; Internet_Connection_Firewall
Learning Center
Plans & pricing Sign in
Sign Out
Your Federal Quarterly Tax Payments are due April 15th Get Help Now >>



  • pg 1
									Windows XP Lab: Internet Connection Firewall
Objective In this lab, you will learn how to use the integrated firewall that is now included with the latest releases of Microsoft’s operating systems including Windows XP. You will select the proper settings, which allows a user or administrator to secure the integrity of the operating system from intruders. Equipment The following equipment is required for this exercise: A computer system running Windows XP Scenario The IT department has purchased some new computers with Windows XP installed on them. These new computers are going to be used by people in the finance and accounting departments of the company. It is important that these computers be as secure as possible and that all of the data be protected from intruders. Although proper firewalls, filters, and access-lists have been placed on the corporate network incoming gateways, these computers need to be secure from internal threats and intruders who may reside within the network boundaries. The IT department manager has instructed you to implement Windows XP’s integrated firewall on these computers in order to block them from intruders. Procedures Before beginning this lab you also need to be logged in as the administrator or a member of the administrators group. It is also important to understand that the management tasks you will be covering in this lab do not apply to other computers that are part of the network and these settings affect only the individual computer which these settings are configured on. Step 1 The first step in configuring the Windows XP integrated firewall is to locate and open the Network Connections settings located in the Control Panel. 1. Open the Control Panel. 2. Locate the Network Connections icon in the Control Panel. Once you have located it, double click on it to open the dialog box.

3. At this point you should see one or more Local Area Connection(s) icon. You may need to left click Network Tasks on the left side of the network connection screen to reveal all network tasks. Step 2 In Step 2 you will learn about these various settings and how to open the Internet Connection Firewall settings dialog box. 1. First, left click once on the active Network connection (if there is more than one) to display View status of this connection. 2. On the General tab you can see the various status settings related to the network connection such as status, duration, and speed. You can also disable the network connection by clicking the Disable button; however, do not do this in this lab. 3. Next, click on the Support tab. This will show you useful information about the network connection such as the address type, IP address, subnet mask, and default gateway. Using this information and the information from the previous step will help in determining what sort of firewall settings to select, which will be done in the next section of this lab. Step 3 In this step you will configure the proper Internet Connection Firewall settings for this computer. 1. First, click on the General tab again and then click the Properties button. This will bring up the local area connection properties dialog box where various configurations and settings can be made on the network connection. 2. Next, click on the Advanced tab in the Local Area Connection Properties dialog box. At this point you should see the Internet Connection Firewall settings. But . . . before continuing, go to the Start menu, then Help, and type “firewall” in the Search box. Spend some time exploring what is available. 3. After reading though the material, exit Help and return to the Local Area Connection Properties dialog box. Click the Settings box next to the Protect my computer and network by limiting or preventing access to this computer from the Internet settings. 4. The Windows Firewall dialog box will appear. Turn on the Firewall if not done already. Then click on the Advanced tab. Then click on Settings again under Network Connections, Local Area Connection, settings.

5. There are two tabs on this screen. First, we will configure the Services tab. 6. Click on the Services tab. Select all the boxes that you see. As you select each one, a popup box will appear which will allow you to select the name or IP address of the computer which is hosting these services on the network. If this were an actual production environment instead of a lab, you would need to put the correct computer/hostname of the computer that is hosting these services on the network. Also note the internal and external port number on these popup windows. These are the actual ports numbers that will be closed when you click these boxes. By clicking all these boxes you are essentially closing most of the well-known or popular ports that intruders can use to access the computer. If this computer were acting as a gateway to which other computers used to gain Internet access, closing these ports would also disable the access to the other computers that use this computer as a gateway. 7. Next click on the ICMP tab. ICMP is commonly used for error checking and testing connectivity of remote computers (like the ping command). Sometimes intruders or hackers use ICMP to access or do damage to remote computers. Using this tab, it is possible to disable ICMP events or connections from being received and interpreted by this computer.

8. Highlight each one and a description of what these various ICMP tasks do appears on the bottom of the ICMP tab window. Read these as you move down through them to become more familiar which what each one does. Cancel when done. 9. Click Cancel to return to the Windows Firewall dialog box. Next, click on Security Logging, Settings. This dialog box will allow you to log events such as attempts or connections made to the computer. 10. Click on both the Log dropped packets and Log successful connections boxes to enable security logging. 11. Once you have selected these two, click the OK button to save these settings and close the Advance Settings box. Then click OK twice in the Local Area Connection Properties dialog box to save the settings and close that box. Also click on the Close button on the Local Area Connection Status dialog box to close it. Close the Network Connection window that was opened in the Control Panel. 12. You have now successfully configured the Internet Connection Firewall in Windows XP.

Troubleshooting Sometimes when these settings are configured they actually tighten or shut off too much access and sometimes actually prohibit the user from doing their job or accessing network resources that they otherwise need. In this case it may be necessary to “tweak” these ICF settings to that the user has the proper access they require. For this reason, careful attention should and must be taken whenever configuring any type of firewall or security settings. Reflection 1. What other security tasks would you have to be responsible for implementing in order to help protect a computer besides using the Internet Connection Firewall?

To top