First, we need to search the Internet for Skynet Firewall
Of course, the editor here is just for demonstration, just download the official version directly, you can download the cracked version.
we open and install it
Here, the editor will add that because the firewall is relatively old, even win7 has not come out at that time, although win7 can be used as mentioned at the beginning, but the editor personally tested, there will be compatibility problems
That's GG, so the editor is ruthless, and downloads another xp image from the Internet to use it. Remember, you need to restart after the installation to take effect.
So just install it on xp, and finally install it
Then we open the Skynet firewall and configure it as required
Define application rules
Here is an example of IE browser, when it starts to open, it will pop up a prompt
We check this program and follow this operation in the future, and then click Allow, and then open the IE browser and no prompt will appear.
There are two options after each software rule. The option is advanced configuration. Delete is to delete the defined rule. By default, every time you open the firewall, you will be prompted whether to open it.
We click on options for advanced configuration
Mainly for some restrictions on tcp and udp, we can check the required restrictions according to the needs. The right side is the port restriction, which can be all ports, port ranges, and specified ports. The following is what measures will be taken if the conditions are not met, ask or reject .
The second task bar is to define ip rules
Xiaobian here takes the ping command as an example
Check the Allow yourself ping command to detect other machines, and then we test
The premise is that the real machine and the virtual machine are in the same network segment. For simplicity, and the virtual machine can also access the Internet, it is directly in the virtual machine options - network adapter - select bridge, and then confirm
Then we check the ip address of the virtual machine xp and execute the command ipconfig
Let's go back to the real machine and look at the ip address
In a network segment, you also need to pay attention to turn off the real machine firewall
We pinged the real machine and found that the ping was successful
Then we deny ping other machines in the ip rule (don't forget to save)
We ping the real machine and find that the request timed out
Then we allow ping other machines and change the defense against icmp attacks
Then we ping the real machine again and found that the ping still fails. That is because we often use the Ping command to check the network connection. This "Ping" process is actually the process of the ICMP protocol.
Then we restrict ftp
We can create new ip rules, or we can use the tcp rules that come with the software, which are created directly here. One principle is to block or allow tcp protocol packets.
Then we choose the port, because the tcp protocol has two ports, so we set the port range to 20 to 21
Tcp flag check on syn and ack
Here you need to understand how tcp works:
SYN (synchronous) is a handshake signal used by TCP/IP to establish a connection. When a normal TCP network connection is established between the client and the server, the client first sends a SYN message, the server responds with SYN+ACK to indicate that it has received the message, and finally the client responds with an ACK message. In this way, a reliable TCP connection can be established between the client and the server, and data can be transmitted between the client and the server.
Once selected, our ftp server cannot establish a connection because we block the tcp protocol
Then we check the network usage, we can monitor and detect the network status
Here is the IE browser as an example, we open the IE browser
Here you can see that IE browser is running
We click on the IE browser, and then click on the red cross, a dialog box will appear, asking whether to end the process, we click OK, and find that the IE browser is forcibly closed, which feels a bit like a task manager
Another is logging, that is, any operations performed on the machine will be recorded in the log.
Well, I will introduce the Skynet firewall here first, mainly to explain the working principle of the firewall. At present, there are many firewalls with more complete functions. You can also choose according to your needs, but for personal computers, they come with their own The firewall and the firewall installed with some anti-virus software are enough.