Re: Help for novice with ICF, Router h/w Firewall and McAfee s/w Firewall

From: Duane Arnold (notme_at_notme.com)
Date: 02/24/04


Date: Tue, 24 Feb 2004 05:46:56 GMT

mjss_ivell@msn.com (Mike) wrote in news:9e41aa31.0402231453.4c119f2
@posting.google.com:

> I have XP and a DSL connection for internet. Up until recently I have
> used the standard free issue Alcatel Speedtouch DSL modem via USB for
> a dial up connection with ICF active for protection. However, I'm now
> using a an Ericsson ADSL Router (HN294d) set up for PPPoA (connected
> via an Ethernet card) so that additional PC's in the house can be
> connected to the internet via my broadband service.
>
> If not obvious already I am a pretty dumb user so apologies now for
> stupid questions but ....
>
> 1. What is simple terms is the difference in protection between ICF,
> the hardware firewall of a Router and the software firewall of
> something like McAfee's Firewall 3 package.

The router and ICF are about the same. The both stop unsolicted inbound
traffic to the machine, but they provide no outbound protection.

MaAfee should be providing application control and stopping a program
from accessing the Internet.

> 2. Is my Internet connection (via the Ericsson Router) still
> protected by ICF - it doesn't show in my Connection Settings as a
> Dialup Connection but rather as an Internet Gateway.

If you have gone to the Ethernet NIC's Properties on the Advanced Tab and
enable ICF, then it's enable on the NIC and it's active.

> 3. Does the Router offer better protection than ICF anyway. (I have
> activitated the default "medium" level of protection and activated
> Intrusion Detection again with default settings). Any guidelines on
> why non default settings may be desirable,

Yes the router is better than the ICF in someways, mainly because it's a
stand alone device that sits in front of the machine and the machines
behind it with the O/S and possible FW on them don't have to deal with
the scans/attacks.

> 4. I also have a copy of McAfee Firewall 3 but have not loaded this.
> Is there any point in loading this given the use of ICF and the
> Ericsson Router. What if any additional protection can this provide.

Along with providing the ability to stop an outbound connection by an
application trying to connect to the Internet -- application control, it
provides inbound and possible outbound port control behind the router
too.

Duane :)



Relevant Pages

  • Re: VPN
    ... I have had a second network connection which is now deleted, ... Enable and disable ICF - hasn't worked. ... Stop and disable ICF service and reboot - again nothing. ...
    (microsoft.public.windows.server.setup)
  • Re: ZoneAlarm Pro, Sygate Personal Firewall, or built in xp firewall?
    ... ICF monitors outbound ports to know what inbound ports to block/open. ... blocks unsolicited connection attempts. ... connect to the Internet but would not normally purchase a firewall from the ... baseline intrusion prevention mechanism in Windows XP. ...
    (microsoft.public.windowsxp.security_admin)
  • Re: ICS and ICF
    ... computer and on the cable connection to the internet. ... some sites which respond and get a response with or without ICF. ... >>Small peer to peer network with ICS enabled on a cable modem connection. ... > On which computer and which network connection are you enabling ICS? ...
    (microsoft.public.windowsxp.network_web)
  • Re: Microsoft Network Wizard Spooler Error?
    ... I believe my ICF was disabled, to make sure I did it all ... I started the Wizard, turned on Computer ... I cleared the check box to "1394 Connection 1394 Network ...
    (microsoft.public.windowsxp.network_web)
  • Re: Proposed Internet Connection Firewall change in WinXP SP2
    ... be made available for management for ICF from group policy. ... > Turning on ICF by default on the LAN connection would be disasterous to ... > our customers. ... > workstations only have a single network connection, ...
    (microsoft.public.windowsxp.security_admin)