36 Firewall with Windows





Firewall with Windows

figs/beginner.gif figs/hack36.gif

Yes, you can use Windows as a firewall.

You may not know it, but Windows has a very capable firewall built right in. To access it, run the Microsoft Management Console. You can do this by opening up a Run dialog, typing mmc, and clicking the OK button. After the program loads, you should see something similar to Figure.

The Microsoft Management Console
figs/nsh_0301.gif

Click on the Console menu and select the "Add/Remove Snap-in..." menu item. Next you should be presented with a dialog that has an Add button at the bottom. After clicking the Add button, you should see a dialog box with a list of available snap-ins. Scroll through the list and locate the item titled IP Security Policy Management. After you've selected this, the dialog box should look like Figure.

Adding the IP Security Policy Management snap-in
figs/nsh_0302.gif

Now click the Add button. You'll be presented with a dialog asking whether you want the snap-in to manage the local computer or a domain. Determine whether you want to apply the filtering settings to just the local computer or the entire domain, and click the Finish button. Click the Close button in the Add Standalone Snap-in list dialog as shown in Figure. You should now see the IP Security Policies snap-in listed in the Add/Remove Snap-in dialog, as shown in Figure. Click the OK button and you'll be returned to the original Management Console window. You should now see the IP Security Policies snap-in listed in the window.

The Add/Remove Snap-in dialog with the IP Security Policies snap-in loaded
figs/nsh_0303.gif

Before setting up firewall rules, you'll need to create a block action for them to use. To do this, right-click the IP Security Policies icon and select the "Manage IP filter lists and filter actions" item. After the dialog appears, click on the Manage Filter Actions tab. You should now see something similar to Figure.

The Manage Filter Actions tab
figs/nsh_0304.gif

If the Use Add Wizard checkbox is not checked, be sure to check it. Now click the Add button. Click the Next button after the wizard dialog opens. Then type "Block" for name of the new filter action. For the description, type "Blocks Access" or something similarly appropriate. After filling those in, click the Next button. Now click the Block radio button, and then click the Next button once again. After that, click the Finish button. You should now see the new filter action in the list that was shown in Figure. You may now click the Close button.

Now you can set up the firewall rules. Right-click the security policy icon and select the Create IP Security Policy item. This will bring up a wizard. Click the Next button and fill in the Name and Description; a good choice for both of them would be "Firewall". After filling those in, click the Next button. You should now see a checkbox labeled "Activate the default response rule". Uncheck this box and then click the Next button. After that, click the Finish button. You should now see a dialog called Firewall Properties, as shown in Figure.

The Firewall Properties dialog
figs/nsh_0305.gif

To create a new filtering rule, uncheck the Use Add Wizard box and click the Add button. You should now see a dialog box that looks like Figure.

Adding a new rule
figs/nsh_0306.gif

To select the IP addresses to match on, click the Add button in the IP Filter List tab. This will also let you define ports and protocols to match on. After you have selected the IP addresses and ports you want the rule to apply to, click the Filter Action tab and choose your selections from the list of actions.


     Python   SQL   Java   php   Perl 
     game development   web development   internet   *nix   graphics   hardware 
     telecommunications   C++ 
     Flash   Active Directory   Windows