- Firewall Review
- Static Firewall
- Stateful Firewall
- The Internet Connection Firewall
- Enabling & Disabling the ICF
- Services Options
- Adding a Service
- Programs Options
- Security Logging Options
- Setting up Security Logging
- ICMP Options
- Adjusting the ICMP Options
- Understanding the ICMP options
- Issues to clarify before enabling Internet Connection Sharing
- Enabling / Adjusting / Disabling Internet Connection Sharing
- Summary of the ICF
Overview of ICMP
The Internet Control Message Protocol is one of the most common protocols used on the Internet. It is used for troubleshooting Internet connections, maintaining control, and gaining information about other computers. Defined in RFC 792, ICMP is the protocol used when computers and routers need to inform and control other routers and hosts on the Internet. Although a user or program usually generates the ICMP message, the response side is automated.
For example, the most popular usage of the ICMP protocol can be found in the program called PING. The Packet Internet Groper (PING) program is a very popular utility that is most commonly used to determine whether or not an IP address is in use or is available on the Internet and in local networks. Although many ISPs are restricting the use of the ICMP, and therefore PING, this program is still used by network technicians, hobbyists, Internet based programs, and others who need to determine the status of others on the Internet. However, this group also includes hackers and other on-line criminals.
Hackers often use the ICMP protocol to determine whether or not targets are online and are even finding ways to abuse the protocol to crash computer systems. To prevent this from happening to home users, Microsoft has included an ICMP filter as part of the ICF. While a user can enable selected options of the ICMP filter, once the ICF is enabled all connection attempts using the ICMP will be dropped. If Security Logging is in use, the packets will be logged and flagged as dropped.