4.4 Firewalls

A firewall keeps remote users from connecting to your computer, while letting you connect to remote servers. A Windows XP system includes a number of services, such as file sharing, that a remote attacker can use to access your system. In some cases, flaws in Windows can let a remote attacker gain complete control over your system (this is why it's important to run Windows Update frequently, so that you have the latest security updates).

Most wireless access points that have router capabilities also have built-in firewalls (and the firewall is typically enabled by default). But when you are on the road, you should enable Windows XP's firewall, because other users on the wireless network will be able to access your computer if you don't.

To enable the firewall for your wireless connection:

  1. Open the Network Connections folder (Control Panel Network and Internet Connections Network Connections).

  2. Right-click on your wireless connection and select Properties. When the connection Properties dialog appears, select the Advanced tab (Figure 4-17).

    Figure 4-17. Enabling Windows XP's firewall
  3. Check the box labeled "Protect my computer and network by limiting or preventing access to this computer from the Internet." This enables the basic firewall functionality.

  4. Click Settings. This brings up the Advanced Settings dialog (Figure 4-18). Use the Services tab to configure the inbound services (such as Remote Desktop) that you want other users to have access to. Use the Security Logging tab to configure how connection attempts and failures are logged. The ICMP tab allows you to enable Internet Control Message Protocol (ICMP) requests, which are employed when remote users apply diagnostic utilities such as ping to verify whether your computer is accessible. By leaving these disabled, you make it a little harder for attackers to find your computer or to determine potential vulnerabilities.

    Figure 4-18. Configuring the firewall's advanced settings
  5. Click OK to dismiss the Advanced Settings dialog, then click OK to dismiss the connection Properties dialog.

To see a log of connection attempts, open the file C:\Windows\pfirewall.log in a text editor.