- Firewall Review
- Static Firewall
- Stateful Firewall
- The Internet Connection Firewall
- Enabling & Disabling the ICF
- Services Options
- Adding a Service
- Programs Options
- Security Logging Options
- Setting up Security Logging
- ICMP Options
- Adjusting the ICMP Options
- Understanding the ICMP options
- Issues to clarify before enabling Internet Connection Sharing
- Enabling / Adjusting / Disabling Internet Connection Sharing
- Summary of the ICF
The Internet Connection Firewall
The ICF is a stateful firewall. It keeps track of all connection requests from the Internet. If a computer from inside the network did not recently request data from an external computer attempting to make a connection, the external request will be denied.
If an external computer is making a request to an internal computer running a web server or FTP server, the firewall will ensure that a 'service definition' exists for the request. The service definition includes information such as port, protocol, and IP address of the resources uses by the internal computer (e.g. port 80, TCP for a web server). The ICF has many of the typical service definitions set up by default (e.g. Web Server, FTP Server, etc...). In addition, it allows for other custom service definitions.
The ICF keeps its host computer in stealth mode. By keeping all ports closed until the internal computer needs them, a hacker using a port scanner will think the IP address of the host computer is not in use.