-
Q. What is a firewall?
A. An Internet firewall is a piece of software or hardware that helps screen out hackers, viruses, and worms that try to reach your computer over the Internet. If you are a home user or small-business user, installing a firewall is the most effective and important first step you can take to help protect your computer. It is important to have a firewall and antivirus software turned on before you connect to the Internet.
Q. Why do I need a firewall?
A. If your computer is not protected when you connect to the Internet, hackers can gain access to personal information on your computer. They can install code on your computer that destroys files or causes malfunctions. They can also use your computer to cause problems on other home and business computers connected to the Internet. A firewall helps to screen out many kinds of malicious Internet traffic before it reaches your system.
Some firewalls can also help to prevent others from using your computer to attack other computers without your knowledge. Using a firewall is important no matter how you connect to the Internet — dial-up modem, cable modem, or digital subscriber line (DSL or ADSL).
Q. How can I tell if my computer already has a firewall?
A. If you have Microsoft Windows® XP Service Pack 2 (SP2) running on your computer, you can check to see if your firewall is turned on through the Windows Security Center:
1.
Click Start, and then click Control Panel.
2.
Click Security Center, and then click Windows Firewall.
If you have Windows XP, but you don't have Service Pack 2 running on your computer, you can download it by visiting the Microsoft Update Web site. You can also check to make sure the firewall is enabled with the following steps:
1.
Click Start, and then click Control Panel.
2.
Click Network and Internet Connections, and then click Network Connections.
Tip If the Network and Internet Connections category is not visible, click Switch to Category View on the upper left of the window.
3.
Under the Dial-Up or LAN or High Speed Internet category, click the icon to select the connection that you want to help protect.
4.
In the task pane on the left, under Network Tasks, click Change settings of this connection (or right-click the connection you want to help protect, and then click Properties).
5.
On the Advanced tab, under Internet Connection Firewall, make sure the box is checked next to Protect my computer and network by limiting or preventing access to this computer from the Internet. If a check mark is in the box, the firewall is on. If the box is clear, the firewall is off and your computer is potentially vulnerable on the Internet.
If you have a different version of Windows, such as Windows 2000, Windows Millennium Edition, or Windows 98, you should obtain a hardware or software firewall from another company and install it. You can check the manuals of your home networking devices, such as wireless access points or broadband routers, to determine if they include built-in hardware firewalls. If you are uncertain whether a software firewall has been installed on your computer, you can check in the All Programs folder. Click Start, and then click All Programs. Look for a firewall program that is installed. Some common brand names for software firewalls for home users include McAfee, Symantec, and Tiny Personal Firewall.
Q. I have a version of Windows that does not have a built-in firewall. What should I do?
A. Versions of Windows before Windows XP did not come with a built-in firewall. If you have a computer with an earlier version of Windows, such as Windows 2000, Windows Millennium Edition (Me), or Windows 98, you should get a firewall and install it. You can use a hardware firewall or a software firewall. The following resources provide more information about your firewall options.
Hardware Firewalls
Many wireless access points and broadband routers for home networking have built-in hardware firewalls, which provide good protection for most home networks. The Microsoft Broadband Networking Wireless Base Station is one example of a wireless access point with a built-in hardware firewall and other integrated home networking features.
Software Firewalls
Software firewalls are a good choice for single computers, and they work well with Windows 98, Windows ME, and Windows 2000. (Windows XP has a built-in firewall, so an additional firewall is not necessary.)
Software firewalls are available from other software companies. For special offers on antivirus and firewall packages, visit our Security software: Downloads and trials page.
To learn more about different types of firewalls, read Why you should use a computer firewall.
Q. How can I tell which version of Windows I'm running?
A. If you are uncertain whether you have Windows XP or an earlier version of Windows
• Click Start, and then click Run.
• In the Run dialog box, type winver. Click OK.
The dialog box that appears tells you which version of Windows software you are running.
Q. How do I start using the firewall in Windows XP?
A. If you're running Windows XP SP2 the new Windows Firewall is already turned on. For more information, see Understanding Windows Firewall.
If you're not running Service Pack 2, the steps on the Protect Your PC page help you turn on the Internet Connection Firewall in Windows XP. Follow these steps if you have a single computer that you connect to the Internet.
Q. How does the Windows Firewall work?
A. The Windows Firewall monitors all network traffic on the connections for which it is enabled. For example, the firewall can monitor all traffic on your dial-up connection to the Internet. The firewall keeps track of all communications that have originated from your computer, and it prevents unsolicited traffic from reaching your computer. If necessary, the firewall dynamically opens ports and allows your computer to receive traffic that you have specifically requested, such as a Web page for which you have clicked the address.
A "port" is a networking term that identifies the point at which a type of network traffic reaches your computer. The exact ports that you open depend on the type of traffic you want to send and receive.
If you have not requested the incoming traffic, Internet Connection Firewall helps block it before it can reach your computer. For special uses, such as networking, hosting online games, or hosting your own Web server, you can select ports that you want to leave open. This allows others to make connections to your computer, but it can also reduce security.
Internet Connection Firewall is part of Windows XP Home Edition and Windows XP Professional.
To learn more read Use the Internet Connection Firewall and How to Open Ports in the Windows XP Internet Connection Firewall.
Q. What else do I need besides a firewall?
A. A firewall will not make your computer 100 percent safe. However, a firewall provides the most effective first line of defense. You should install a firewall first, and then add other security measures, such as critical software updates from Microsoft Update and antivirus software. You can use Automatic Updates in Windows XP to help make sure you are installing the available updates. See the Protect Your PC Web site for more information.
Q. Should I use the Internet Connection Firewall if I have more than one computer in a home or small-office network?
A. Yes. If you have more than one computer in a home or small-office network, you should protect every computer in the network. Enabling the Internet Connection Firewall on every connection will help prevent the spread of a virus from one computer to another in your network if one of your computers becomes infected. However, if a virus is attached in an e-mail message, the firewall won't block it and it can infect your computer. You should install an antivirus program as well.
Q. I use Internet Connection Sharing in my home network—which computers need to have a firewall?
A. All computers in your home network should be protected by a firewall. A firewall helps to prevent the spread of viruses or worms across your network if they infect one computer. A computer on the network could also become infected through a separate Internet connection, such as a laptop that is used on your home network and on public networks. Or, a virus could be introduced to a computer on your network through software installed from a CD or floppy disk.
Q. Should I enable the Windows Firewall on all computers on my home network?
A. Yes. If you have multiple network connections on any of your computers, you should turn on the firewall for each connection. If you're running Windows XP SP2, the Windows Firewall will be turned on automatically and it should not interfere with common tasks like file and print sharing. For more information, see Understanding Windows Firewall.
If you're not running Service Pack 2, the Internet Connection Firewall can interfere with file and print sharing and prevent your computer from finding other network devices. To allow these types of uses, you can manually open network ports. When network ports are left open, the protection provided by Internet Connection Firewall for your computer is reduced. "Port" is a networking term that identifies the point at which a type of network traffic reaches your computer. The exact ports that you open depend on the type of traffic you want to send and receive. For more information about which programs require you to open ports and how to manually open ports in the Internet Connection Firewall, see How to Open Ports in the Windows XP Internet Connection Firewall.
Q. My computer is part of a large business, school, or organizational network—should I enable the firewall?
A. You should follow the policy established by the network administrator for your business, school, or organizational network. In some cases, network administrators may configure all computers on the network so that you cannot turn on the firewall while your computer is connected to the network. The check box to turn on the firewall in the Windows Security Center or in the Network Connection Properties dialog box will be dimmed. In those cases, you should ask your network administrator for guidance on whether you need a firewall on your computer.
Q. I use a Virtual Private Networking connection to access a large network from home or while traveling. Should I turn on the firewall in Windows XP?
A. You should ask the network administrator for the large network to which you are connecting. You should follow the administrator's guidance on whether to turn on Internet Connection Firewall for the VPN connection. You should always turn on Internet Connection Firewall for the LAN or High Speed Internet connection or Remote Access Service (RAS) connection that you use to connect to the Internet.
Q. I have Windows XP. Can I use a firewall other than the built-in firewall?
A. Yes. Windows XP users who want different features in a firewall may use a hardware firewall or a software firewall from another company. The following vendors offer firewall products compatible with Windows XP.
• Computer Associates (12-month free trial)
• F-secure (6-month free trial)
• McAfee (90-day free trial)
• Panda Software (90-day free trial)
• Symantec (90-day free trial)
• Tiny Software: Tiny Personal Firewall
Q. Should I use both the built-in firewall and a software firewall from a different company on my Windows XP computer?
A. No. Running multiple software firewalls is unnecessary for typical home computers, home networking, and small-business networking scenarios. Using two firewalls on the same connection could cause issues with connectivity to the Internet or other unexpected behavior. One firewall, whether it is the Windows XP Internet Connection Firewall or a different software firewall, can provide substantial protection for your computer.
Q. Should I use the Internet Connection Firewall on a computer that is also behind a hardware firewall?
A. Yes. You should turn on the Windows XP Internet Connection Firewall for all computers in your home network. This helps prevent the spread of viruses or worms across your network if a computer is infected. A computer on the network could become infected through a separate Internet connection, such as one on a laptop that is used on your home network and on public networks. Or a virus could be introduced to a computer on your network by way of e-mail or software installed from a CD or floppy disk.
Q. Should I use a non-Microsoft personal firewall instead of the built-in Internet Connection Firewall?
A. If you already have a non-Microsoft firewall on your computer, you should continue to use it. If you do not have a firewall, then you have a choice. If you want a simple firewall that is very easy to configure, then you should use the Windows XP Internet Connection Firewall. If you want more advanced control over the traffic that passes through your computer and you also want to block outgoing traffic (that is the traffic from your computer out to the Internet) then choose a personal firewall from another company.
Q. I have Windows XP Home Edition. Does it have the Internet Connection Firewall?
A. Yes, both Windows XP Home Edition and Windows XP Professional have the built-in Internet Connection Firewall. The steps to turn on the firewall are identical.
Q. I do not see the Advanced tab in the Connection Properties dialog box described in the instructions to turn on the Internet Connection Firewall. Why?
A. You might not be logged on as an administrator. You must be logged on as an administrator to turn on the Internet Connection Firewall. When you first set up your Windows XP computer, the set-up procedure guides you through the process of establishing an administrator account and password. If you did not set up an administrator account, the default administrator account has the user name: Administrator and the password is blank. Do not type anything in the password field. Windows XP also provides the option to create a password reset disk, in case you forget your administrator account name and password. If you have set up a separate administrator account and password, but you have not made a reset disk, and you have forgotten the user name and password, you will be required to reinstall your operating system before you can turn on the firewall.
Q. The check box for Internet Connection Firewall in the Connection Properties dialog box is dimmed and I cannot add a check mark. What's wrong?
A. This can occur when your computer is part of a large network in a business, school, or organization, and your network administrator is preventing the use of the Internet Connection Firewall on the network.
Q. What can the Internet Connection Firewall protect against?
A. The firewall serves as the primary defense against a variety of computer worms that are transmitted over the network. A computer worm is similar to a virus, but is self-contained and can spread without the help of other programs. The Internet Connection Firewall helps to protect your computer by hiding it from external users and preventing unauthorized connections to your computer.
Q. What doesn't the Internet Connection Firewall protect against?
A. The Internet Connection Firewall in Windows XP cannot protect against viruses that spread through e-mail, such as Trojan horses, which masquerade as helpful or benign software and trick you into opening or downloading them. The firewall cannot prevent spam or pop-up ads. The firewall will not prevent access to an otherwise unsecured wireless network. However, the firewall helps to protect the computers on your network, so if an intruder were to gain access to your network, he or she could not access your personal computer.
Q. Will the Internet Connection Firewall protect my wireless network?
A. The Internet Connection Firewall will help protect a computer on a wireless network, but will not restrict access to the network itself. You should configure your wireless network to use a network key using either Wi-Fi Protected Access (WPA) or wired equivalent privacy (WEP). For more information, consult the manual for your wireless networking devices.
Q. I use a laptop in home and business networks that are protected by firewalls. What should I do when I'm traveling?
A. You should always enable the Internet Connection Firewall when connecting to the Internet using a dial-up modem or any broadband connection when you are traveling.
Q. Some of my games and other programs seem to have stopped working after I turned on Internet Connection Firewall. Why?
A. To work correctly, some programs need to have specific ports open so that traffic can pass through the Internet Connection Firewall. For a list of some of these programs and the known workarounds for them, see How to Open Ports in the Windows XP Internet Connection Firewall.
Q. I have MSN Internet service. Can I use the Internet Connection Firewall in Windows XP?
A. If you have MSN dial-up Internet service, you should upgrade to the most recent version of the dial-up connection software, MSN Explorer 9. This version fully supports Internet Connection Firewall in Windows XP for MSN dial-up Internet service users. For more information about upgrading your MSN software or securing your MSN Internet connection, contact MSN support.
Q. I have America Online Internet service. Can I use the firewall in Windows XP?
A. If you have an America Online broadband Internet connection, you can turn on the firewall that's built in to Windows following the steps on the Use an Internet Firewall page.
If you have an AOL dial-up Internet connection, it can only be protected by the Windows Firewall if you are using Windows XP Service Pack 2. If you are running Windows XP Service Pack 1 or earlier, the firewall does not interfere with the AOL connection. But you cannot configure AOL dial-up connection software in the Network Connections folder on your Windows XP computer, therefore you cannot turn on the Internet Connection Firewall for such connections. For help in securing an AOL dial-up Internet connection using Windows XP download and install Windows XP Service Pack 2 or contact AOL.
Additional information about AOL is available at the AOL Web site. For a list of technical support phone numbers visit the AOL Customer Support page.
Q. I am unable to establish a Remote Assistance connection in Windows XP after enabling the Windows firewall, could this be related?
A. This can be an issue if you enabled the firewall after sending the Remote Assistance invitation. To work around this problem, you can create a new Remote Assistance invitation while the Windows Firewall is enabled, and then send the new invitation to the expert. For more information, see Remote Assistance May Not Work if Internet Connection Firewall Is Enabled After Sending Invites.
Q. Where can I get more information about the Windows Firewall and firewalls in general?
A. To get more help with issues related to setting up a firewall on your computer or home network, see the Protect Your PC Support page or Use the Internet Connection Firewall.
The following non-Microsoft resources on the Internet provide more information about firewalls in general:
• ICSA's Firewall Buying Guide
• Home Computer Security Guide from the Carnegie Mellon Software Engineering Institute
Q. I am using Apple iTunes for Windows and other users on the local network cannot connect to my shared playlists even though they can see my iTunes shared name after I've enabled the Internet Connection Firewall. How can I share playlists?
A. To work correctly, some programs need to have specific ports open so that traffic can pass through the firewall. See How to Open Ports in the Windows XP Internet Connection Firewall for a list of some of these programs and the known workarounds for them.
M.Y.T. H
Frm MIcrosoft Site
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
Reply With Quote