I've been playing around with a bunch of different firewalls (LnS, OA and Private Firewall), and I'm wondering if there are any significant difference in the inbound protection between the various popular firewalls on the market, including the Windows 7 firewall. I was looking for mainly good inbound protection and good hips capabilities, but I cant seem to find any reviews or comparisons on the inbound protection capabilities of these firewalls.
I think you'll find them pretty much the same as far as inbound goes. Either they block unsolicited inbound packets, or they don't. They all do. An even simpler solution is to put a cheap NAT router in front of your machine. If all you're worried about is inbound, then the software firewall becomes unnecessary.
I'm also curious how they work... do they just allow certain applications complete access without restrictions? Would they detect attacks that were going to an application that has been allowed? I'm a pretty big novice in this area so any clarification is much appreciated.
Depending on which software firewall you use, you can often restrict applications by ports and remote IP's and so on. How much control you have depends on which firewall you use. The best way to learn is to install a few (one at a time), experiment, check the logs to see what's going on, and take it from there.. It can be a lot of fun if you enjoy that sort of thing.
It depends on what you mean by inbound protection. Most on the forum will state inbound protection is the blocking of unsolicited to closed ports. From my point of view, for inbound protection, there needs to be good filtering of, (for simple example), DHCP request/reply, so that a reply to DHCP is checked to its ID number and not just to IP/port. - Stem