云南龙网

  1. 首页 > 云知道 > >

Don’t Let the Defense Rest: Securing Home Networks with Windows XP( 二 )

云知道


Windows Messenger version 4.0, which ships with Windows XP, as well as the updated Windows Messenger 4.7that is now available, also include the ability to transfer files. However, by default, ICF blocks file transfer and you will need to manually configure the appropriate ports to open. Here"s how it"s accomplished:
1.
Click Settingson the Advancedtab of the Properties dialog box for your Internet connection, then click Add .
2.
In the Service Settingswindow, type a description of the service.
3.
Type the IP address or the computer name.
4.
For Windows Messenger file transfer capabilities, the External and Internal Ports are the same and both are TCP. Use 6891 for both. If you wish to enable simultaneous transfer of up to 10 files, after clicking OK, set up additional ports in the same manner, numbering sequentially through 6900. You"ll need 10 service entries total.
Additionally, you will have open Port 6901 for both TCP and UDP to receive incoming computer to computer voice calls and UDP Ports 6801, 6901, 2001–2120 for computer to phone voice calls.
As shown in the image above, I"ve enabled a single port only for a single file transfer only. The process to open ports to add other services is the same. Settings needed for some of the other more popular programs appear in the table below:
Program TCP ports UDP ports Incoming Voice (computer to computer)
6901
6901
Voice (computer to phone)
6801, 6901, 2001–2120
AOL Instant Messenger
443, 563
Crimson Skies
28805, 28801, 3040, 1121
Decent 3
1900
1900, 2092
Diablo II
4000
6112
Need for Speed
9442
6112
Napster
6699
6699
NetMeeting
1731, 1720, 1503, 522, 389
Rainbow Six
2346, 2347, 2348
Top of pageSecurity Logging and Trouble ShootingIf you want to examine incoming connection attempts, you can turn on logging from the ICF Advanced Settingstab as well as specify the size of a log file. If you"re experiencing connectivity issues and need to trouble shoot your connection, the ICMPtab provides some configuration options for this purpose.
Top of pageSome Special CircumstancesVPN Usage : If you"re a VPN user and connect to a remote Office, you should not use ICF. Turn it off before you start your VPN session.
File and Print Sharing : Some broadband providers offer connectivity for more than a single computer and supply multiple public routable IPs. In this case, computers are connected to a hub or switch (rather than a router or NAT box) that connects to a cable or DSL modem. Since ICF disables file and print sharing using TCP/IP, you may need an alternative method of sharing files among your own computers. You can install an additional network transport protocol such as IPX/SPX that will enable you to transfer files between your computers. To install IPX/SPX, from the Connection Properties dialog box, select Install , then select Protocol , Addand then NWLink IPX/SPX/NetBIOS Compatible Transport Protocol .
Outgoing Windows Messenger Calls Behind ICF:If you are using Windows XP Professional, ensure you are using an account with administrative privileges; otherwise outbound calls will not work. (Users of Windows XP Home Edition are assigned the proper administrative privileges by default.)
Top of pageWho Does Not Need to Enable Internet Connection Firewall?If a computer is a clientcomputer to an ICS (Internet Connection Sharing) host, do notenable ICF, but be sure you doenable it on the host computer. If a computer is behind a NAT box or router, don"t enable ICF, because the inherent properties of NAT will protect you. If you"re in an enterprise/corporate environment, don"t enable ICF while logged into a domain at work because your IT staff will have proper commercial firewalls in place on the network. In most cases, user policies will prevent you from enabling ICF if you are logged into a domain. If you"ve logged on at home using cached credentials and enabled ICF, user policies will probably prevent you from using ICF at work, but you will be able to use it at home while not protected by the corporate firewall.

推荐阅读


上一篇:一加8t广角怎么开

下一篇:什么是春亚纺复合针织布加工