Article ID: 889740 - View products that this article applies to.
This article is Part 6 of the Windows XP Service Pack 2 - Step by Step guide. This article describes the new Windows Firewall in Microsoft Windows XP Service Pack 2 (SP2).
To view the other articles in the Windows XP Service Pack 2 - Step by Step guide, see the Microsoft Knowledge Base articles that are listed in the "References" section.
The Windows XP Service Pack 2 - Step by Step guide includes the following topics:
Part 1: Better security with Service Pack 2 Part 2: Installing Service Pack 2 Part 3: The new Security Center Part 4: Automatic Updates Part 5: Virus protection Part 6: Windows Firewall Part 7: Protecting against buffer overflows Part 8: Improvements in Internet Explorer and Outlook Express Part 9: Uninstalling Service Pack 2
Part 6: Windows FirewallInternet users do not always realize that an Internet connection is bidirectional. In the same manner that you can access other computers when you are online, other computers can access yours. This means that there is a constant threat of attack. That is why computers should never connect to the Internet without the protection of a firewall.
When you install Windows XP SP2, the new Windows Firewall is automatically activated for all network connections, regardless of whether there is already another desktop firewall on the computer. Windows Firewall blocks all unsolicited traffic and lets desired network traffic to pass as normal.
The firewall lets you surf the Internet, send e-mail, download files, and communicate with other computers in a small, private network. If the computer receives an unsolicited request, Windows Firewall blocks the connection. Rules are created so that the firewall can identify which connections should be allowed and which should be blocked. Some programs, such as Internet Explorer, set the rules internally. In other cases, you must define exceptions manually.
Modifying firewall settingsYou can modify the firewall settings at any time. To modify firewall settings, use the following methods:
Activating and deactivating the firewall
Installing another firewallIf you want to use another desktop firewall, you must deactivate the Windows Firewall. If two firewalls are activated at the same time, neither will operate correctly. The Security Center will note this conflict and notify you accordingly.
Collapse this imageExpand this image
Setting exceptionsSome programs and games need to exchange information to operate correctly. If you wish to play a game against other users on the Internet, or use a chat service, this information is transmitted through incoming ports on the computer. However, this only works if these ports are open.
To prevent Windows Firewall from blocking all traffic, you must specify trusted programs in the list of exceptions. There are several methods of doing this.
Defining exceptions "on the fly"Windows notifies you that it is blocking a program. You then have three options:
Creating exceptions manually
Automatic exceptionsFor some programs, such as Windows Messenger, Windows automatically creates rules. These are then automatically added to the list of exceptions.
Modifying the scopeIf you set an exception for the firewall, this automatically applies to all computers worldwide. However, you can limit the exceptions by changing the scope.
Problems with file and printer sharingBy default, if you work at a stand-alone computer, file sharing and printer sharing are blocked. This section does not apply to you. However, if an Internet-enabled computer is connected to a network, file sharing and printer sharing is set as an exception for the subnet scope during installation of Windows XP SP2.
Important This setting makes file and printer sharing visible worldwide, even when Windows Firewall is activated.
The computer must only be available for internal LAN sharing and must establish a direct connection to the Internet through a modem, ISDN, or DSL. In addition, ICS (Internet Connection Sharing) must be deactivated on this computer. This does not apply to DSL users who already have a firewall integrated in their DSL modem or who use a DSL router.
Collapse this imageExpand this image
There is a workaround for this problem by setting a custom configuration for file and printer sharing.
For more information about the other topics in the Windows XP Service Pack 2 - Step by Step guide, click the following article numbers to view the articles in the Microsoft Knowledge Base:
889735This article is a translation from German. Any subsequent changes or additions to the original German article may not be reflected in this translation. The information that is contained in this article is based on the German-language versions of this product. The accuracy of this information relative to other language versions of this product is not tested within the framework of this translation. Microsoft makes this information available without warranty of its accuracy or functionality and without warranty of the completeness or accuracy of the translation.
(http://support.microsoft.com/kb/889735/EN-US/ )Windows XP Service Pack 2 (Part 1)
(http://support.microsoft.com/kb/889736/EN-US/ )Installing Service Pack 2 (Part 2)
(http://support.microsoft.com/kb/889737/EN-US/ )The new Security Center (Part 3)
(http://support.microsoft.com/kb/889738/EN-US/ )Automatic Updates (Part 4)
(http://support.microsoft.com/kb/889739/EN-US/ )Virus protection (Part 5)
(http://support.microsoft.com/kb/889741/EN-US/ )Protecting against buffer overflows (Part 7)
(http://support.microsoft.com/kb/889742/EN-US/ )Improvements in Internet Explorer and Outlook Express (Part 8)
(http://support.microsoft.com/kb/889743/EN-US/ )Uninstalling Service Pack 2 (Part 9)
Article ID: 889740 - Last Review: February 6, 2007 - Revision: 2.4