Security on the Internet ... For many years now, this topic has been actively discussed by the media of various degrees of “yellowness”, completely forgetting that it would be nice to give some specific recommendations, rather than telling a bunch of scary, but not too believable stories.
I would like to tell you a little how to configure the firewall yourself, without resorting to the services of various kinds of computer help.
What it is
Before talking about tuning, you need to conduct a short digression into the depth of the topic. A firewall is a special program that prevents intrusions on your computer from the depths of the Internet, and also blocks the actions of spyware tools that can transfer your personal information to the side.
When is it really needed?
Contrary to popular belief, personally angry hackers are unlikely to attack your computer. Of course, if you are some kind of commercial director of a bank, then this can really become a reality, but you can not be especially afraid of everyone else.
But if you have a “white” IP (not dynamic), you pick up a simple ftp server at home or you decide to raise a site on your home computer in order of individual masachism ... Then the firewall will come in handy!
How to
configure the firewall correctly so that it copes with all the tasks assigned to it as efficiently as possible? Immediately make a reservation that we will talk about general settings, since there are too many utilities of this kind in the modern market.
Package Configuration
First, we will configure the rules that apply to incoming packages. This is more important, since a normal firewall will probably handle outgoing itself (based on the rules prescribed by the developer).
We prohibit all incoming "correspondence" (TCP) on ports within the range of 1-1025, as well as UDP on the ranges of 1-1024. What is it for? The thing is that it is there that most of the "holes" in protecting the Windows family of OS. In general, it would be nice to find out their list before setting up the firewall.
Be sure to close the doors to the TCP 5000, as well as to UDP 1900. As a result of all of the above actions, most of the system ports are under fairly reliable protection, the level of which meets all the requirements of the average user.
But how to set up a firewall, Windows 7 which provides even in the basic package? If you do everything described above, you can consider yourself completely protected.
What can be opened?
You can open it DNS (and for the company UDP 53), FTP (TCP 20-21). If there is such a need (own http-server), you can also open TCP 80. Almost all ICMP packets can be safely allowed. A little trick: if you prohibit calls to the 80th port of remote computers from ICQ, then the amount of advertising will significantly decrease.
Since setting up a firewall using the methods described above is quite simple, even beginners and completely inexperienced beginners will surely cope with this. Note that not a single firewall can compensate for the tortuosity of the user's hands, and therefore do not visit questionable sites once again , do not open links that lead anywhere!
And how to open the firewall completely? As a rule, in the settings of any similar application there is an item “allow all” or something similar. Use this as little as possible.