Windows XP Cookbook (Cookbooks)
Problem
XP's built-in Windows Firewall is blocking programs from using the Internet, such as instant messaging programs or FTP software that you want to use. Solution
Discussion
The moment you connect to the Internet, you're in some danger of intrusion, especially if you have a broadband connection. PCs with broadband connections are tempting targets because their high-speed connections are ideal springboards for attacking other networks or web sites. Whenever you're connected, your system is among many constantly being scanned by automated probes looking for vulnerable PCs. One of the best ways to protect yourself against these probes and more targeted attacks is to use a firewall. Firewall software sits between you and the Internet and acts as a gatekeeper of sorts, only allowing nonmalicious traffic through. In SP2, XP's firewall, called the Windows Firewall, is turned on by default.
The Windows Firewall offers protection from inbound threats by blocking inbound connections. But a variety of software, such as instant messaging programs and FTP software, need to be able to accept inbound connections, and the firewall blocks them from working. Usually, but not always, the first time you run one of these programs, you'll get a warning from the Windows Firewall. The warning will show you the name of the program and the publisher, and will ask if you want to keep blocking the program. If you'd like to allow the Windows Firewall to let the program use the Internet, click Unblock. To keep blocking the program, click Keep Blocking. The Ask Me Later choice doesn't really ask you later, as it implies. Instead, it lets the program accept incoming connections for just this one time when you run it. After you exit, the next time you run the program, you'll get the same warning. Unfortunately, though, the Windows Firewall does not always pop up this alert when it blocks an inbound connection. So, you might find that some programs inexplicably don't work with the firewall on, but you won't get a warning about them. In that case, you can manually tell the Windows Firewall to let it through by adding programs to its exceptions list, as explained in the recipe. The Windows Firewall offers basic Internet security by stopping all unsolicited inbound traffic and connections to your PC and network, unless your PC or another PC on the network initially makes the request for the connection. However, it will not block outgoing requests and connections, so you can continue to use the Internet as you normally would for browsing the web, getting email, using FTP, or similar services. The Windows Firewall has one serious drawback: it won't protect you against Trojans, such as the Back Orifice Trojan. Trojans let other users take complete control of your PC and its resources. For example, someone could use your PC as a launch pad for attacking web sites and it would appear you were the culprit, or he could copy all your files and find out personal information about you, such as your credit card numbers if you store them on your PC. The Windows Firewall won't stop Trojans because it blocks only incoming traffic, and Trojans work by making outbound connections from your PC. To stop Trojans, get a third-party firewall. The best is ZoneAlarm see Recipe 13.14, about configuring ZoneAlarm for details. When you install XP SP2, you're automatically protected because it turns on the Windows Firewall. (It's not turned on by default in XP versions before SP2.) There's a chance, though, that the firewall has been turned off. To make sure it's turned on, click Security Center from the Control Panel. When the Security Center appears, there should be a green light next to the Firewall button, and it should say On. If it's not on, click the Windows Firewall icon at the bottom of the screen, click On, and then click OK. That will turn it on. See Also
Recipe 13.13 on tracking your firewall activity with the Windows Firewall log; Recipe 13.14 on using the ZoneAlarm firewall; MS KB 875356, "How to configure the Windows Firewall feature in Windows XP Service Pac 2," and MS KB 875357, "Troubleshooting Windows Firewall settings in Windows XP Service Pack 2." |