- Firewall Review
- Static Firewall
- Stateful Firewall
- The Internet Connection Firewall
- Enabling & Disabling the ICF
- Services Options
- Adding a Service
- Programs Options
- Security Logging Options
- Setting up Security Logging
- ICMP Options
- Adjusting the ICMP Options
- Understanding the ICMP options
- Issues to clarify before enabling Internet Connection Sharing
- Enabling / Adjusting / Disabling Internet Connection Sharing
- Summary of the ICF
Security Logging Options
Proper logging is one of the most important elements of a secure server. With proper logging, tracking and repairing the outcome of hack attempt and even a successful break-in can be as simple as viewing a log file and replacing the altered files. Without logging, the only way to verify that a server is secure is to reformat and reinstall the operating system and all programs running on the server.
Microsoft knows the importance of proper logging since they are one of the most frequently attacked companies on the Internet. Although disabled by default, the ICF has the ability to log all successful incoming connection requests, as well as those that are dropped. Used in combination with a properly configured server, a user can have a complete picture of activity on her computer. As a security rule of thumb, you should always enable logging. No other source of information can more clearly portrait the actions of a hacker in the chance a computer is compromised.
There are two main subjects that need to be clearly understood in order to use the Security Logging feature of the ICF:
Setting and using Security Logging
Reading the results of Security Logging
The following segment will discuss each of these subjects and their importance to maintaining a secure computer system.