Bill said:
Sorry but you're wrong. By default, Vista's firewall blocks inbound only.
You need to go into the Advanced Firewall settings to enable outbound
filtering and then customize all the settings.
All FW's of the type we are talking about block inbound traffic by default.
That's the job of a FW is to block unsolicted inbound traffic, by default.
What they don't block is outbound traffic by default.
It works well when properly configured, but the average user will have no
idea what to block and what to allow, and the setup is rather confusing
for inexperienced users. That's why many users want a simpler firewall.
The same holds true for any FW/packet filter solution in the average user's
hands. It doen't matter if it's Vista FW/packet filter or any 3rd party
pfw/packet filter solution.
And Vista and 3rd party solutions are not FW(s). Thay are machine level
packet filters.
A firewall separates two networks the network it's protecting from usually
the Internet (a giant network) and the network it is protecting the LAN the
private network. A FW sits at the junction point between the two networks.
Whether it be a hardware device or a software solution running on a secured
host computer, a FW must have at least two network interfaces. One network
interface for the network it is protecting from and one network interface
for the network it's protecting. That would be two (NIC's) in the case of a
software FW solution running on a host computer.
The term firewall comes from the fact that by segmenting a network into
different physical subnetworks, they limited the damage that could spread
from one subnet to another just like firedoors or firewalls.
Personally, I recommend using a router with NAT to provide firewalling to
the computer.
A router is an effective border device and blocks unsolicted inbound traffif
by default, and because of the two interfaces of a WAN port and LAN ports,
the router comes closer to the definition of a FW. Early FW(s) were simply
routers.
However, NAT is not FW technology. NAT is mapping technology.
http://www.wisegeek.com/what-is-nat.htm
http://www.homenethelp.com/web/explain/about-NAT.asp
A wireless router is a great idea for a laptop since you can move the
computer around the house without worrying about a wire. You can use it in
the kitchen, living room, bedroom (careful with this one!), backyard,
whatever, and all the while you're getting very good firewalling features.
Just make sure you put passwords on BOTH the Admin and User logins to
secure the router. Read up a bit on it, and even an inexperienced user can
configure it to be safe and secure.
Wireless is another story all into itself, and most home users are unaware
of the security risks of using wireless. And if they do know, it doesn't
make it any less of a security risk. Anyone that has the expertise to come
past the security features of wireless can come past wireless.
I'll assume you have heard of wardriving.
http://en.wikipedia.org/wiki/Wardriving
I would much rather have an all Ethernet wire solution. If I am going to use
wireless, then I would much rather have it sitting out there in the
untrusted zone than for it to be on the LAN -- the trusted zone.
There is another packet filter solution that on is Vista, XP, and Win 2k pro
called IPsec that I use in conjunction with Vista's FW/packet filter, when
this laptop computer is not connected to my home network using a FW
appliance.
http://www.petri.co.il/block_ping_traffic_with_ipsec.htm
http://support.microsoft.com/kb/813878
I implement the AnalogX policies for IPsec that work in combination with
Vista's FW/packet filter.
http://www.analogx.com/CONTENTS/articles/ipsec.htm
And if you want to know about FW technology, then I suggest you read the
information in the links.
http://www.vicomsoft.com/knowledge/reference/firewalls1.html
http://www.more.net/technical/netserv/tcpip/firewalls/