Win2003 comes with a firewall to build a security line

Windows 2003 firewall function introduction

The firewall provided by Windows 2003 is called Internet connection firewall, allowing secure network communication to enter the network through the firewall, while rejecting unsecure communication. Enter to protect the network from external threats. Internet Connection Firewall is only included in Windows Server 2003 Standard Edition and 32-bit versions of Windows Server 2003 Enterprise Edition.

Internet Connection Firewall Settings

On Windows 2003 servers, the firewall function is enabled for computers that are directly connected to the Internet, and supports network adapters, DSL adapters, or dial-up modems to connect to the Internet.

1. Start/Stop Firewall

(1) Open "Network Connection", right-click the connection you want to protect, click "Properties", and the "Local Area Connection Properties" dialog box appears.

(2) Click the "Advanced" tab, as shown in Figure 1 start /stop firewall interface. If you want to enable Internet Connection Firewall, select the Protect my computer and network by restricting or blocking access to this computer from the Internet check box; if you want to disable Internet Connection Firewall, clear the above selection.
2. Firewall Service Settings

Windows 2003 Internet Connection Firewall can manage service ports, such as HTTP port 80, FTP port 21, etc. As long as the system provides these services, the Internet connection firewall can monitor and manage these ports.

(1) Standard Service Settings

Let's take the standard Web service provided by Windows 2003 server as an example (default port 80). The operation steps are as follows: Click in the interface shown in Figure 1. [Settings] button, the "Service Settings" dialog box shown in Figure 2 appears; in the "Service Settings" dialog box, select the "Web Server (HTTP)" option, click the [OK] button. Once set, network users will not be able to access other network services provided by the server other than the web service.

Note: You can choose according to the service provided by the Windows 2003 server, you can multi-select. The standard service system is already preset in the system, you just need to select the appropriate option. If the server also provides non-standard services, it needs to be manually added by the administrator.
(2) Non-standard service settings

Let's take the example of opening a non-standard Web service through port 8000. In the Service Settings dialog box of Figure 2, click the [Add] button, and the "Service Add" dialog box appears. In this dialog box, fill in the service description, IP address, port number used by the service, and select The protocol used (Web service uses TCP protocol, DNS query uses UDP protocol), and finally click [OK]. After the setup is complete, network users can access the corresponding services through port 8000, and access to unauthorised TCP and UDP ports is isolated.

3. Firewall Security Log Settings

In the Service Settings dialog box of Figure 2, select the Security Log tab, the Security Log Settings dialog box appears, select the items to be logged, and the firewall will record the corresponding data. . The default path of the log file is C:WindowsPfirewall.log, which can be opened with Notepad. The format of the generated security log is W3C extended log file format, which can be viewed and analyzed by common log analysis tools.

Note: It is necessary to establish a security log, which provides reliable evidence when server security is compromised.

Summary of Internet Connection Firewall

The Internet Connection Firewall can effectively block the illegal invasion of Windows 2003 servers and prevent illegal remote hosts from scanning the servers, thus improving the security of Windows 2003 servers. At the same time, it can also effectively block viruses that use operating system vulnerabilities for port attacks, such as worms such as shockwaves. If you enable this firewall feature on a virtual router built with Windows 2003, it can protect the entire internal network.