If you have an
explanation or quick fix that would make a good SolutionBase article, we invite
you to submit your solution using this form.
While the Microsoft Windows XP
firewall has always been part of the operating system, the default
configuration was always set to “off.” With the release of Service Pack
2 (SP2), that default behavior has changed to “on.”
The general purpose of SP2 is to increase the security of
the OS by closing security holes, fixing bugs, and implementing better security
protocols like actually turning on the firewall. Of course, the activation of
the firewall with new default settings will cause some systems to stop working
properly after installing SP2. Solving this problem will require some changes to
the standard configuration.
If you found it necessary to tweak the XP firewall settings
before SP2, take note that Microsoft has made a few changes to the firewall
interface. To get to the firewall configurations, you first need to navigate to
Network Connections in the Control Panel. Once there, you should see a list of
connections. Right-click the Local Area Connection and click on Properties in
the ensuing dropdown box. Click the Advanced tab on the properties dialog box
to get to the firewall interface shown in Figure
Notice that the installation of SP2 has changed this dialog
box just a bit. There’s no longer a check box for turning on/off the firewall
on this page—it’s on by default. To get to the real heart of the configuration,
click the Settings button on this screen to reach the dialog shown in Figure B.
This is the new dialog box installed with SP2. As you can
see, you have the option to turn off the firewall or to actually strengthen the
configuration by disallowing exceptions to the firewall protection. Blocking
exceptions when you connect to public networks, such as those found at airports
or coffee shops, will give you that extra bit of protection. Clicking the
Exceptions tab will take you to a dialog similar to the one shown in Figure C.
Settings on the exception tab allow you to specify programs
and services that you want designated as exceptions to the current firewall
settings. You can also change which ports are open and closed from this tab.
All of these configuration settings require a certain amount of advanced
expertise and should not be changed without specific knowledge of the
The last tab on the firewall configuration interface is
Advanced (see Figure
D). This is where you can set exceptions for each connection you may have
enabled on your system.
In addition, the Advanced tab is where you can adjust
security logging when troubleshooting and configure the Internet Control
Message Protocol (ICMP), which allows for the sharing of status information across
the network. As with the Exceptions settings, changing these configurations
requires a fairly significant level of expertise and should be approached with
Better than nothing
Even after installing XP Service Pack 2, the Windows
firewall will never be confused with the more powerful
firewalls available from third parties, but it’s better than no firewall at
all. No matter what firewall you’re currently running, after installing SP2,
you’ll likely have to make some adjustments to the new default configuration.
|Next Steps: Build your skills with these hand-picked resources|
|Windows XP Service Pack 2 Resources|
|Step-By-Step: Configure the Internet Connection Firewall to allow Remote Desktop|
|Deploying Windows Firewall Settings for Microsoft Windows XP with Service Pack 2|
|MKBA – 843090: Description of the Windows Firewall feature in Windows XP Service Pack 2|
|Microsoft Security Developer Center: Windows Firewall|