WINDOWS XP COMES WITH A BUILT-IN FIREWALL CALLED WINDOWS FIREWALL. FOR PEOPLE WHO DO NOT WANT TO SPEND THE MONEY ON A COMMERCIAL SOFTWARE FIREWALL, THIS FIREWALL WILL BE MORE THAN ENOUGH TO PROTECT YOUR COMPUTER. BY DEFAULT, WINDOWS FIREWALL DISABLE ALL INCOMING TRAFFIC TO YOUR COMPUTER, INCLUDING ICMP TRAFFIC, WHICH CONSISTS OF PINGS.JUST LIKE ALL OTHER FIREWALL'S YOU CAN SPECIFY WHICH SERVICES/PORTS YOU WOULD LIKES TO HAVE BEEN SO THAT OTHER COMPUTER CAN CONNECT TO YOURS.THIS WILL ALLOW YOU TO OPEN UP PORTS FOR SETVICES LIKE WEB SERVERS,MAIL SERVERS ,GAME SERVERS,ETC.WINDOWS FIREWALL COMES CONFIGURED WITH BASIC SERVICES THAT YOU CAN ENABLE TO BE OPENED, AND YOU ALSO HAVE THE ABILITY TO ADD OTHER RULES FOR INCOMING TRAFFIC THAT ARE NOT ALREADY CONFIGURED.IF YOU ALSO HAVE THE ABILITY TO ENABLE INCOMING ICMP TRAFFIC,SO THAT YOU CAN PING AND TRACEROUTE YO YOUR COMPUTER.
HOW TO ENABLE AND DISABLE THE WINDOWS FIREWALL IN XP:
NOTE:IN ORDER TO ENABLE THE WINDOWS FIREWALL YOU MUST BE LOGGED IN AS AN ADMINISTRATOR.
CLICK ON THE START BUTTON AND THEN CLICK ON RUN.
IN THE OPEN FIELS,TYPE CONTROL AND PRESS OK.
THIS WILL LAUNCH THE CONTROL PANEL.IF YOU SEE A SELECTION SIMILAR TO FIGURE 1,CLICK ON SWITCH TO CLASSIC VIEW OPTION WHICH IS INDICATED BY THE RED ARROW IN THE FIGURE BELOW.
AFTER CLICKING ON CLASSIC VIEW YOU SHOULD NOW SEE A SCREEN THAT LOOKS LIKE FIGURE 2. YOU WILL THEN WANT TO DOUBLE CLICK ON WINDOWS FIREWALL
AS SHOWN IN THE IMAGE BELOW.
AFTER DOUBLE CLICKING ON WINDOWS FIREWALL ICON,YOU WILL BE PRESENTED WITH THE WINDOWS FIREWALL CONTROL PANEL THAT ALLOWS YOU TO CONFIGURE THE SETTING FOR THE FIREWALL.
TO ENABLE THE FIREWALL,SIMPLY MAKE SURE THE ON (RECOMMENDED) OPTION IS SELECTED.IF YOU WISH TO DISABLE THE FIREWALL,SIMPLY SELECT THE OFF(NOT RECOMMENDED) OPTION. YOU WILL ALSO NOTICE THAT THERE IS A CHECKBOX LABELED DON'T ALLOW EXCEPTIONS. IF THIS OPTION IS CHECKED THEN ANY RULES, OR EXCEPTIONS, THAT YOU CREATE TO ALLOW OUTSIDE TRAFFIC TO REACH YOU COMPUTER WILL BE DISABLE.EXCEPTIONS WILL BE EXPLAINED IN MORE DETAIL IN THE FOLLOWING SECTION.
HOW TO MANAGE EXCEPTIONS TO THE WINDOWS FIREWALL:
WHEN THE WINDOWS FIREWALL IS ENABLED IT WILL NOT ALLOW ANY REMOTE COMPUTER CONNECT TO YOURS. THERE ARE SITUATIONS , THOUGH , THAT YOU MAY WISH TO ALLOW REMOTE COMPUTER CONNECT TO YOURS SUCH AS IF YOU ARE RUNNING A WEB SERVER, SHARING FILES OR PRINTERS ON YOUR COMPUTER,
USING CERTAIN P2P PROGRAMS, OR RUNNING OTHER SERVICES THAT REQUIRE REMOTE CONNECTIONS TO WORK. TO ALLOW THESE TYPES OF CONNECTIONS WE NEED TO ENABLE THEM AS EXCEPTIONS IN THE WINDOWS FIREWALL.FOR THOSE OF YOU WHO ARE FAMILIAR WITH CONFIGURING HARDWARE FIREWALLS,THIS IS SIMILAR TO PORT FORWARDING.
TO MANAGE YOUR EXCEPTION YOU NEED TO OPEN THE WINDOWS FIREWALL AS DESCRIBED IN THE PREVIOUS SECTION.ONCE THE WINDOWS FIREWALL CONTROL PANEL IS OPEN YOU SHOULD CLICK ON THE EXCEPTIONS TAB.THIS WILL CHANGE THE SCREEN TO ONE THAT LOOKS SIMILAR TO THE ONE BELOW.
IN THIS SCREEN YOU CAN SELECT PREDEFINED SERVICES THAT YOU LIKE TO ENABLE SO THAT REMOTE COMPUTER CAN ACCESS THEM.IF YOU DO NOT PLAN ON ALLOWING ANY REMOTE COMPUTER TO ACCESS YOURS, PLEASE MAKE SURE THERE ARE NO OPTIONS CHECKED.
WHEN ADDING EXCEPTIONS YOU HAVE TWO WAYS OF DOING IT.THE FIRST METHOD IS TO ADD A PROGRAM THAT YOU WOULD LIKE REMOTE COMPUTERS TO ACCESS BY CLICKING ON THE ADD PRORAM....BUTTON.DOING THIS WILL TELL WINDOWS FIREWALL TO ALLOW REMOTE CONNECTIONS TO ANY PORTS THAT THE PROGRAM USES. THE SECOND, AND SAFER ,OPTION IS TO INSTEAD ONLY ADD SPECIFIC TCP/UDP PORTS THAT YOU REQIRE TO BE CONNECTED TO BY USING THE ADD PORT BUTTON. WHEN YOU CLICK ON THE ADD PORT BUTTON A NEW DIALOG BOX WILL OPEN THAT ALLOWS YOU TO CONFIGURE THE NECESSARY INFORMATION FOR THE EXCEPTION AS SHOWN BELOW.
IN THE ADD A PORT DIALOG BOX, YOU SHOULD GIVE A DESCRIPTIVE TITLE TO THE EXCEPTION AND THEN ENTER THE PORT THAT NEEDS TO BE OPENED.YOU SHOULD THEN SELECT TCP OR UDP DEPENDING ON WHAT TYPE OF PORT IT IS. IF YOU NEED TO OPEN A PORT FOR BOTH TCP AND UDP, YOU WILL NEED TO CREATE TWO SEPERATE EXCEPTIONS WHERE ONE IS FOR UDP AND THE OTHER IS FOR TCP.IF YOU ARE NOT SURE WHAT PORT SHOULD BE OPENED TO ALLOW YOUR APPLICATION TO WORK, YOU SHOULD CHECK THE DOCUMENTATION THAT CAME WITH YOUR PROGRAM.
AS AN EXAMPLE , LET'S CREATE AN EXCEPTION THAT ALLOWS YOUR COMPUTER TO ACT AS A WEB SERVER THAT CAN BE REACHED BY OTHER COMPUTERS.THE DEFAULT CONFIGURATION FOR A WEB SERVER IS FOR IT TO LISTEN FOR CONNECTION ON TCP PORT 80. TO DO THIS WE SHOULD CREATE AN EXCEPTION AS SHOWN BELOW:
AS YOU CAN SEE IN THE IMAGE ABOVE, WE HAVE CREATED AN EXCEPTION CALLED WWW THAT ALLOWS TCP PORT 80 ,WHICH IS THE PORT FOR A WEB SERVER , TO BE CONNECTED TO BY REMOTE COMPUTERS.ONCE YOU PRESS THE OK BUTTON , THE EXCEPTION WILL BE ADDED AND AUTOMATICALLY CHCKED AS SHOWN IN THE IMAGE BELOW
AS YOU CAN SEE THE NEW WWW EXCEPTION HAS BEEN CREATED AND AUTOMATICALLY ENABLED BY WINDOWS FIREWALL. YOU CAN THEN PRESS THE OK BUTTON TO EXIT THE WINDOWS FIREWALL CONTROL PANEL.
ONE THING TO REMEMBER IS THAT WHEN WORKING WITH EXCEPTIONS,IF YOU HAVE THE DON'T ALLOQ EXCEPTIONS CHECKBOX CHECKED IN THE GENERAL SETTINGS TAB OF THE WINDOWS FIREWALL , ALL OF YOU EXCEPTIONS WILL BE DISABLE UNTIL YOU UNCHECKED THAT BOX.
PLEASE SHARE THIS BLOG
No comments:
Post a Comment