Is Windows XP Firewall the only Firewall you need for home?

By Web-Guy ·
Years ago, everybody said don't just run the XP Firewall, it doesn't provide enough protection. However, Microsoft has become much more proactive with security updates and Service packs in the last few years. So I was wondering if the old advice is still true, of if XP Firewall has really improved?


This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Answers

Collapse -

If your car needed a garage session every week ...

by OldER Mycroft In reply to Is Windows XP Firewall th ...

You wouldn't necessarily be too impressed with it, even after eight years of religiously taking it into the garage once a week for a new part to be swapped out, now would you?

I tend to feel the same way about anything M$.

If the Firewall is so secure, how come there are regular security patches for the system?

I don't run the XP firewall at all, I use ZoneAlarm and am quite content thus far.

Collapse -

A number of things

by wesley.chin In reply to Is Windows XP Firewall th ...

There have been some improvements. But the big one is not addresssed. The firewall handles incoming traffic, but not outbound. If you are concerned about spyware or anything like that on your computer trying to "phone home", the firewall that comes with XP will not be enough.

Collapse -

I say no.

by robo_dev In reply to Is Windows XP Firewall th ...

In general, a hardware firewall beats a software firewall every time. XPs firewall offers some basic protection, but I would not rely on it.

From an 'average user' standpoint, there's nothing to easily misconfigure with a hardware firewall, and you cannot easily disable the firewall protection on a hardware firewall.

The fatal flaw with XPs firewall is that you can turn it off, AND it can be turned off programmatically, AND exceptions can be added programmatically to it as well.

This means that a virus you catch from joe scipt-kiddie, such as Bagz, XGQ, and others can and will shut off the firewall. So, in a way, the XP firewall is only as good as your Malware/Virus protection. So the castle walls are made of hefty stones, but the mortar is made of Jello pudding.

The XP firewall, when properly configured, is reasonably secure from very basic outside attacks (it blocks all inbound traffic).

Not to confuse the issue, but another concern is that the Windows firewall does not block or notify the user of suspicious outbound traffic.

Something like ZoneAlarm does block and detect outbound traffic.

Of course a typical soho NAT firewall doesn't block outbound traffic either....

So here it is in a nutshell:

Best: Hardware-based NAT firewall and Personal Firewall such as ZoneAlarm.

Good: Hardware-based NAT firewall and XP firewall (though somehwat overlapping functionality).

Not-so-good: XP firewall only. Could be compromised through user error and/or malware.

Collapse -

I would defiantly say NO

by OH Smeg Moderator In reply to Is Windows XP Firewall th ...

But then again I'm more Paranoid than some.

The reality is that this is impossible to answer correctly as different people have different uses for their computers. I once saw a guy who ran XP for 3 years without a AV product on the system and when I was asked to look at it there where no infections. Though I would say that he was the exception that proves the rule and I wouldn't even suggest this to anyone.

A router between the computer and ISP connection is a fairly standard fitting these days but what is often overlooked is the Firmware updating so in a case like that I see them as more of a problem than a solution as they do give a false sense of security.


Collapse -

NAT plus firewall really works

by nepenthe0 In reply to Is Windows XP Firewall th ...

The ShieldsUp! test reports total stealth mode with NAT plus Windows firewall:

Of >1000 ports tested, all were stealth mode using just the XP SP2 Windows filewall and a Linksys router.

One needs to check the native firewall exceptions, and I hope Wes Chin will post back discussing his recommendations regarding permissible exceptions.

Rick/Portland, OR

Collapse -


by fincke In reply to Is Windows XP Firewall th ...

The firewall that comes with window xp service pack 2 is a one way mirror in which it only checks the stuff comeing out of your computer not going in. I use Comando firewall it's easy to configure and it's free and it updates too. It is simple to use and more useful then the firewall that comes with windows.

Related Discussions

Related Forums