XP Service pack 2 Firewall: Helpful Hints

Well I’ve been doing a lot with Service Pack 2 (SP2) since it’s release, and this week is no exception. The new XP firewall has some serious improvements over the previous version; the changes are so great that the only similarity is the fact that they can stop incoming traffic. It’s evident that Microsoft has put a lot more effort into their integrated firewall, and today we are going to run down the features of the firewall, and some configuration settings you might want to know about.

If you’re familiar with the previous XP Firewall you know it was nothing more than a check box in the “Network Connections” under the “Advanced” tab. Now the firewall has it’s own icon in the Control Panel (CP) and a lot more configuration options to go along with it. If you select the Firewall Icon from CP you’ll be looking at the general tab of the firewall’s configuration window. This is where you simply turn On/Off the firewall along with a check box to not allow exceptions to pass through the firewall.


The next Tab you see is the “Exceptions” tab, and this is, you guessed it, where you can allow programs and services explicit permissions to pass through your firewall. This is an important feature if you share folders with others on a network, and if you play, or host online games you’re going to have to probably set up the appropriate ports to allow connectivity. You can configure these exceptions through one of the three buttons at the bottom of this panel (Advanced, Add Port, and Edit). At the very bottom of this panel is the check box to notify you if a program or service attempts to solicit your machine.

The third tab is the “Advanced” tab, which has three sub-sections the first being the “Network Connections Settings”. This is for the more advanced users and I can’t see a lot of casual end-users really fooling with these settings too much. Networks Connections is a list of networks that you are connected to and would like to allow only certain services within this connection. In lay terms it’s like fine tuning your exceptions to say “Yes” you can connect to my PC, but you can only connect to use my FTP service or Remote Desktop, and nothing else. In the Network Connections section of the Advanced tab there is a Settings button this is the advanced settings for your allowed services that others may be able to connect to on a particular connection (i.e. FTP, Remote Desktop). There is also the ICMP (Internet Control Management Protocol) tab, which is a set of network commands that help to manage a network. These commands can also be a vulnerability, and under this tab you can disable all or some of the ICMP commands. The next section under the Advanced tab is the Security log, which I love and always turn on. You can configure this to log dropped packets, log successful connections, both, or none. From this location you can also choose where and how large you would like the log file to get. The last section of the Advanced tab is the Default Settings section; this consists of one button that if selected will bring all the settings in your firewall back to where they were right after SP2 was first installed.

XP SP2 Firewall is head-and-shoulders above its predecessor, and is enabled by default with the install of the new service pack. If you have a third party firewall it probably still has more features than XP’s so you may want to go and turn XP’s off so it will not interfere with your internet or network connectivity. If you don’t have a firewall, and especially if you have a broadband always-on connection, you want to leave this “ON”. Don’t worry, the new security notification in SP2 will let you know if your system is unprotected with one of it’s new pop-up security warnings.

Stay safe out there,

~ Chad