The Windows Firewall: Big Bad Wolf Coming?

In the previous post in this series, we surveyed changes in recent years to the default Windows inbound firewall. We suggested it might have a few bricks loose. In this post, we’ll look at networking trends, specifically the proliferation of publicly accessible IPv6 Internet addresses and the expected growth of 5g. We shall ask whether the big bad wolf (in the guise of hackers and crackers) might one day soon find that the right huffs and puffs will blow down even the house made of bricks.

This post will simply establish the fact that a fundamental change in networking is nearly upon us, and that everyone should know how to tighten their firewall. That task will be the subject of the next post in the series.

IPv4 and IPv6

Many people already know the difference between Internet Protocol version 4 and Internet Protocal version 6. We’ll summarize it very quickly for those who don’t:

IPv4 is now over 35 years old. It provides for a maximum of just over 4 billion individual addresses. Many of those addresses are reserved for specific entities. pingdom.com found that 671 million of just the largest “consecutive chunks” of addresses are reserved for government agencies and large corporations. Yet internetlivestats.com finds there are 4.2 billion Internet users currently. With just those numbers alone, you can see we’ve run out of IPv4 addresses. IPv6 was designed to replace IPv4:

  • It provides for a theoretical maximum of 340 undecillion addresses. An undecillion is a 1 followed by 36 zeros. Not all 340 are allocatable, but it is a given that the pool will last a very long time.
  • IPv6 adoption among the the U.S.A.’s wired ISPs trails the rest of the world, but they’re starting to show progress.
  • Mobile operators are driving IPv6 adoption in the U.S. The Internet Society reports that in the U.S., “Verizon Wireless—84%, Sprint—70%—T-Mobile USA—93%, and AT&T Wireless—57%… national mobile networks have very high levels of IPv6 deployment.”

Thus, your mobile phone, which probably runs either Android (using the linux kernel) or IOS (using a unix kernel), probably has a public IPv6 address that it gets from your mobile phone network. Your PC (probably using Windows) probably has an private IPv4 address that it gets from your home router.

Recall that what we found in the previous post was that Microsoft was opening up its inbound rules so that apps such as xBox could listen for communications from the Internet, no matter if the PC is in a home, work or public network. We stated this wasn’t too dangerous within a private network, but would be very worrisome with a public address. Which brings us to 5G.

5g Expected Growth

Some people think that 5g is the next improvement to mobile networks. It is. The factories in China are already producing the first tens of millions of phone modems. What is sometimes overlooked is that 5g will be faster than your current wired ISP. It is possible, if not likely, that 5g will be your PC’s connection to the Internet, not just your phone’s. There are also a number of other benefits to the IPv6/5g combination, mostly involving speed.

  • The first live 5g networks in the U.S. have already hit 1Gbps, which is equal to current fiber to the home. They can theoretically hit five to ten times that, though that is probably five to ten years away before it’s common.
  • 5g hardware was designed to be much cheaper to produce and maintain than LTE hardware. Though they’ll need much more hardware to cover the same area, the telecoms have already proved capable of installing and maintaining the more expensive, more difficult to maintain LTE. It is therefore likely that 5g will be deployed successfully.
  • Cable networks, in poll after poll have been shown to be the most “hated” industry in the U.S., due to their historically poor customer service.
  • The average U.S. monthly cable bill is $107. The average monthly mobile bill is approximately $80. The mobile providers have room to set an additional price for fixed Internet 5g service to the home plus subscription IPTV service(s) to replace cable programming.

So when your PC has a public address by default, either because your cable ISP has provided it, or you add a faster 5g modem for home Internet access sometime in the next several years, you will have an external address on your PC. In the next post, we’ll look at the process of tightening the default inbound Windows firewall rules.

We’ll repeat the feature graphic, in case it’s cut off in your browser. Plus you can click on it to enlarge it.

Private addresses are non-routable. They can’t be reached from outside the router. But IPv6 and 5g bring a lot of advantages; speed for example, certain benefits for video, and so forth. So long as the firewall is up to it, IPv6/5g will be worthwhile.

John Iacovelli

I have spent 30+ years in the computing industry. In it I've pretty much done everything from tech support for elderly people doing genealogy, to documenting compilers, to software evangelist, to direct mail guru, to CIO of an international corporation. And here I am, older and gray, getting interested in Tarot? 😉