I don't really see the point of using a firewall when theres only one service to exploit, namely activesync
Starting nmap V. 2.53 by
fyodor@insecure.org (
www.insecure.org/nmap/ )
Unable to find nmap-services! Resorting to /etc/services
Interesting ports on (192.168.55.101):
(The 4360 ports scanned but not shown below are in state: closed)
Port State Service
990/tcp open ftps
Just disable activesync on your PocketPC when accessing wlans, Also the attacker would have to be on the same WLAN as you and be specifically looking to target the PocketPC Platform (highly unlikely) as nearly all access points use NAT, the only way you'd be open to the world would be if the access point used bridging or port forwarding (which would just be stupid because only one host would be able to use a service).
Firewalls are pretty much useless anyway on a desktop machine if you know what services you are running as you can just turn them off if you wish rather than blocking the port, the only exception to this would be on Windows as some services are not possible to turn on such as RPC.
Previous guy is right though, If you want to be protected don't use WLANS period, and the only way you can get a trojan/virus is to physically run an executable yourself on your pocketpc. Basically the same rules as a desktop, don't open unknown executables !
The worst someone could do is knock you offline (ping -f) and even a firewall won't protect you from that.
In short, Anti-Virus software and Firewalls etc will NEVER provide 100% protection as, when you get a virus , you already have it then the Anti-Virus people will add its signature to its definitions and then you have protection from it in the future :) but you already got it !
Regards,
Keith