Internet Connection Firewall

Windows XP ships with a basic built-in firewall. The firewall helps protect the computer from outside attacks on the internet. A firewall controls which network traffic is allowed in and out of a computer. It does this by opening and closing ports.

Use the buttons below to navigate through the lesson

When communications take place between two machines different port numbers are used depending on the service. As an example a Web Browser will communicate with a Web Server on port 80, which is the default port for HTTP (The language used to display web pages).

There a thousands of port numbers available many of the lower range numbers being reserved for common services. A few of the common port numbers are listed below.

Port 80:    HTTP (Web Pages)
Port 21:    FTP    (File Transfer Protocol)
Port 25:    SMTP (E-Mail)
Port 110:   POP3   (E-Mail)
Port 443:   SSL     (Secure Web Pages)

A hacker can sometimes compromise security on a machine by gaining access to the machine through an unused port. A Trojan horse virus opens a port on a client machine allowing a hacker to gain access to the machine.  A firewall can be configured to allow only specific ports in and out of the computer thus greatly reducing the risk of a cracker gaining access.
To enable and configure the Internet Connection Firewall navigate to the properties of your network connection and selected Advanced.

Check the Internet Connection Firewall box to enable the firewall.

And select Settings to configure it.

A list of services allowed to connect to this machine is shown. New services can be added by selecting Add.

And filling out the details for the service.

For example this machine is hosting a Puma chat room server. Click on OK to add the service.

Connections on port 270 are now allowed to connect to this machine.

The Security Logging Tab specifies settings relating to the security log. For example you can log any unsuccessful connections.

The ICMP tab can be used to configure ICMP packets on the computer. ICMP packets are used during ping requests.

The options for the Internet Connection Firewall have been improved slightly for Windows XP Service Pack 2 however the principals remain exactly the same.  Although the firewall is good enough to protect home users, for larger corporate networks and servers a third-party firewall should be used such as Microsoft ISA server.