derivedthe rules here saved in a file for later retrieval, if youunderstand, don

Do not need to recover, here is just in case you made a mistakeof reduction. Then delete delete (or to ban are forbidden, donot need to

Derived) . Of course we are located in front of the three is notdeleted. Point out of the stationrule, anewrule is as followsName: "IE is allowed access to the Internet" programs andservices:%ProgramFi les%\Internet; Explorer\iexplore.exe;protocol and end

Export-protocol type: TCP, 1024-65535, remote port local port:80; senior public.

The open IE, you can see, the internet.

The other is similar, so, only after we allow the program toaccess a network.

The setting of QQ:

Name: QQ is allowed access to the Internet; protocol and port- protocol type: UDP, remote port: 8000, senior public.If you QQ were set up as above will be landing in the port numberQQ landing interface named QQ. If you do not specify a remoteport number, do not have.

If you're not sure for a program with arbitrary port number.Use the port number after some more stringent restrictions.

From our previous settings can be seen, only system is open.The svchost.exe port is open, and it only

Andremote port 53 communication is essentially closed. Becausethe horse is not possible with the remote port 53 communication.In the group policy setting, I'm not sure whether to open system.When I first most, if not open, if not like the internet.And now I don't have this rule as it can. The remaining two isto open. You can't get on the internet.

RackNerd提供四款高配美国服务器促销活动低至月$189

RackNerd 商家给的感觉就是一直蹭节日热点,然后时不时通过修改配置结构不断的提供低价年付的VPS主机,不过他们家还是在做事的,这么两年多的发展,居然已经有新增至十几个数据中心,而且产品线发展也是比较丰富。比如也有独立服务器业务,不过在他们轮番的低价年付VPS主机活动下,他们的服务器估摸着销路不是太好的。这里,今天有看到RackNerd商家的独立服务器业务有促销。这次提供美国多个机房的高配独立...

香港CN2云服务器 1核 2G 35元/月 妮妮云

妮妮云的来历妮妮云是 789 陈总 张总 三方共同投资建立的网站 本着“良心 便宜 稳定”的初衷 为小白用户避免被坑妮妮云的市场定位妮妮云主要代理市场稳定速度的云服务器产品,避免新手购买云服务器的时候众多商家不知道如何选择,妮妮云就帮你选择好了产品,无需承担购买风险,不用担心出现被跑路 被诈骗的情况。妮妮云的售后保证妮妮云退款 通过于合作商的友好协商,云服务器提供2天内全额退款到网站余额,超过2天...

ZJI-全场八折优惠,香港服务器 600元起,还有日本/美国/韩国服务器

ZJI怎么样?ZJI是一家成立于2011年的商家,原名维翔主机,主要从事独立服务器产品销售,目前主打中国香港、日本、美国独立服务器产品,是一个稳定、靠谱的老牌商家。详情如下:月付/年付优惠码:zji??下物理服务器/VDS/虚拟主机空间订单八折终身优惠(长期有效)一、ZJI官网点击直达香港葵湾特惠B型 CPU:E5-2650L核心:6核12线程内存:16GB硬盘:480GB SSD带宽:5Mbps...

win7防火墙设置为你推荐
手机区号手机电话号码开头95共15位号码是什么手机号码?ios7固件下载iphone自动下载IOS7固件版本怎么删除保护气球什么气球可以骑?雅虎天盾我装了360安全卫士,原来的雅虎天盾需不需要卸载mate8价格现在买华为mate8高配划算吗宕机宕机是什么意思如何快速收录如何让百度快速收录blogcn哪种博客更好...sina.baidu.blogcn还是.............?php购物车php做购物车需要用到哪些技术,这些技术怎么实现263企业邮箱设置263企业邮箱如何设置白名单?
网站空间租用 动态域名解析 国际域名抢注 免费linux主机 德国vps godaddy域名解析教程 免费顶级域名 火山主机 分销主机 网站监控 http500内部服务器错误 空间服务商 java空间 河南服务器 灵动鬼影 老左正传 lol台服官网 域名和空间 免费智能解析 卡巴斯基免费试用 更多