Install and Configure a Firewall
A firewall is a system or software that controls the flow of traffic between networks and protects your computer or network from intruders. This extra layer of protection is especially important on any computer with an "always on" Internet connection, such as a DSL line or cable modem. Firewalls vary widely in their cost and features, but in general they consist of hardware, software, or a combination of the two, which prevents unauthorized users from interactively logging on to network resources from the outside. On most networks, a firewall acts as a single point of access to the outside world, making it easier to enforce security settings and to keep a log of intrusion attempts.

Consider one or more of the following additions to increase security on a single computer or a small to medium-sized network:

Configure custom ports The built-in Internet Connection Firewall (ICF) included with Windows XP effectively blocks all incoming traffic from the outside except on ports where you've requested data. The ICF is automatically configured when you run the Network Setup Wizard. Many Windows-based programs can work seamlessly through the firewall (all traffic from the local machine is allowed out), although you might need to configure some ports manually before you can run a third-party program that uses nonstandard ports. To adjust ICF settings, you must burrow deep into the Windows interface. Open the Network Connections option in Control Panel, double-click the icon for your Internet connection, click the Properties button, and click the Advanced tab. After making sure the Internet Connection Firewall option is selected, click the Settings button to display the dialog box shown in Figure 2-10. (For more details about how ICF works and how you can configure it, see Using Internet Connection Firewall in Windows XP.)

Upgrade the firewall software Third-party firewall programs are appropriate for use with Windows 2000, which includes no firewall utility of its own, and for Windows XP administrators who want more protection than ICF provides, such as the capability to block or filter outbound traffic. In addition to intrusion detection and logging, many of these programs supply tools to help you configure traffic on a per-application basis, allow virtual private network connections, and alert you when intrusion attempts are taking place.


Figure 2-10. Selecting any of these preconfigured options in the Windows XP Internet Connection Firewall allows traffic to flow through the firewall. Click the Add button to create custom settings for third-party programs.
Add hardware protection Hardware-based firewall products range from simple routers, which offer Network Address Translation services and port filtering, to complex devices that inspect every packet entering a network to determine whether and how it should be allowed to pass. On small networks, the combination of a simple hardware device and desktop firewall software can be a very effective form of protection. (For a more detailed discussion of hardware-based firewall products, see Using a Hardware Firewall Appliance.)

Libellés : Configure, Firewall, Install