当您将 PC 连接到 Internet 时,应用程序会通过网络连接发送和接收信息。通常,您无需担心这种数据交换,因为某些应用程序和系统功能需要它才能正常工作。但是,在公共或不安全的网络上,您需要格外小心。
在公共网络(例如酒店、机场和餐馆的 Wi-Fi)上保持安全的一种方法是阻止设备上的传入连接。这将阻止黑客和网络上的其他恶意工具访问您的计算机。
相反,阻止传出连接有助于防止您的应用连接到不安全的互联网网络。这是阻止可疑应用程序/恶意软件下载其他恶意软件或与其服务器通信的有效方法。
(Block Incoming Connection)在Windows 10上(Windows 10)阻止传入连接
您可以通过调整 Windows 10 防火墙设置(tweaking the Windows 10 Firewall settings)来限制传入连接。以下是如何完成它。
1.在Windows 搜索(Windows Search)栏中键入控制面板,然后在结果中选择(control panel)控制面板(Control Panel)。
2. 选择Windows Defender 防火墙(Windows Defender Firewall)。
注意:(Note:)如果您在 PC 的控制面板(Control Panel)上没有找到Windows Defender 防火墙(Windows Defender Firewall)选项,请将右上角的查看方式(View by)选项设置为大图标或小图标,然后再次检查。
在Windows Defender 防火墙(Windows Defender Firewall)菜单上,您应该会看到您的连接配置文件:私有(Private )或Public/Guest networks。
3. 选择左侧边栏的更改通知设置。(Change notification settings)
4. 在“公共网络设置”部分,选中“阻止(Block)所有传入连接,包括允许的应用程序列表中的连接”框。选择确定(OK)以保存更改。
如果您不完全信任您的专用网络的安全性,您还可以在“专用网络设置”部分阻止此类网络的传入连接。
专业提示:(Pro Tip:)要更改Wi-Fi或以太网(Ethernet)连接的配置文件,请转到设置(Settings)>网络和 Internet(Network & Internet) > Wi-Fi或以太网(Ethernet)。选择网络名称并在“网络配置文件(Network profile)”部分指定它是专用网络还是公共网络。
(Block Outgoing Connections)在Windows 10上(Windows 10)阻止传出连接
有两种方法可以在Windows 10上停止传出连接。在下面查看它们。
方法 1:阻止所有应用程序的传出连接(Method 1: Block Outgoing Connections for All Apps)
您可以通过修改Windows 防火墙(Windows Firewall)高级安全设置轻松限制所有应用程序的传出连接。在Windows Defender 防火墙(Windows Defender Firewall)菜单中,选择左侧边栏中的高级设置。(Advanced settings)
右键单击“本地计算机上具有高级安全性的(Advanced Security)Windows Defender 防火墙”,然后选择“(Windows Defender Firewall)属性(Properties)” 。
如果您已连接到公共网络,请转到“公共配置文件(Public Profile)”选项卡,如果要阻止专用网络的传出连接,请转到“私人配置文件”选项卡。(Private Profile)对于加入域(computers joined to a domain)的计算机,域配置文件(Domain Profile)选项卡是阻止传出连接的地方。
单击(Click)出站(Outbound)连接下拉选项并选择阻止(Block)。选择应用(Apply),然后选择确定(OK)以保存更改。
方法 2:阻止特定程序的传出连接(Method 2: Block Outgoing Connections for a Specific Program)
假设(Say)您只想阻止 Web 浏览器的传出连接,Windows可让您有效地做到这一点。这也可以用作家长控制工具(parental control tool),以防止您的孩子访问互联网。
在防火墙高级安全(Firewall Advanced Security)菜单中,选择并右键单击出站规则(Outbound Rules)。在上下文菜单上选择新规则(New Rule)以继续。
选择程序(Program)并选择下一步(Next)。
选择浏览(Browse)以选择应用程序。
转到本地磁盘 (C:)(Local Disk (C:)) >程序文件 (x86)(Program Files (x86))以查找 PC 上安装的应用程序。使用搜索框查找不在Program Files 文件(Program Files)夹中的应用程序。选择应用程序的可执行文件 ( .exe ) 并选择打开(Open)。
选择下一步(Next)继续。然后,选择阻止连接(Block the connection)并单击下一步(Next)。
指定您希望 Windows 阻止应用的传出连接的网络配置文件。选择下一步(Next)继续。
为出站规则命名或描述,然后选择完成(Finish)。
要取消阻止应用程序的传出连接,请双击防火墙高级安全(Firewall Advanced Security)菜单中的出站规则。选择允许连接(Allow the connection),然后选择应用(Apply)和确定(OK)。
或者,您可以右键单击规则并选择Delete或Disable Rule。这些选项还将授予应用程序访问权限以启动传出连接。
在 Mac 上阻止传入连接
在Mac(Mac)上限制传入连接也很简单。阅读以下步骤。
1. 转到系统偏好设置(System Preferences)>安全和隐私(Security & Privacy)。
2. 在防火墙(Firewall)选项卡中,选择左下角的锁定图标。
输入 Mac 的密码或使用触控 ID 访问安全首选项菜单。
3. 选择防火墙选项(Firewall Options)继续。
4. 要阻止所有应用程序和服务的系统范围(传入)连接,请选中阻止所有传入连接(Block all incoming connections)框并选择确定(OK)。
当您阻止所有传入连接时,您的 Mac 对其他设备和网络仍然可见。(Mac)但是,任何设备或个人都无法与您的Mac(Mac)建立连接。
请注意,这也会导致文件共享服务(例如AirDrop)和远程访问工具(remote access tools)(例如屏幕(Screen)共享)暂时不可用。
5. 要仅阻止内置软件的传入连接,请取消选中自动允许内置软件接收传入连接(Automatically allow built-in software to receive incoming connections)。
6. 如果您希望阻止特定应用程序或服务的传入连接,请单击plus (+) icon。
7. 选择应用程序并选择添加(Add)。
专业提示:(Pro Tip:)要选择多个应用程序,请按住Command并单击应用程序。
8. 单击应用程序旁边的向上和向下箭头,然后选择阻止传入连接(Block incoming connections)。
在 Mac 上阻止传出连接
macOS 缺少本地工具或内置方法来阻止传出连接。有一种解决方法涉及阻止网站的 IP 地址或域名,但这并不简单。同样(Likewise),该方法只能用于阻止与网站的传出连接,而不是应用程序。请按照以下步骤进行尝试。
1. 启动 Finder 窗口,转到应用程序(Applications)>实用程序(Utilities)并打开终端(Terminal)应用程序。
2. 将以下命令粘贴到终端(Terminal)控制台中,然后按Return。
sudo cp /private/etc/hosts ~/Documents/hosts-backup
此命令将在 Documents 文件夹( Finder(Finder) > Documents)中创建 Mac 的 Hosts 文件的备份。Hosts文件是 macOS 用来将域名与其各自的 IP 地址进行匹配的重要系统文件。
3. 输入您的 Mac 密码并按下Return键。
4. 将下一个命令粘贴到终端(Terminal)中,然后按Return。
sudo nano /private/etc/hosts
这将授予您修改Hosts(Hosts)文件的管理权限。输入 Mac 的密码,然后按Return继续。
5. 键入127.0.0.1,按键盘上的Tab按钮,然后输入要阻止的网站的 URL 。(URL of the website)例如,如果您想屏蔽YouTube,请输入127.0.0.1,按Tab,然后输入www.youtube.com。
6. 按Control + O并按键盘上的Return 。
7. 然后,按Control + X。
8. 最后,输入或粘贴dscacheutil -flushcache并按下Return键。
启动您的浏览器并访问您阻止的网站。您的浏览器应该会显示一条错误消息,说明它无法连接到网站的服务器。
在 Mac 上取消阻止传出连接
您无法通过输入某些终端(Terminal)代码或命令来取消阻止应用程序的传出连接。您需要恢复在阻止应用程序连接时创建的备份主机文件。请按照以下步骤完成。
1. 前往Finder > Documents,双击hosts-backup文件,并复制其内容。
2. 在 Mac 桌面上,选择菜单栏上的前往,然后选择(Go)前往文件夹(Go to Folder)。
3. 在对话框中粘贴下面的路径,然后选择Go。
/private/etc/hosts
4. 将hosts文件拖到桌面。
5、双击桌面上的文件,删除其内容,替换为hosts-backup文件的内容(上面的步骤1)。
关闭TextEditor窗口并将主机文件拖回/private/etc/文件夹。
6.在屏幕上出现的提示中选择替换。(Replace)您可能还需要输入 Mac 的密码或通过Touch ID进行身份验证。
在您的浏览器上访问该网站并确认它不再被阻止。
使用第三方应用
在 macOS 上管理传出连接非常累人。有趣的是,有第三方应用程序,如Little Snitch和Radio Silence,可以简化任务。这些应用程序不是免费的,但它们提供了丰富的试用模式,让您可以在特定时期内免费使用它们。Little Snitch(48.99 美元起)有一个演示模式,每次会话限制为 3 小时,而Radio Silence(9 美元)提供 30 天免费试用。
我们测试了这两个应用程序,它们完美地阻止了传出连接。Radio Silence是具有成本效益的选项,但Little Snitch功能丰富,并具有高级功能,如静音模式、警报模式、网络地图等。
How to Block Remote Connections to a Windows or Mac Computer
When you connect your PC to the internet, applications send and receive informatіon through the network connection. Typically, you should have nоthing to worry about this data exchange as it’s required for somе apps and system functionalities to work сorrectly. On pυblic or unseсured networks, howеver, you need to exercise extra caution.
One way to stay safe on public networks (e.g. Wi-Fi at hotels, airports, and restaurants) is to block incoming connections on your device. That’ll keep out hackers and other malicious tools on the network from gaining access to your computer.
Conversely, blocking outgoing connections can help prevent your apps from connecting to an unsafe internet network. It’s an effective way to stop a suspicious app/malware from downloading additional malware or communicating with its server.
Block Incoming Connection on Windows 10
You can restrict incoming connections by tweaking the Windows 10 Firewall settings. Here’s how to get it done.
1. Type control panel in the Windows Search bar and select Control Panel on the result.
2. Select Windows Defender Firewall.
Note: If you don’t find the Windows Defender Firewall option on your PC’s Control Panel, set the View by option at the top-right corner to either Large icons or Small icons and check again.
On the Windows Defender Firewall menu, you should see your connection profile: Private or Public/Guest networks.
3. Select Change notification settings on the left sidebar.
4. In the “Public network settings” section, check the box that reads “Block all incoming connections, including those in the list of allowed applications.” Select OK to save the changes.
If you don’t fully trust the safety of your private network(s), you can also block incoming connections for such networks in the “Private network settings” section.
Pro Tip: To change the profile of Wi-Fi or Ethernet connection, go to Settings > Network & Internet > Wi-Fi or Ethernet. Select the network name and specify if it’s a private or public network in the Network profile section.
Block Outgoing Connections on Windows 10
There are two ways to stop outgoing connections on Windows 10. Check them out below.
Method 1: Block Outgoing Connections for All Apps
You can easily restrict outgoing connections for all apps by modifying the Windows Firewall advanced security settings. In the Windows Defender Firewall menu, select Advanced settings on the left sidebar.
Right-click “Windows Defender Firewall with Advanced Security on Local Computer” and select Properties.
Go to the Public Profile tab if you’re connected to a public network, or the Private Profile tab if you want to block outgoing connections for a private network. For computers joined to a domain, the Domain Profile tab is the place to block outgoing connections.
Click the Outbound connections drop-down option and select Block. Select Apply and then OK to save the changes.
Method 2: Block Outgoing Connections for a Specific Program
Say you want to block outgoing connections for your web browser only, Windows lets you do that efficiently. This can also serve as a parental control tool to prevent your kids from accessing the internet.
In the Firewall Advanced Security menu, select and right-click Outbound Rules. Select New Rule on the context menu to proceed.
Select Program and select Next.
Select Browse to choose the application.
Go to Local Disk (C:) > Program Files (x86) to find applications installed on your PC. Use the search box to locate an app that isn’t in the Program Files folder. Select the application’s executable file (.exe) and select Open.
Select Next to proceed. Afterward, select Block the connection and click Next.
Specify the network profile(s) for which you want Windows to block the app’s outgoing connection. Select Next to proceed.
Give the outbound rule a name or a description and select Finish.
To unblock outgoing connections for the app, double-click on the outbound rule in the Firewall Advanced Security menu. Select Allow the connection, then select Apply and OK.
Alternatively, you could right-click on the rule and select Delete or Disable Rule. These options will also grant the app access to initiate outgoing connections.
Block Incoming Connections on Mac
Restricting incoming connections on Mac is also straightforward. Read the steps below.
1. Go to System Preferences > Security & Privacy.
2. In the Firewall tab, select the lock icon at the bottom-left corner.
Enter your Mac’s password or use Touch ID to access the security preferences menu.
3. Select Firewall Options to proceed.
4. To block system-wide (incoming) connections for all apps and services, check the Block all incoming connections box and select OK.
Your Mac will remain visible to other devices and networks when you block all incoming connections. However, no device or individual can establish a connection with your Mac.
Note that this will also render file-sharing services (e.g. AirDrop) and remote access tools (e.g. Screen Sharing) temporarily unavailable.
5. To block incoming connections for built-in software only, uncheck the Automatically allow built-in software to receive incoming connections.
6. If you wish to block incoming connections for a specific app or service, click the plus (+) icon.
7. Select the app(s) and select Add.
Pro Tip: To select multiple apps, hold Command and click the apps.
8. Click the up and down arrows next to the app(s) and select Block incoming connections.
Block Outgoing Connections on Mac
macOS lacks a native tool or built-in method to block outgoing connections. There’s a workaround that involves blocking a website’s IP address or domain name, but it isn’t straightforward. Likewise, the method can only be used to block outgoing connections to websites, not applications. Follow the steps below to try it out.
1. Launch a Finder window, go to Applications > Utilities and open the Terminal app.
2. Paste the command below in the Terminal console and press Return.
sudo cp /private/etc/hosts ~/Documents/hosts-backup
This command will create a backup of your Mac’s Hosts file in the Documents folder (Finder > Documents). The Hosts file is an important system file used by macOS to match domain names with their respective IP addresses.
3. Enter your Mac’s password and press Return.
4. Paste this next command in Terminal and press Return.
sudo nano /private/etc/hosts
This grants you administrative permission to modify the Hosts file. Enter your Mac’s password and press Return to proceed.
5. Type 127.0.0.1, press the Tab button on your keyboard, and enter the URL of the website you want to block. If you want to block YouTube, for example, type 127.0.0.1, press Tab, and type www.youtube.com.
6. Press Control + O and press Return on your keyboard.
7. Afterward, press Control + X.
8. Finally, type or paste dscacheutil -flushcache and press Return.
Launch your browser and visit the website you blocked. Your browser should display an error message saying it cannot connect to the website’s server.
Unblock Outgoing Connections on Mac
You can’t unblock an app’s outgoing connection by entering some Terminal codes or commands. You’ll need to restore the backup Hosts file you created while blocking the app’s connection. Follow the steps below to get it done.
1. Go to Finder > Documents, double-click the hosts-backup file, and copy its content.
2. On your Mac’s desktop, select Go on the menu bar and select Go to Folder.
3. Paste the path below in the dialog box and select Go.
/private/etc/hosts
4. Drag the hosts file to the desktop.
5. Double-click the file on the desktop, delete its content, and replace it with the content of the hosts-backup file (in Step 1 above).
Close the TextEditor window and drag the host file back to the /private/etc/ folder.
6. Select Replace on the prompt that comes up on the screen. You may also need to enter your Mac’s password or authenticate via Touch ID.
Visit the website on your browser and verify that it’s no longer blocked.
Use Third-Party Apps
Managing outgoing connections on macOS is quite exhausting. Interestingly, there are third-party apps like Little Snitch and Radio Silence that simplify the task. These apps aren’t free, but they offer generous trial modes that let you use them without payment for a specific period. Little Snitch (from $ 48.99) has a demo mode with a 3-hour limitation per session while Radio Silence ($9) offers a 30-day free trial.
We tested both apps and they blocked outgoing connections perfectly. Radio Silence is the cost-effective option but Little Snitch is feature-packed and sports advanced features like silent mode, alert mode, network map, and more.
