1-12 Chapter 1 Introduction to Windows XP Professional
cifically configure the firewall to allow through. Any computer connected directly to
any network—whether it is a stand-alone computer, a computer that provides Internet
Connection Sharing (ICS) services for other computers on a network, or even a com-
puter that is already on a network protected by perimeter firewalls—should have a fire-
wall enabled.
Previous versions of Windows XP include a software-based firewall named Internet
Connection Firewall (ICF). After installing Windows XP Service Pack 2, this firewall is
replaced by Windows Firewall. Windows Firewall is a stateful, host-based firewall that
drops all incoming traffic that does not meet one of the following conditions:
■ Solicited traffic (valid traffic that is sent in response to a request by the computer)
is allowed through the firewall.
■ Excepted traffic (valid traffic that you have specifically configured the firewall to
accept) is allowed through the firewall.
In addition to its new name, Windows Firewall also boasts a number of enhancements,
including the following:
Enabled by default Windows Firewall is now enabled by default on all network
connections. This includes LAN (wired and wireless), dial-up, and virtual private
network (VPN) connections that exist when Windows XP Service Pack 2 is
installed. When a new connection is created, Windows Firewall is also enabled by
default.
Global settings In Windows XP (prior to installing Windows XP Service Pack 2), ICF
settings must be configured individually for each connection. After installing Win-
dows XP Service Pack 2, Windows Firewall provides an interface for configuring
global settings that apply to all the connections of the computer. When you
change a global Windows Firewall setting, the change is applied to all the connec-
tions on which Windows Firewall is enabled. Of course, you can still apply con-
figurations to individual connections as well.
New interface In previous versions, ICF is enabled by selecting a single check box
on the Advanced tab of the Properties dialog box for a connection. A Settings but-
ton opens a separate dialog box, in which you can configure services, logging,
and Internet Control Message Protocol (ICMP) allowances. In Windows XP Service
Pack 2, the check box on the Advanced tab has been replaced with a Settings but-
ton that launches the new Windows Firewall Control Panel applet, which consol-
idates global and connection-specific settings, service, and ICMP allowances and
log settings in a single updated interface.
Prevent excepted traffic In previous versions, ICF is either enabled or disabled.
When enabled, solicited traffic and excepted traffic are allowed. When disabled,
all traffic is allowed. In Windows XP Service Pack 2, Windows Firewall supports a
Bạn đang xem 1- - MICROSOFT WINDOWS XP PROFESSIONAL EXAM 70 270 PHẦN 1 PPSX