Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Is the Windows XP inbuilt firewall any good?

Security

Is the Windows XP inbuilt firewall any good?

by  jrbarnett  Posted    (Edited  )
The original Windows XP firewall, pre SP2
Windows XP includes a built in firewall which can be enabled on dial up and network connections. A common question relates to whether it is good enough or whether it is worth the time installing and configuring a third party solution such as ZoneAlarm, Kerio or Tiny Personal Firewall.

There are two aspects to a good firewall. The first is hiding the computer from others on the network. On this aspect, the Windows XP firewall works fine. It can be used to conceal the computer from others on the internet, and port scanners won't find a machine on its particular IP address.
The firewall can be configured to open specific ports if you have an application that you want to allow other people to access, such as a local web server.

The other aspect to a firewall is authenticating outgoing connections, ie whether in built software is permitted to
connect to the external network or not.
Windows XP's built in firewall doesn't attempt to authenticate specific applications, and so it is as useless as a chocolate teapot if viruses or spyware has found its way onto the computer. It will, however, stop a system become infected with the Blaster or Sasser viruses if enabled prior to first internet connection, even if it is only an interim solution before you get a different package.

Third party firewall applications will "fingerprint" executable files and only allow them to connect out if their fingerprint matches one already in the database, or ask the system operator depending upon how they are configured.

Overall, if your system is mission critical and is used outside a corporate environment, then my recommendation would be to install third party software and spend the time configuring it.
If you are inside a firewalled environment, then it is probably not worth enabling the built in one, because anything should be covered at the firewall.

Windows XP Service Pack 2
XP Service pack 2 was released in August 2004. This includes a far more comprehensive firewall with authentication of applications contacting external sites.
If you have no third party firewall software installed, it is worth getting hold of it and updating, not just for this though.
Register to rate this FAQ  : BAD 1 2 3 4 5 6 7 8 9 10 GOOD
Please Note: 1 is Bad, 10 is Good :-)

Part and Inventory Search

Back
Top