Networks

Question

Gravatar
Locked

Windows XP ICS vs Windows Firewall

By farfolomew ·
My question pertains to the way Windows Internet Connection Sharing is setup and how it works with the Windows Firewall.

This is the best ICS article i've read. It explains all the little details that the Microsoft Help fails to do, such as whether the host in the service definition should be the ICS computer or the internal computer hosting the service. Windows Help says to set that value to the ICS computer, but obviously that doesn't make sense. So anyways, thanks for clearing that up

For example, if I add a service definition in ICS to listen for TCP port XXX, then will I also have to go into the Windows Firewall settings and add that same TCP port XXX to the exceptions list? Otherwise, won't the firewall not even acknowledge that port and drop any requests to it? Or is Windows smart enough to realize that if I add a port for ICS to listen on, it should automatically be exempt from the Firewall as well?

Thanks!

This conversation is currently closed to new comments.

1 total post (Page 1 of 1)  
+ Follow this Discussion ·
| Thread display: Collapse - | Expand +

All Answers

gravatar
Collapse -

Answer

by farfolomew In reply to Windows XP ICS vs Windows ...

Well after some digging on Google I stumbled across this excerpt from the Syngress book "Configuring and Troubleshooting Windows XP Professional" on pg 8:

"...ICF works in concert with ICS to provide access for unsolicited traffic. For example, if you have configured the ICS service definition to allow Web server (HTTP) traffic, ICF will allow this traffic. Disabling the service definition for the Web Server will result in ICF dropping that traffic..."

and

"...If you enable a service definition for a particular application, you automatically configure ICF to allow traffice associated with that application. You should always consider the consequences of allowing any traffice through ICF. The less traffic you allow into your network, the more secure it will be..."

So it would seem Windows is, indeed, smart and knows to allow ICS Service Definitions in through the Windows Firewall. Good info to know :).

Back to Networks Forum
1 total post (Page 1 of 1)  

Start or search

Related Discussions

Related Forums