Tats
December 6th 03, 01:41 PM
Carolyn-
Can you tell me the names and description of the
connections that you see on your screen after you click
on Network Connections? By the way, IFC stands for
Internet Connection Firewall. Description below.
-Tats
IFC Definition: (taken from the Windows Help page)
Internet Connection Firewall overview: A firewall is a
security system that acts as a protective boundary
between a network and the outside world. Internet
Connection Firewall (ICF) is firewall software that is
used to set restrictions on what information is
communicated from your home or small office network to
and from the Internet to your network.
If your network uses Internet Connection Sharing (ICS) to
provide Internet access to multiple computers, ICF should
be enabled on the shared Internet connection. However,
ICS and ICF can be enabled separately. You should enable
ICF on the Internet connection of any computer that is
connected directly to the Internet. To check to see if
ICF is enabled or to enable the firewall, see Enable or
disable Internet Connection Firewall.
ICF also protects a single computer connected to the
Internet. If you have a single computer connected to the
Internet with a cable modem, a DSL modem, or a dial-up
modem, ICF protects your Internet connection. You should
not enable ICF on VPN connections because it will
interfere with the operation of file sharing and other
VPN functions.
How Internet Connection Firewall (ICF) works:
ICF is considered a "stateful" firewall. A stateful
firewall is one that monitors all aspects of the
communications that cross its path and inspects the
source and destination address of each message that it
handles. To prevent unsolicited traffic from the public
side of the connection from entering the private side,
ICF keeps a table of all communications that have
originated from the ICF computer. In the case of a single
computer, ICF tracks traffic originated from the
computer. When used in conjunction with ICS, ICF tracks
all traffic originated from the ICF/ICS computer and all
traffic originated from private network computers. All
inbound traffic from the Internet is compared against the
entries in the table. Inbound Internet traffic is only
allowed to reach the computers in your network when there
is a matching entry in the table that shows that the
communication exchange began from within your computer or
private network.
Communications that originate from a source outside ICF
computer, such as the Internet, are dropped by the
firewall unless an entry in the Services tab is made to
allow passage. Rather than sending you notifications
about activity, ICF silently discards unsolicited
communications, stopping common hacking attempts such as
port scanning. Such notifications could be sent
frequently enough to become a distraction. Instead, ICF
can create a security log to view the activity that is
tracked by the firewall. See Internet Connection Firewall
security log file overview.
Services can be configured to allow unsolicited traffic
from the Internet to be forwarded by the ICF computer to
the private network. For example, if you are hosting an
HTTP Web server service, and have enabled the HTTP
service on your ICF computer, unsolicited HTTP traffic
will be forwarded by the ICF computer to the HTTP Web
server. A set of operational information, known as a
service definition, is required by ICF to allow the
unsolicited Internet traffic to be forwarded to the Web
server on your private network. For information about
services, see Add a service definition, and Service
definitions overview.
Internet Connection Firewall Considerations:
ICF and Home or Small Office communications
You should not enable Internet Connection Firewall (ICF)
on any connection that does not directly connect to the
Internet. If the firewall is enabled on the network
adapter of an ICS client computer, it will interfere with
some communications between that computer and all other
computers on the network. For a similar reason, the
Network Setup Wizard does not allow ICF to be enabled on
the ICS host private connection, the connection that
connects the ICS host computer with the ICS client
computers, because enabling a firewall in this location
would completely prohibit network communications.
Internet Connection Firewall is not needed if your
network already has a firewall or proxy server.
If your network has only one shared Internet connection,
you should protect it by enabling Internet Connection
Firewall. Individual client computers may also have
adapters, such as a dial-up or DSL modem, that provide
individual connections to the Internet and are vulnerable
without firewall protection. ICF can only check the
communications that cross the Internet connection on
which it is enabled. Because ICF works on a per
connection basis, you need to enable it on all computers
with connections to the Internet, in order to ensure
protection for your entire network. If you have enabled
the firewall on the ICS host computer's Internet
connection, but a client computer with a direct Internet
connection is not using the firewall for protection, your
network will be vulnerable through that unprotected
connection.
The service definitions that allow services to operate
across ICF also work on a per connection basis. If your
network has multiple firewall connections, service
definitions must be configured for each firewalled
connection you want the service to work through.
ICF and notification messages:
Because ICF inspects all incoming communications, some
programs, especially e-mail programs, may behave
differently when ICF is enabled. Some e-mail programs
periodically poll their e-mail server for new mail and
some e-mail programs wait for notification from the e-
mail server.
Outlook Express, for example, automatically checks for
new e-mail when its timer tells it to do so. When new e-
mail is present, Outlook Express prompts the user with a
new e-mail notification. ICF will not affect the behavior
of this program, because the request for new e-mail
notification originates from inside the firewall. The
firewall makes an entry in a table noting the outbound
communication. When the new e-mail response is
acknowledged by the mail server, the firewall finds an
associated entry in the table and allow the communication
to pass, then the user receives notification that a new e-
mail has arrived.
Office 2000 Outlook, however, is connected to a Microsoft
Exchange server that uses a remote procedure call (RPC)
to send new e-mail notifications to clients. Office 2000
Outlook does not automatically check for new e-mail when
it is connected to an exchange server. The Exchange
server notifies Office 2000 Outlook when new e-mail
arrives. Because the RPC notification is initiated from
the exchange server that is outside the firewall, not by
Office 2000 Outlook, which is inside the firewall, ICF
cannot find the corresponding entry in the table, and the
RPC messages are not be allowed to cross from the
Internet into the home network. The RPC notification
message is dropped. Users can send and receive e-mail,
but need to manually check for new e-mail.
>-----Original Message-----
>Nick, I read the instructions that you gave Maxine
because
>I having the same problem. Question: How will I know
what
>connection on which I would like to enable IFC? And what
>is IFC. I'm really new at this and this problem is
driving
>to me drink so I need answers for a person who knows
zilch.
>Also, when the shutdown sign comes up I have 60 seconds
to
>finish what I am doing. Is there any way to disable it?
>
>Thank you, thank you, thank you for your help!!!!!!!
>Carolyn
>.
>
Can you tell me the names and description of the
connections that you see on your screen after you click
on Network Connections? By the way, IFC stands for
Internet Connection Firewall. Description below.
-Tats
IFC Definition: (taken from the Windows Help page)
Internet Connection Firewall overview: A firewall is a
security system that acts as a protective boundary
between a network and the outside world. Internet
Connection Firewall (ICF) is firewall software that is
used to set restrictions on what information is
communicated from your home or small office network to
and from the Internet to your network.
If your network uses Internet Connection Sharing (ICS) to
provide Internet access to multiple computers, ICF should
be enabled on the shared Internet connection. However,
ICS and ICF can be enabled separately. You should enable
ICF on the Internet connection of any computer that is
connected directly to the Internet. To check to see if
ICF is enabled or to enable the firewall, see Enable or
disable Internet Connection Firewall.
ICF also protects a single computer connected to the
Internet. If you have a single computer connected to the
Internet with a cable modem, a DSL modem, or a dial-up
modem, ICF protects your Internet connection. You should
not enable ICF on VPN connections because it will
interfere with the operation of file sharing and other
VPN functions.
How Internet Connection Firewall (ICF) works:
ICF is considered a "stateful" firewall. A stateful
firewall is one that monitors all aspects of the
communications that cross its path and inspects the
source and destination address of each message that it
handles. To prevent unsolicited traffic from the public
side of the connection from entering the private side,
ICF keeps a table of all communications that have
originated from the ICF computer. In the case of a single
computer, ICF tracks traffic originated from the
computer. When used in conjunction with ICS, ICF tracks
all traffic originated from the ICF/ICS computer and all
traffic originated from private network computers. All
inbound traffic from the Internet is compared against the
entries in the table. Inbound Internet traffic is only
allowed to reach the computers in your network when there
is a matching entry in the table that shows that the
communication exchange began from within your computer or
private network.
Communications that originate from a source outside ICF
computer, such as the Internet, are dropped by the
firewall unless an entry in the Services tab is made to
allow passage. Rather than sending you notifications
about activity, ICF silently discards unsolicited
communications, stopping common hacking attempts such as
port scanning. Such notifications could be sent
frequently enough to become a distraction. Instead, ICF
can create a security log to view the activity that is
tracked by the firewall. See Internet Connection Firewall
security log file overview.
Services can be configured to allow unsolicited traffic
from the Internet to be forwarded by the ICF computer to
the private network. For example, if you are hosting an
HTTP Web server service, and have enabled the HTTP
service on your ICF computer, unsolicited HTTP traffic
will be forwarded by the ICF computer to the HTTP Web
server. A set of operational information, known as a
service definition, is required by ICF to allow the
unsolicited Internet traffic to be forwarded to the Web
server on your private network. For information about
services, see Add a service definition, and Service
definitions overview.
Internet Connection Firewall Considerations:
ICF and Home or Small Office communications
You should not enable Internet Connection Firewall (ICF)
on any connection that does not directly connect to the
Internet. If the firewall is enabled on the network
adapter of an ICS client computer, it will interfere with
some communications between that computer and all other
computers on the network. For a similar reason, the
Network Setup Wizard does not allow ICF to be enabled on
the ICS host private connection, the connection that
connects the ICS host computer with the ICS client
computers, because enabling a firewall in this location
would completely prohibit network communications.
Internet Connection Firewall is not needed if your
network already has a firewall or proxy server.
If your network has only one shared Internet connection,
you should protect it by enabling Internet Connection
Firewall. Individual client computers may also have
adapters, such as a dial-up or DSL modem, that provide
individual connections to the Internet and are vulnerable
without firewall protection. ICF can only check the
communications that cross the Internet connection on
which it is enabled. Because ICF works on a per
connection basis, you need to enable it on all computers
with connections to the Internet, in order to ensure
protection for your entire network. If you have enabled
the firewall on the ICS host computer's Internet
connection, but a client computer with a direct Internet
connection is not using the firewall for protection, your
network will be vulnerable through that unprotected
connection.
The service definitions that allow services to operate
across ICF also work on a per connection basis. If your
network has multiple firewall connections, service
definitions must be configured for each firewalled
connection you want the service to work through.
ICF and notification messages:
Because ICF inspects all incoming communications, some
programs, especially e-mail programs, may behave
differently when ICF is enabled. Some e-mail programs
periodically poll their e-mail server for new mail and
some e-mail programs wait for notification from the e-
mail server.
Outlook Express, for example, automatically checks for
new e-mail when its timer tells it to do so. When new e-
mail is present, Outlook Express prompts the user with a
new e-mail notification. ICF will not affect the behavior
of this program, because the request for new e-mail
notification originates from inside the firewall. The
firewall makes an entry in a table noting the outbound
communication. When the new e-mail response is
acknowledged by the mail server, the firewall finds an
associated entry in the table and allow the communication
to pass, then the user receives notification that a new e-
mail has arrived.
Office 2000 Outlook, however, is connected to a Microsoft
Exchange server that uses a remote procedure call (RPC)
to send new e-mail notifications to clients. Office 2000
Outlook does not automatically check for new e-mail when
it is connected to an exchange server. The Exchange
server notifies Office 2000 Outlook when new e-mail
arrives. Because the RPC notification is initiated from
the exchange server that is outside the firewall, not by
Office 2000 Outlook, which is inside the firewall, ICF
cannot find the corresponding entry in the table, and the
RPC messages are not be allowed to cross from the
Internet into the home network. The RPC notification
message is dropped. Users can send and receive e-mail,
but need to manually check for new e-mail.
>-----Original Message-----
>Nick, I read the instructions that you gave Maxine
because
>I having the same problem. Question: How will I know
what
>connection on which I would like to enable IFC? And what
>is IFC. I'm really new at this and this problem is
driving
>to me drink so I need answers for a person who knows
zilch.
>Also, when the shutdown sign comes up I have 60 seconds
to
>finish what I am doing. Is there any way to disable it?
>
>Thank you, thank you, thank you for your help!!!!!!!
>Carolyn
>.
>