TCP/IP, ICS, ICF
From Proprofs
Contents |
[edit section] TCP/IP, ICS, and the Windows Firewall
Windows XP includes a new feature that has drawn the ire of many users called the Windows Firewall. In addition, it includes a few not-so-new features like ICS and TCP/IP support. What do all these features have in common? They are all related to Windows XP networking. In this lesson,we will explore the above features and how they can be used to network XP computers.
[edit section] TCP/IP Support in Windows XP
Windows XP includes TCP/IP support by default on most network connections. TCP/IP support in Windows is nothing new; it has been natively supported since the Windows NT 4 era. We still must cover the basics of Windows TCP/IP networking. TCP/IP networking is configured by going to the Properties dialogue for a network connection and then choosing to configure TCP/IP. Some options include:
- IP Address: The unique identifier of a PC or node on a network; if two nodes have the same IP, an address conflict will occur, and Windows will notify you of it
- Default Gateway: The gateway that Windows will contact to access other networks (Internet)
- DNS Server: The name resolution servers that Windows will utilize
- Obtain Automatically: Use this if a DHCP server is available (automatic IP configuration server)
Note that NetBIOS operates over TCP/IP and therefore TCP/IP is required to work if you wish to access any shares or browser service functionality.
[edit section] Internet Connection Sharing
ICS, or Internet Connection Sharing, is another legacy Windows feature that allows a Windows PC to share an Internet connection with other networked computers. This can only be accomplished if the PC has two connections – a private (internal or LAN) connection to the computers that will use the shared connection, and a public (Internet or WAN) connection that is usually always connected and high-speed.
When ICS is employed, Windows XP becomes a DHCP server, meaning that it assigns IP addresses to client computers that wish to use the shared connection. The IP addresses that it assigns are in the range of 192.168.0.2 to 192.168.0.254, meaning that a maximum of 253 computers may use ICS.
To access ICS options or to enable ICS, go to the Advanced tab for the network connection that you wish to share and choose the option “Allow other users to connect…” There are also other options:
- Home Network Connection: If multiple private networks are present (say, you have three connections – 1394 connection, wireless private network, and WAN), you must choose which of the networks will access the shared connection
- Establish a dialup connection…: If you elect to enable ICS over a dial-up connection (share a dial-up connection), choosing this option will cause the host PC to dial up to the Internet if a client PC asks to use the ICS connection
- Allow other users to control…: This option allows users to disable and enable the connection across the whole network and is not recommended
[edit section] Internet Connection Firewall
ICF, or the Internet Connection Firewall, is a new feature of Windows XP. Due to security concerns with previous Windows releases, including 98, ME, and 2000, Microsoft decided to include a rudimentary built-in firewall in XP known as the Internet Connection Firewall. It is basic packet-filtering firewall, meaning that it filters traffic based on headers (source/destination and port).
To enable the ICF, go to the Properties dialogue for a network connection that you wish to enable the ICF on, and then the Advanced tab to check “Protect my computer…” This enables ICF on that connection with the default configuration.
To affect the advanced configuration of ICF, use the Windows Firewall control panel applet. Here, you will find the ability to do each of the following tasks:
- Open services: Services are server programs that your PC runs to offer content or other data to the rest of the WAN. As a general rule, more services open creates more “holes” to access your PC. A service is defined by an internal port number (like a room number at a hotel) and an external port number (like the hotel’s address)
- Log Security: Allows you to log blocked access (attempts to access your PC or PC services that the firewall blocked) as well as allowed access (successful attempts to access)
- ICMP Options: ICMP is the protocol suite that allows you to ping, trace route, and perform other basic network diagnostics. Windows Firewall can block Ping echo and timestamp requests
[edit section] Moving Forward
In our next lesson we will tackle Internet Information Services servers, the built-in web servers found in Windows NT releases that are the cause of much grief for exam-takers everywhere. Let’s review first.
[edit section] Quick Review
1. Which of the following is used to share a Windows XP WAN connection to a private network?
a. NetBIOS
b. IP addressing
c. ICMP
d. ICS
e. ICF
2. Which of the following explains the 253-PC limit for ICS?
a. There are only about 4 billion IP addresses available around the world so IP addresses must be limited in number
b. The addresses are assigned over a limited Class C range
c. Windows XP cannot handle the sharing of more than 253 computers due to memory constraints
d. All of the above
e. None of the above
3. Where could you disable Windows from sending ping echo requests?
a. ICMP properties of Ping.exe applet
b. Advanced tab of Properties of Network Connection
c. ICMP tab of Windows Firewall control panel applet
d. Advanced tab of Properties of WindowsFirewall.exe
e. Add Network Connection Wizard
[edit section] Answers
1. ICS (Internet Connection Sharing) is used to share WAN connections. The answer is D.
2. Because the addresses are only assigned from 192.168.0.2 to 192.168.0.254, there are only 253 addresses available. The answer is B.
3. You can change ICMP options on the firewall through the Windows Firewall control panel applet. The answer is C.
Top 5 Contributors to this article
|
|||||
