Windows Firewall for Internet Connection

Wednesday, June 22, 2005

Windows XP comes with a firewall known as the Internet Connection Firewall or ICF. ICF provides only inbound protection-unlike a full-fledged firewall, it only monitors incoming data. To turn on ICF, go to the Control panel and select Network Connections. Right-click on the displayed connection, and click on Properties. Under the Advanced tab, you can enable ICF. While the default settings may work fine, you may want to tweak the settings. Click on the Settings button to access all the ICF features and settings. You can fine tune the network services under the Services tab, set logging details under Security Logging, and details about ICMP under the ICMP (Internet Control Message Protocol) tab.

Firewall for internet


Do you need it?
Keep in mind that ICF is for use only with a direct connection to the Internet, such as a dial-up or cable modem connection. This means that computers connected to the Internet through a LAN, or Internet Connection Sharing (ICS), or a hardware router doesn't need an ICF. Moreover, you may tend to have some trouble with networking other computers on a LAN, as File and Printer Sharing services are blocked. It would make sense to disable the ICF, if you intend to use File and Printer Sharing services that would be essential in a LAN environment. To disable the ICF, go to the Control Panel, and select the Network Connections. Open this and right-click on the desired connection, click on Properties and under the Advanced tab, disable ICF.

- Dinesh Finally completed this scribble at 12:31 PM  

1 people thought of commenting on this:

Worms like MSBlast and Sasser are there to prove its a bad idea to turn off a firewall even when connected through a LAN. At IIT (here) many computers have one of these worms on LAN and unless you have sp2 installed you're sure to get it, if you've got no firewall
I use the default firewall that comes with Windows XP sp2, which is sufficiently safe and allows file/printer sharing if set right. I'm not sure if it monitors outgoing traffic, but I never needed to know if it did. However, if you need more control and the ability to set special rules etc. a professional firewall like the one from Sygate or Zone labs is recommended.

AP said...
Sunday, 24 July, 2005  

Post a Comment