Window XP's Built-in Firewall - Using the Windows XP built in firewall protection

Maybe we are just cautious (you ~DO~ look both ways before crossing a street?) or possibly we had to learn the hard way that the internet is not always a safe place to work and play. Maybe we even had to reinstall all of the software on our computer because “something” out there did “something” to us and now our computer won't start. (sigh)

No matter what made us decide to finally install a firewall we all had to go through the drudgery and annoying process of searching the web for the right firewall to protect us.

Despite the fact that the number of software based firewall products has increased by an incredible amount it is often this fact that makes it harder for all of us to decide on which product to choose.

How can we possibly know what firewall works the best for us? How can we possibly pick between the dozens of firewalls available? Maybe it doesn't even matter and any of those will do the job of protecting our computer just fine. But then again if it doesn't do the job we will have spent our hard-earned time (and money!) on configuring something that turned out to be worthless.

Those of us that have Windows XP won't have to worry about any of the hassle other Windows users are forced to face. Not because Windows XP isn't targeted by hackers or other internet threats, nor because it is so well built that it makes it immune to attempts of people to invade your system (that'd be the day!).

Windows XP is the first Windows operating system that comes with a built-in firewall. On average this firewall has performed very well to keep out threats and the reason why it has gone unused by so many Windows XP users is simply that it has gone unnoticed.

After all only a few of us actively dig through option after option in Windows to find interesting features and Windows XP in particular has been more advertised for its media entertainment capabilities than it's built in firewall. (Hey! Billy Bob! Did you download the latest movie preview for Lord of the Rings XX?)

Below I will give a short breakdown of how to activate the MS Windows XP firewall and what the basic settings of this firewall are. But before we delve into the world of the MS Windows XP firewall we should note that this article is not intended to provide technical details on the Windows XP firewall. In fact many of the options will not have to be discussed simply because the average internet user will not use most of them. These options explain themselves once we start to activate our various web servers, FTP servers and other services like telnet (in which case we probably already know how to deal with our firewall on those topics).

The first and most basic step is to activate the Windows XP based firewall:

1. Click on the Start button.
2. Click on Control Panel, then click Network Connections.
3. Right click on your internet connection and click on Properties at the bottom of the menu box that pops up.
4. In the Properties window that pops up, click on the Advanced Tab.
5. Near the top, under Internet Connection Firewall, click to check the box next to Protect my computer and network by limiting or preventing access to this computer from the internet.
6. Click OK. The Windows Internet Connect Firewall is now protecting you from being attacked by anyone from the Net.


In eight little clicks we just successfully provided our computer with a great deal of safety from internet threats. What we need to know about the Windows XP firewall is (provided we didn't change any of the settings) that the Windows XP firewall blocks all incoming traffic but none of the outgoing traffic from your computer.

Incoming traffic can be considered basically anything that tries to get into your computer so unless you specifically requested to receive the information that's trying to get in (the firewall knows when you requested information) it will simply be blocked and ignored.

Outgoing traffic is everything that causes our computer to actively look for a connection to the internet. If for example we start our internet explorer (or other browser) and try to go to a web site we are actively making a connection to the internet. Usually outgoing traffic is answered by incoming traffic. In the case of our browser we are requesting information from the web site we want to visit (outgoing traffic) and we get this information supplied to us via incoming traffic. If for some reason our outgoing traffic isn't answered there will be no incoming traffic causing the web page we wanted to visit to not be displayed.

At this point most of us can just sit back and relax since unless we have a web server, use telnet, have a router or anything else that would require special permission to access our PC our task of configuring our Windows XP firewall has been completed.

Nonetheless it may be worth your time to follow along as we explore the settings:

Follow the above steps 1,2,3 and 4. Since you already activated the firewall we can skip trying to activate it again and go straight to the settings button that is close to the bottom right corner of your properties window. Clicking on the settings button will open up another properties window with 3 tabs:

Services
Security Logging
ICMP

Services

As mentioned before, if you have anything like a web server, a mail server or a telnet server operating on your network and you want these to be able to access your computer you will have to activate them by clicking on the corresponding checkbox.

Activating any of these, if you don't have the corresponding service on your network, will cause you to compromise your system opening it up for threats from the internet (which unless we enjoy the risk is not recommended).

Security Logging

In the security logging section we can set what information we want to store on our computer. It can be quite useful to log the successful connection to your computer in case something manages to circumvent your newly activated firewall. Dropped packet logging on the other hand is only interesting for advanced users and is best left alone.

You can determine the size of your log file but unless you have a specific need for a larger log file the default size of 4MB (or 4096kb) is enough to store an extensive log of all the internet activity from and to your computer.

ICMP

ICMP stands for Internet Control Message Protocol and is part of what makes communication via the internet possible (TCP/IP). In general terms TCP/IP is a set of rules everyone agreed to, to make communication possible. It can be compared to (human) language. If everybody is speaking their own language communicating with each other is almost impossible, if however everyone agrees to speak the same language and follow the same set of rules communication is incredibly easy.

ICMP is a part of this set of rules which deals with the very basic means of communication. Without going into detail ICMP can best be compared to saying 'hello' to someone which will (hopefully) cause that person to say 'hello' back.

The Windows XP firewall causes your PC to no longer say hello back making it almost impossible to detect on the internet (which is a good thing).

Now that you have successfully made all the settings necessary to operate the firewall you should go out on the internet and have your firewall tested by one of the thousands of free online firewall test tools available. This will immediately point out incorrect settings or other potential problems with your XP firewall.