Windows XP SP2 Firewall

AndyC · 5 Jul 2006 at 18:31

Having a discussion at work regarding this, now I believe if your on a lan behind a hardware firewall or home router/firewall its fine and worth having on.

However, if you are connecting direct to the internet via usb modem you would want something stronger.

The aguement is that when you probe XP SP2 FW when on a USB modem it comes back all ports steath and thus secure because of this.

Now I realise that it always allows everything out, its incomings that's the issue, as even on a home router/firewall everything can go out.

Can anyone nail down why it's not a good idea or is it OK to use it, other than because it's microsoft etc

AndyC · 6 Jul 2006 at 07:14

Been doing some digging, it appears one of the issues is that if logged on with admin rights applications can auto open ports or even turn it off.

Where as 3rd party that wouldn't happen, On a domain that can be controlled by GP but less so on standalone machines.

FrankJH · 6 Jul 2006 at 07:23

At every work site I have been too ( NHS, and Financial ones) everyone who has a hardware firewall completely turns off XP firewall - if anything can get through a hardware variety it will not even notice the XP one so its pointless.

Again with my netgear router at home I use the inbuilt router and turn off the XP one as its redundant and can interfere with apps

With a usb modem i would leave it on as these invariably dont have firewalls. Unless of course you get a better s/w based one from a 3rd party

bitslice · 6 Jul 2006 at 07:32

umm, can't see the point in running it if there is a H/W firewall in place ?

It's OK for most people for general surfing.
but you'll get hacked if you go looking at pron :-)

I wouldn't rely on any firewall as a single solution, if you can get a payload in the right place you can go through any firewall.

Oracle · 6 Jul 2006 at 09:12

I leave it on. Its only small and doesnt take up any major resources.

The router does a good job tbh