| Windows
XP's Internet Connection Firewall (ICF) protects your network against
undesired incoming traffic from the Internet -- everything from casual
port scans by bored teenagers to serious break-in attempts by determined
hackers. ICF creates a protective barrier between your network and the
Internet, only passing through traffic that you've requested.
You
can enable or disable ICF separately on each dial-up, LAN, or high-speed
Internet connection in the Network Connections folder. That's good,
because there are some connections that can benefit from ICF, and some
that must not use it.
Here
are some points to ponder when deciding whether to use ICF on your network
connections.
WARNING
#1: As its name implies, the Internet Connection Firewall is for
use ONLY on a direct connection to the Internet, such as a dial-up,
DSL, or cable modem. If your computer gets its Internet connection through
a software router (like Internet Connection Sharing) or a hardware router,
you don't have a direct connection and must not enable ICF.
WARNING
#2: If the Internet Connection Firewall is enabled on a local area
network connection with other computers, it will block File and Printer
Sharing. This is probably the most common problem in Windows XP networking.
WARNING
#3: ICF is only effective against undesired incoming traffic from the
Internet. It can't stop undesired outgoing traffic from spyware, Trojan
horse programs, or other hacker tools. If you want outgoing protection,
use a firewall that offers that capability, and disable ICF on all connections.
WARNING
#4: To enable or disable ICF, you must be logged on as a user that
is a member of the Administrators group.
Enabling
and Disabling the Internet Connection Firewall
To enable
ICF on an Internet connection, open the Network Connections folder,
right click the desired connection, and click Properties.
The
Properties sheet shows the network components associated with the connection.
Click
the Advanced tab, then check Protect my computer and network
by limiting or preventing access to this computer from the Internet.
If
the firewall is enabled and you want to disable it, un-check the same box.
Windows
XP asks you to confirm your decision to disable the firewall. Click Yes
to disable it.
Internet
Connection Firewall Security Log
By default,
ICF silently discards all undesired incoming traffic. To see a record of
its activity, you can enable security logging.
Open
the Advanced tab of the network connection's properties and click
Settings.
Click
Security
Logging to bring up the logging options.
To
see messages about discarded traffic, check Log dropped packets.
On a cable modem connection, it's common to see several dozen of these
messages every day.
To
see messages about permitted traffic, check Log successful connections.
Selecting this option can cause the log file to grow very large very quickly.
To limit its size, enter a number in the Size limit box.
By
default, the security log is written to file pfirewall.log in the
Windows folder. To change the file name, enter a new name in the Name
box, or click the Browse button and browse to the new file.
For
information on how to read and interpret the security log, click Learn
more about Internet Connection Firewall on the Advanced tab.
|
