Firewall: Windows XP
Microsoft started including firewall software with the introduction of XP. Not originally enabled by default hence depending on your version make sure it is enabled if you decide to go with this firewall. Note from service pack 2, it is enabled by default.
It is a personal firewall, meaning it runs on a single computer and protects only that system. If the computer in question is using Internet sharing to provide the rest of a home network with Internet access, then the firewall will protect the entire network.
Activating Windows XP firewall
Enabling XP's firewall is easy:
Go to start > control panel > network and Internet connections > network connections
Right click on your Internet connection (which should be at the top of the page labeled either Dial-Up or Bradband) and select 'properties.'
Select the advanced tab and click on Settings.
Turn firewall On
Check the On radio button next to the sheild.
Note: If you are using another firewall check the Off radio button to prevent clashes.
Your PC is now protected by Windows XP firewall. The firewall runs as a process (in the background) on your computer and examines all incoming data via the Internet connection.
Unless the data was requested, or you opened a port (for example 80) to allow access the data will be dropped.
Windows XP firewall is very basic there are no options to tailor security. For domestic use the simple interface makes it easy to use.
One useful feature is logging this is not enabled by default and need to be turned on as follows:
- Go to 'start/control panel/network and Internet connections/network connections'
- Then right click on your internet connection (which should be at the top of the page) and select 'properties.'
- Now go to the 'advanced' tab and click on the 'settings' button.
- Select the advanced tab and under Security Logging click on the settings button
- Enable the log for dropped packets and successful connections.
Note: The default location of the log is C:\WINDOWS\pfirewall.log You can open this file with notepad or any other text editor to view recent failed and successful attempts to access your firewall.
Allowing applications through a Windows XP firewall
To enable certain applications to bypass Windows XP firewall, you need to open specific ports for their use.
You do this by creating a custom 'Service.'
The following example creates a service to allow MSN Messenger file transfers.
First enter something appropriate for the name of the service, in this case MSN messenger file transfer. This name is for your reference only. MSN file transfer uses the TCP protocol for data transfer select TCP radio button.
Enter the port number that should be opened in the firewall for this application. MSN messenger uses TCP ports 6891-6900. One port is used for each simultaneous transfer. I have shown port 6891 enter in both the external port number and internal port number boxes. Click OK repeat for each port that needs to be open.
Note: That the new service is added to the list and enabled. File transfers should now work in MSN messenger.
Follow the above procedure to open a port for your Apache server. Name the new service Apache and open port 80.
The following is a list of common port numbers for hosted applications.
The only time I have ever enabled Windows XP firewall was to take the screen shots. My preferred firewall is ZoneAlarm its free, very flexible and monitors both incoming and outgoing data.
If you have no other option then XP is better than nothing.
Where to next