This may sound like an obvious question, because everyone says you should never access the internet without a firewall. But rather than just accept this. I would like to understand.

I can understand why using the internet with files/folders shared is risky or using the internet with your PC set up as a webserver is risky.

But if you there are no files/folders shared and the PC is not set up as a web server. Are there still risks?

Second question if I may, I am used to Norton Internet Security which alerts potential hacks. I have just started using a windows XP machine with a firewall, which doesn't alert.

Does anyone know how secure Windows XP built in firewall is?

The problem is that the risk is unknown.

Microsoft just admitted that there was yet another security flaw recently. This latest one affects all versions Windows with TCP/IP networking capabilities, including their latest "trustworthy" Windows 2003 Server. It is a basic flaw with how they handle RPC calls on port 135, which the Microsoft IP stack loves to leave open.

As for the XP firewall, it seems to be pretty solid. Maybe a little feature cramped when it comes to logging and reporting, but it accomplishes the basic requirements of a firewall. You might run a quick port scan test at www.grc.com to gain an idea of how it stands up to a port scan inventory.

thanks cszeto

Im am just trying to get into wifi and hotspots.

One of the reasons I ask is I am trying to figure out the implications of accessing the internet from a hotspot.

What I can't get my head around is, if I firewall my wifi connection it won't work. If I don't i am relying on the hotspot provider to provide the firewall, hence my interest in the risk.

sametch:confused:

You should be able to firewall your WiFi connection and still remain connected through the wireless connection. I just enabled my XP firewall for my wireless NIC, it disconnected and then reconnected successfully. I am posting this with the XP firewall on.

Most hotspot hardware is not that different from any other wireless access point. The main difference is some additional MAC level filtering and access control for account management/billing. Most firewalls should not affect those operations.

Even if the hotspot provider provided a firewall, it would mainly be between your machine and their network gateway. They may already do that by utilizing NAT in order to maximize their IP pools/plans anyway.

That does nothing between you and others that are also connecting through the same wireless network. You would most likely be wide open between yourself and others that may also be surfing wirelessly along side you.

The chances are there, but it can become an expensive proposition for the other party. Keep in mind that they would be paying for the access too in order to be on the wireless network (unless they were successful in hacking onto the wireless network).

The cost factor may act as a "natural" barrier in limiting the chances of that occurring, from both the combined prospectives of you and them remaining online for any extended periods of time...

The long and short is that you should be able to enable the built-in firewall on your wireless NIC and not affect your ability to connect onto a hotspot. The chances of you getting hacked over a hotspot connection can be affected by the cost factors in your favor of it not being economical for both parties (you and the hacker)...

Thanks for your help cszeto

sametch
:)

No problem. The irony is that people who worry about being hacked will usually not even see a hacker (maybe because we are looking), it's the ones that don't worry that usually wind up getting hacked.