Use 2003 built-in ICF to build a security line

ICF (Internet Connection Firewall) as a firewall tool that comes with Windows Server 2003 system, so you don't have to buy expensive hardware firewalls or configure complex professional firewalls. software. This is undoubtedly very suitable for newcomers and home users.

First, enable ICF

By default, ICF is not enabled, we need to enable it manually. For example, if we want to enable ICF for “Local Connections, the steps are as follows:

Step 1: Right click on the “Network Neighborhood” icon, execute the “Properties” command, double-click “Local Connection” ;, then click on <;Properties  to enter the “Local Connection Properties” dialog.

Step 2: Click the “Advanced” button to switch to the “Advanced" tab, check “protect my computer and network by restricting or blocking access to this computer from the Internet&rdquo ;Options, click “OK", this will open ICF.

Second, security settings for ICF

If you do not make any settings after enabling ICF, all ports of the server will be disabled and the corresponding services will be stopped. Therefore, we need to make the necessary settings for ICF to meet our actual needs.

1. Setting up regular services

The regular services mentioned here refer to WWW, FTP and other services that we often use. ICF provides several common services for us to set by default. Click the “Settings“ button in the “Advanced” tab to enter the “Advanced Settings” dialog. In the "Services" tab, a list of commonly used services is provided. If our server needs to provide FTP services, then just check the "FTP server" option (Figure 1), in the "Service settings" that are turned on. ” Keep the default computer name in the dialog box.
Figure 1

2. Setting up non-routine services

In order to prevent users from bad access, we often need to mask the default ports of some regular services, and use some non-default ports to provide regular services. For example, we can use the 6000 port to provide WWW services. Click the “Add” button in Figure 1 to open the “Service Settings” dialog. Add the appropriate information in the dialog box. Be sure to add “6000” (Figure 2) to the external and internal port numbers, then click the “OK” button. You can now see the service you just added in the list of services.
Figure 2

3.ICMP Settings

ICMP is the Internet Control Information Protocol. Our most commonly used Ping command is based on ICMP. By default, ICF disables the request for information to apply the protocol, for example, pinging the machine is not allowed. If you want to ping the machine due to special needs, you need to click the “ICMP” tab in the dialog box shown in Figure 1. In the tab that opens, check the "Allow incoming response request" option.

4. Setting up security logs

Establishing a security log allows the server to retain reliable evidence after a malicious attack, and ICF has this capability. In the dialog box shown in Figure 1, click on the "Security Log" tab, and in the "Security Log" tab, check "Delete dropped packets" and "Record successful connections". Option. This allows you to see the visitor's information by looking at the log files saved in the appropriate directory.

ICF can effectively block some users from scanning and attacking the server, and can effectively prevent worms (such as shock waves) that exploit system vulnerabilities for port attacks. It works well for both personal computers and web servers.