Ensure a Firewall is Running Before Going Online! Connecting to the Internet has many advantages. However, it also exposes your computer to the possibility of intrusion and virus attacks. One of the major downfalls of the Internet is that there are people who dedicate their time to looking for ways to attack other unsuspecting users.
One of the ways that you can protect your computer against Internet attacks is to implement a firewall solution between the Internet and your computer and private network. This is becoming more and more important as people store personal information on their computers such as bank account numbers, credit card data, tax information, and so on. Not implementing a firewall makes this information accessible to attackers.
By implementing a firewall, you can close the door to your local computer and private network so intruders can not get in, but you can still get out.
If you are looking for a fast, easy firewall solution, you can take advantage of the firewall component included with Windows XP. This software-based firewall component is known as the Internet Connection Firewall (ICF). It allows you to secure your local computer and network by preventing unsolicited traffic from the Internet.
A firewall solution can be a challenge to implement, especially for a user with limited experience. ICF provides a simple method of protecting your network and requires little to no configuration. You can use it to secure a single computer with an Internet connection or to secure a small network of computers.
So how does ICF filter incoming traffic? ICF inspects each packet that is destined for the private network. It maintains a table to determine which incoming traffic was initiated on the local network, for example, a user on the private network accessing an FTP server on the Internet. Any incoming traffic resulting from this request would be allowed through the firewall. If an inbound request was not initiated by the local computer or a computer on the private network, it is not allowed through the firewall.
ICF will use the following methods to determine which packets to allow through the firewall and which packets to drop:
- Any incoming packets that match a request that was initiated on the private network are allowed through the firewall.
- Any incoming packets that do not match a request that was initiated on the private network are not allowed to pass through the firewall.
- Those incoming packets that will create a new entry in the table are allowed through the firewall.
There may be cases where you need to make resources on the private network available to users on the Internet. In other words, a certain type of traffic initiated on the Internet is allowed to pass through the firewall. This can be done by creating static rules that allows traffic on a specific port to pass through the firewall. For example, if you have a FTP server on the private network, you can open up port 21.
Keep in mind that ICF can be used to filter incoming traffic. If you want to filter outgoing traffic, you will need to implement a more sophisticated firewall solution.
Service pack 2 for Windows XP introduced a major change in the Windows Firewall. It is now enabled by default. However, if the default settings have been altered, the ICF component of Windows XP can be enabled in a number of different ways. For example, you can enable it using the Network Setup Wizard. ICF can also be enabled manually using the Network Connection applet in the Control Panel.
You can use the following steps to enable ICF:
- Click Start and click Control Panel.
- Within the Control Panel double click the Network Connections applet. This opens the Network Connections folder.
- Select the Internet connection you want to protect and click Change Windows Firewall Settings under the list of Network Tasks. An alternate method is to right click the Internet connection and click Properties.
- Within the Windows Firewall dialog box, verify that the General tab is active.
- Click the On (recommended) option. You may also opt to select the Don’t allow exceptions option. Click OK.
Once ICF is enabled, you can select the Exceptions tab to control the flow of data.
So you have enabled ICF on your Internet connection. You assume now that you are secure from any Internet attacks. You may be interested to find out that holes still exist in your configuration that may be leaving your computer and network open to possible attacks. After ICF is enabled you can test the integrity of your configuration to determine if any weaknesses still exist. Doing so is not difficult as many Web sites will put your computer’s defense system to the test. For free too! There are several trusted web sites you can visit that will offer free tools that will scan your computer to detect any existing security weaknesses. For example, grc.com has various tools that can be used to scan your computer or the Symantec Security Check available from the Symantec Web site. In any case, once you have your firewall enabled, don’t assume you are safe and clear from Internet attacks. You may be surprised to see the results of a security check and all the holes that may still exist.