Related Links
 Firewall Overview
 Network Security: How to Meet Minimum Standards
 Networks Menu
 Firewall Information and Setup for Advanced Users
 ACT Help Desk Services
 Departments
 ACT

 Blink Home > Technology > Setting Up a Firewall: Windows XP/ 2003 Server
Setting Up a Firewall: Windows XP/ 2003 Server  
 
Summary: Learn how to set up Windows XP/ 2003 Server firewall to protect your computer against malicious activity.

The Windows XP/ 2003 Server firewall prevents access to network ports from remote connections. Since the firewall rejects incoming packets on all ports including ICMP (Internet Control Message Protocol, which lets ping commands test Internet connections), enable Incoming Echo Request before using UCSD network services.

Note: Before starting, disable all firewalls on your machine. Don't use Remote Desktop Connection (RDC) or a similar program to install firewall software. Directly connect to your Windows machine directly, install the firewall, configure it to allow connections to and from RDC, and then reconnect RDC. Otherwise, the firewall blocks the remote connection, and you can't access your machine.

What to do How to do it
1 Begin initial configuration.
  1. Right-click the My Network Places icon located on the desktop. If the icon isn't on your desktop, open the "Start" menu, click My computer, and then right-click My Network Places.
  2. Select Properties.

    Task screenshot
2 Continue setup.
  1. In the "Network Connections" window, find the network device icon with the word "Enabled" in its description.
  2. Right-click on it and choose Properties.

    Task screenshot
3 Configure more advanced settings.
  1. In the "Connection Properties" window, select the Advanced tab.
  2. Select the Protect my computer and network by limiting or preventing access to this computer from the Internet check box.
  3. Click the Settings button.

    Task screenshot
4 Change settings in Advanced Settings window.
  1. Select the pre-defined services in the list under the "Services" tab that you want to allow access. For more information about these and the features on the "Security Logging" tab, see step 8.

    Task screenshot
5 Allow echo requests.
  1. Click the ICMP tab and select the Allow incoming echo request check box. This lets ACT/ Network Security verify your computer security on UCSD's network.
  2. If you don't want more advanced exceptions or don't have a server on your local machine, click OK to enable the firewall. You will lose your changes if you close this window without clicking OK. If you want to add more advanced settings, continue to the next section without clicking OK.
  3. See a list of common applications and the ports they use.

    Task screenshot
6 Open an unlisted port.
  1. Click the Services tab to view pre-defined services. Select check boxes to give inbound traffic access to certain services. Each service has at least 1 port associated with it. Since open ports decrease firewall effectiveness, only select check boxes for services you need.
  2. To open unlisted ports, click the Add... button.

    Task screenshot
7 Describe the service.
  1. Enter a description of the additional service in the "Description of service" field.
  2. Enter your computer's IP address in the "Name or IP address" field.
  3. Enter the port number associated with the service in both the "External Port" and "Internal Port" fields, and select the TCP or UDP button. This example demonstrates how to open the "TCP port 5190" for AOL Instant Messenger (this step is not necessary for most AOL Instant Messenger communications).
  4. Click OK.

    Task screenshot
8 Enable logging.
  1. To enable firewall logging (for viewing denied incoming connections) click on the Security Logging tab.
  2. Select the "Log dropped packets" check box.
  3. If necessary, use the "Browse..." button to change the location of the log file from the default: C:WINDOWSpfirewall.log
  4. Click OK to save changes made in the "Advanced Settings" window. You will lose your changes if you close this window without clicking OK.

    Task screenshot
9 Finish the procedure.
  1. After you enable your firewall, the network connection icon lists the word "Firewalled" after the word "Enabled."

    Task screenshot


Questions? Contact the ACT Help Desk, (858) 534-1853.


Notice: UCSD Minimum Network Connection Standards require firewall and antivirus protection for devices connected to UCSD's network. Regular backups security patch updates also help protect your system.


  Print
Print this page		   Email
Share this page		   Add to MyBlink
Save this link		   Get notified when this page is updated
Notify on change		   Add a sticky note to this page
Add a note		  
Get what you wanted?    yes   no   Comments.
Last reviewed/updated on May 14, 2008 (see more info)
Blink A-Z Index:   0-9  A B C D E F G H  I  J K L M N O P Q R S T U V W X Y Z 


Blink Home  Site Map  Help  Accessibility Tips  Privacy Statement  Content Manager  RSS Feed 


Copyright ©2008 Regents of the University of California. All rights reserved.
Official Web Page of the University of California, San Diego

Blink version 1.7 12-17/2007 Blink Usability Group