Tường lửa: các câu hỏi thường gặp


A firewall is software or hardware that checks information coming from the Internet or a network, and then either blocks it or allows it to pass through to your computer, depending on your firewall settings. Even if you think there's nothing on your computer that would interest anyone, a worm could completely disable your computer, or someone could use your computer to help spread worms or viruses to other computers without your knowledge.

Here are answers to some common questions about firewalls.

Hiển thị tất cả

What does "allowing a program to communicate through the firewall" mean?

Allowing a program to communicate through the firewall, sometimes called unblocking, is when you allow a particular program to send information through the firewall. You can also allow a program to communicate through the firewall by opening one or more ports. For more information, see Allow a program to communicate through Windows Firewall.

How can I be sure that Windows Firewall is on?

Windows Firewall is on by default in this version of Windows. To make sure it hasn't been turned off, follow these steps:

  1. Open Windows Firewall by clicking the Start button Picture of the Start button, and then clicking Control Panel. In the search box, type firewall, and then click Windows Firewall.

  2. In the left pane, click Turn Windows Firewall on or off. Administrator permission required If you're prompted for an administrator password or confirmation, type the password or provide confirmation.

  3. Below each network location type, click Turn on Windows Firewall, and then click OK. We recommend that you turn on the firewall for all network location types.

What are the recommended settings for Windows Firewall?

We recommend the default firewall settings:

  • The firewall is on.

  • The firewall is on for all network locations (Home or work, Public, or Domain).

  • The firewall is on for all network connections.

  • The firewall is blocking all inbound connections except those that you specifically allowed.

What are some of the things that a firewall can't prevent?

  • Email viruses

    Email viruses are attached to email messages. A firewall can't determine the contents of email messages, so it can't protect you from these types of viruses. You should use an antivirus program to scan and delete suspicious attachments from an email message before you open it. Even when you have an antivirus program, you should not open an email attachment if you're not positive it's safe.

  • Phishing scams

    Phishing is a technique used to trick computer users into revealing personal or financial information, such as a bank account password. A common online phishing scam starts with an email message that appears to come from a trusted source, but actually directs recipients to provide information to a fraudulent website. Firewalls can't determine the contents of email messages, so they can't protect you from this type of attack.

If I have a router with a built-in firewall, should I also turn on Windows Firewall?

Yes, because router-based firewalls only provide protection from computers on the Internet, not from computers on your home network. For example, if a mobile computer or guest computer connects to some other network, becomes infected with a computer worm, and then connects to your home network, your router-based firewall won't be able to prevent the spread of the worm. However, a firewall running on each computer on your network can help control the spread of worms.

However, running more than one firewall program on your computer at the same time could cause conflicts. It's best to just use one firewall program, in addition to a router-based firewall.

What else besides a firewall do I need to help protect my computer?

You should do two things:

  • Turn on Windows automatic updating and make sure that updates are automatically installed on your computer. For more information, see Change how Windows installs or notifies you about updates.

  • Use Microsoft Security Essentials or another antivirus and antimalware program, and keep it up to date by regularly downloading updates from the program manufacturer's website. Many of these programs update automatically. They can help protect your computer from spyware and malicious software.

How do I allow other computers to communicate with my computer through Windows Firewall?

If you’re having trouble allowing other computers to communicate with your computer through Windows Firewall, you can try using the Incoming Connections troubleshooter to automatically find and fix some common problems.

Open the Incoming Connections troubleshooter by clicking the Start button Picture of the Start button, and then clicking Control Panel. In the search box, type troubleshooter, and then click Troubleshooting. Click View all, and then click Incoming Connections.

For information about advanced firewall troubleshooting, see Windows Firewall with Advanced Security Troubleshooting Guide: Diagnostics and Tools and Troubleshooting Windows Firewall settings in Windows XP Service Pack 2 for advanced users.