Setting Up a Firewall: Windows XP/ 2003 Server
Last updated
August 14, 2009 10:52:22 AM PDT
Learn how to set up Windows XP/ 2003 Server firewall to protect your computer against malicious activity.
The Windows XP/ 2003 Server firewall prevents access to network ports from remote connections. Since the firewall rejects incoming packets on all ports including ICMP (Internet Control Message Protocol, which lets ping commands test Internet connections), enable Incoming Echo Request before using UCSD network services.
Note: Before starting, disable all firewalls on your machine. Don't use Remote Desktop Connection (RDC) or a similar program to install firewall software. Directly connect to your Windows machine, install the firewall, configure it to allow connections to and from RDC, and then reconnect RDC. Otherwise, the firewall blocks the remote connection, and you can't access your machine.
Expand all
- Right-click the My Network Places icon on the desktop. If the icon isn't on your desktop, open the Start menu, click My computer, and then right-click My Network Places.
- Select Properties.
- In the Network Connections window, find the network device icon with the word "Enabled" in its description.
- Right-click on it and choose Properties.
- In the Connection Properties window, select the Advanced tab.
- Select the Protect my computer and network by limiting or preventing access to this computer from the Internet check box.
- Click the Settings button.
- Select the pre-defined services in the list under the Services tab that you want to allow access. For more information about these and the features on the Security Logging tab, see step 8.
- Click the ICMP tab and select the Allow incoming echo request check box. This lets ACT/ Network Security verify your computer security on UCSD's network.
- If you don't want more advanced exceptions or don't have a server on your local machine, click OK to enable the firewall. You will lose your changes if you close this window without clicking OK. If you want to add more advanced settings, continue to the next section without clicking OK.
- See a list of common applications and the ports they use.
- Click the Services tab to view pre-defined services. Select check boxes to give inbound traffic access to certain services. Each service has at least 1 port associated with it. Since open ports decrease firewall effectiveness, only select check boxes for services you need.
- To open unlisted ports, click the Add... button.
- Enter a description of the additional service in the respective field.
- Enter your computer's IP address in the Name or IP address field.
- Enter the port number associated with the service in both the External Port and Internal Port fields, and select the TCP or UDP button. This example demonstrates how to open the TCP port 5190 for AOL Instant Messenger (This step is not necessary for most AOL Instant Messenger communications).
- Click OK.
- To enable firewall logging (for viewing denied incoming connections) click on the Security Logging tab.
- Select the Log dropped packets check box.
- If necessary, use the Browse... button to change the location of the log file from the default: C:WINDOWSpfirewall.log
- Click OK to save changes made in the Advanced Settings window. You will lose your changes if you close this window without clicking OK.
- After you enable your firewall, the network connection icon lists the word "Firewalled" after the word "Enabled."
Expand all
