i was wondering what some of the people here think of the built in xp firewall.some say it's terrible,while others swear by it.i don't know enough about firewalls to answer,so i'd like to hear what you guys opioions are on it,cheers

I think it's grand and I use it. The only problem is it's a major pain with conflicts from other firewall and worm protection programs.

I've never had a problem with using it. From what I've heard, it's actually a Symantec (Norton) based firewall. I use NIS 2005 firewall though.

I like it.

And I love arguing with people that don't. Bring it on!

For the average end-user, the XPSP2 firewall is fine if the end-user is relatively computer-saavy. To elaborate, most people have strong antivirus protection that will protect them from any malware that might want to create outbound network connections (which the XP firewall does not inhibit). So that shouldn't be an issue.

For incoming requests, if you recognize what program wants to accept incoming connections--allow it. If you don't, find out more information about it before allowing it.

XP (SP2)'s firewall is great for what it was meant to be: the most basic protection possible and necessary on today's internet. If you want something more, it's available. Heck, XP's firewall is even a lot more configurable if you get bored one day. Check out netsh on the command line.

I like it.

I dont like it. But thats mainly because its not right for me. Whereas, it is usually fine for the normal everyday kind of user.

It is not based in any part off of norton.

Speaking of advanced windows firewalls, did you know you can create your own crude firewalling solution in 2000 also? http://homepages.wmich.edu/~mchugha/w2kfirewall.htm

For some its fine, but for many of the people I see its not enough. For them only handcuffs, and a pair of wire cutters would make their pc safe. I tell them to use something that also blocks outgoing, stop clicking next without reading, and pay attention to what the firewall asks you. For most that still wont be of any help.

I dont like it. But thats mainly because its not right for me. Whereas, it is usually fine for the normal everyday kind of user.
I agree totally. I personally sit behind my university's firewall, and the XP firewall is just a minor intermediary. At home I'm behind PF on FreeBSD.


Speaking of advanced windows firewalls, did you know you can create your own crude firewalling solution in 2000 also? http://homepages.wmich.edu/~mchugha/w2kfirewall.htm
That snap-in is also available in XP. The same instructions should apply.

who needs firewall long as you have an antivirus and email client that doesnt download malicious content.

who needs firewall long as you have an antivirus and email client that doesnt download malicious content.
If you're connected to the internet, you need a firewall. You don't have to download anything to be taken over--as was made apparent by the Sasser and Blaster worms. Antivirus programs don't always have updated definitions fast enough to keep your computer safe.

Use a firewall.

There are people constantly searching for open ports on the Internet to send them a surprise gift, if you don't want a surprise. Like cpugeniusmv said, use a firewall!

The XP SP2 firewall is more than sufficient.

One doesn't need outbound blocking. If they do, they have already lost.

The thing is, some noobs might need to be protected from those that need outbound blocking, while they learn about the net. If you follow me?

For the basic user, its enough ... i have it switched off, coz i have no use for it, not that i dont like it, just no need for it.

If someone wants you bad enough, nothing to do. They could easily use any port thats open.. 80.. bt port.

With firewall, ports are only opened by your applications that you are using! They can't find an open port to send, that's the difference.

If that was true, no one would get virus or malicious stuff. IE wouldnt be as exposed. Basically i have no firewall other then the router. So windows xp is off and only running norton antivirus. I havent gotten any virus since i been online since 93.

Just because a port is open doesn't mean someone can "send something through." In most cases there has to be a service running on some port that is either vulnerable to attack, or is a trojan planted by some other means.

Many people are offering File/Printer Sharing over the internet unwittingly. That's a problem most firewalls would take care of, but a firewall isn't necessarily required to prevent access via that route.

I'm not saying there's always a service, and that a closed (read: not stealthed) port can't be attacked...it's just much less common.