防火墙win7防火墙设置的问题(The problem of win7 firewall settings)

win7防火墙设置  时间:2021-02-28  阅读:()

win7防火墙设置的问题The problem of win7 firewall settingsThe problem of win7 firewall settings

Win7 Professional Edition

Control panel - > system and security - >Windows Firewall - >Advanced Settings

For example, to let other machines can access the port 1521 isa new rule in the inbound rules.

Select the inbound rules - "right -" new rules "- type rules(port) -"TCP or UDP, open ports, behind the wizard prompts canbe filled by. Www.2cto.com

Pay attention to the rules in a name, easy to find after thename, such as: the release of 1521.

After completing the configuration, can find a rule for thegreen effect, then you can use other machines to access thetest.

Some firewall configuration problem for reference:

In the security on the win7 than the windows XP has been greatlyimproved, we now take a look at some of the design aspects ofthe firewall in win7.

About win7 firewall.

In the setting of the win7 firewall, we need to pay attention

to these problems.

1, we must first turn off the win7 automatic restore function.Automatic reduction called intelligent win7 reduction, whensetting up a firewall for me

Is very depressed, I do not know what' s wrong. Because aftera restart when it is set to restore it. Do I think the trojan,So also uninstall the software 360. Turn off the automaticreduction of operation is as follows: click Start - controlpanel - System - system protection

Select the local disk (C:) (system) -closed. One possible UAC,you need to enter the administrator password.

2, start - enter CMD in the search programs and files in thebox, showing the presence of the cmd.exe program, right clickin the www.2cto. com administrator

If you are already running status, administrator, UAC promptsyou to yes or no, if not the administrator, you need to enterthe administrator

Password. Now at the command line. Run the secpol.msc, open thelocal security policy dialog box. Note the difference betweenwin7 and Win XP

In Win XP, the administrator account must have administratorprivileges, they are consistent. But in win7, although theadministrator account, but still

To run the program as ordinary account. From CMD can also seeif the administrator, it will display the administrator, if thegeneral body

That is not displayed. But if you take a administrator accountto run the program, you are running with administratorprivileges. This is

The difference between administrator and other administratoraccount. In the win7 administrator is disabled by default.3, navigate to the Windows firewall with advanced security.Right click the Windows firewall with advanced security - lgpo- attribute point open

The properties dialog box. For home users, the general publicdomain, special, set to the same, actually if you only use thepublic network

The network, you only need to set the public profile tab. Butfor simple, we set it as consistent. Firewall status: enabled(recommended) ;

Inbound connections: block all connections; outboundconnections: stop. We do not choose the default settings, thedefault security settings below us.

For home users, if you choose inbound connections: stop allconnections,

Your computer may not make the server will stop,

EMule, KuGoo, and many other functions of the software, if youdon' t want to be so strict, for example, you want to use remotedesktop, set for the inbound connection:

Stop (default) . We do not use the default connection out of thestation, stop using.

We conducted a simple introduction to these two.

Inbound connections if the default value, then in accordancewith the rules of the inbound connection is allowed, if set toblock all connections, so as

Where inbound connections are prohibited, even if it is notconnected to conform to the rules of the machine. So in suchcircumstances, not remote desktop

Use。

If set to allow outbound connections (default) , any program canaccess the Internet, this is not what we want, we only hopeWe allow the program to access the internet.

A good point to determine. If no accident, then any program atthis time will not be able to access the Internet. (if IE,indicating that it has been added

Into the rules of the. We would not need IE access rules. )

4 point, inbound and outbound rules can see the rules, thefollowing is empty. Because we are not allowed to access thenetwork program. The inbound rules we do not www.2cto. comWe need to set up, because the front has prevented allconnections, the design is useless.

The station is that we need to set the rules, otherwise how canwe use the Internet? Right click the station -- a new rule --Rule dialog box, select the program

Enter the systempath in this process in the next step, the nextstep, followed by set to allow the connection, in the name ofthe input "to allow system access

Network, complete. You can modify this rule we establish therules on the right side of the box. Wedo not need tobemodifiedfor system. Note that if you are in a time when the InternetYour network of a private network, you need special tick ratherthan the public. After this rule configuration is good, the restis similar.

We need to build three rules, to lay a good foundation for theinternet. The other two rules are as follows:

Name: DNS (1) allows programs and services; - thisprogram:%SystemRoot%\System32\svchost.exe; protocol and port- protocol type: UDP

Local port: 1024-65535, remote port: 53; senior public.

(2) Name: allow back; procedures and service: all meet thespecified conditions and procedures; protocol port andprotocol type: ICMPv4; senior public.

And in front of that allow system to access the network, a totalof three. Well, this phase is complete.

5 point control panel --windows firewall --windows advancedsettings, UAC control dialog box, asking you to confirm whetheror not to continue, if not the administrator

Ask you to enter the administrator password. Open the advancedwindows security firewall on the local computer, the inboundconnections, outbound connections, and we

In the Group Policy under the same setting, same. The three ruleis set in front of the US, this can not be changed. groupThe strategy is set higher than the setting.

We have derived the rules here saved in a file for laterretrieval, if you understand, don

Do not need to recover, here is just in case you made a mistakeof reduction. Then delete delete (or to ban are forbidden, donot need to

Derived) . Of course we are located in front of the three is notdeleted. Point out of the stationrule, anewrule is as follows

Name: "IE is allowed access to the Internet" programs andservices:%ProgramFi les%\Internet; Explorer\iexplore.exe;protocol and port, protocol type: TCP, 1024-65535, remote portlocal port: 80; senior public.

The open IE, you can see, the internet.

The other is similar, so, only after we allow the program toaccess a network.

QQ setting: www. 2cto.com

Name: QQ is allowed access to the Internet; protocol and port- protocol type: UDP, remote port: 8000, senior public.If you QQ were set up as above will be landing in the port numberQQ landing interface named QQ. If you do not specify a remoteport number, do not have.

If you're not sure for a program with arbitrary port number.Use the port number after some more stringent restrictions.From our previous settings can be seen, only system is open.The svchost.exe port is open, and it only

Andremote port 53 communication is essentially closed. Becausethe horse is not possible with the remote port 53 communication.In the group policy setting, I'm not sure whether to open system.When I first most, if not open, if not like the internet.

And now I don't have this rule as it can. The remaining two isto open. You can't get on the internet.

PIGYun月付14.4元起,美国洛杉矶/韩国VPS七月6折

PIGYun是成立于2019年的国人商家,提供香港、韩国和美西CUVIP-9929等机房线路基于KVM架构的VPS主机,本月商家针对韩国首尔、美国洛杉矶CUVIP-AS29、GIA回程带防御等多条线路VPS提供6-8.5折优惠码,优惠后韩国首尔CN2混合BGP特惠型/美国洛杉矶GIA回程带10Gbps攻击防御VPS主机最低每月14.4元起。下面列出几款不同机房VPS主机配置信息,请留意不同优惠码。...

零途云月付31.9元起,香港cn2 gia线路

零途云是一家香港公司,主要产品香港cn2 gia线路、美国Cera线路云主机,美国CERA高防服务器,日本CN2直连服务器;同时提供香港多ip站群云服务器。即日起,购买香港/美国/日本云服务器享受9折优惠,新用户有优惠码:LINGTUYUN,使用即可打折。目前,零途云还推出性价比非常高香港多ip站群云服务器,有需要的,可以关注一下。零途云优惠码:优惠码:LINGTUYUN (新用户优惠,享受9折优...

青果网络618:洛杉矶CN2 GIA/东京CN2套餐年付199元起,国内高防独服套餐66折

青果网络怎么样?青果网络隶属于泉州市青果网络科技有限公司,青果网络商家成立于2015年4月1日,拥有工信部颁发的全网IDC/ISP/IP-VPN资质,是国内为数不多具有IDC/ISP双资质的综合型云计算服务商。青果网络是APNIC和CNNIC地址分配联盟成员,泉州市互联网协会会员单位,信誉非常有保障。目前,青果网络商家正式开启了618云特惠活动,针对国内外机房都有相应的优惠。点击进入:青果网络官方...

win7防火墙设置为你推荐
weipin唯品会的唯品钱包里的钱怎么用绵阳电信绵阳电信宽带怎么收费的如何免费开通黄钻怎么免费开黄钻?在线漏洞检测网站好像有漏洞,直接看代码可以找出来吗?网站运营网络运营具体做什么呢ps抠图技巧如何使用PS抠图唱吧电脑版官方下载唱吧有没有电脑版的啊?硬盘人上海人说“硬盘”是什么梗开机滚动条如何关闭开机滚动条?ios系统iOS系统是什么
韩国虚拟主机 qq域名邮箱 已备案域名注册 wordpress主机 服务器评测 美国便宜货网站 softbank官网 360抢票助手 网站挂马检测工具 hostker 699美元 国外代理服务器地址 免费dns解析 网站在线扫描 国外视频网站有哪些 四川电信商城 网通服务器 上海电信测速 东莞服务器托管 lamp什么意思 更多