Choosing the Best Windows XP Firewall

A firewall is one of the most important elements in computer networking security. It blocks unauthorized access to your computer, and prevents unauthorized items from going out of it. By default, Windows has its own firewall installed and activated when the Windows XP operating system is fully functioning.

Some may find Windows Firewall to be inadequate for stricter control of security, while others may find it adequate for their needs. There are also third party firewall programs for Windows XP that are FREE and offer more control than the default Windows Firewall.

Before switching from one firewall to another, this article helps you choose the best firewall for your Windows installation by telling you what will happen when you switch or use different firewalls. In this way, you will not waste time and avoiding damaging your Windows XP installation when switching from one firewall to another.

How Windows Firewall Works

A lot of Windows XP users still do not completely understand how Windows Firewall works. Understanding how it works will enable us to develop a better, simple and tough security plan for networking security.

Windows does not provide an in-depth and pictorial explanation. I will show you one below:

It assumes that an attack to your computer comes from outside the network. This is true in most cases, but there is a rare exception (such as when your computer is already infected with a virus or malware), which will be discussed later. Windows Firewall blocks unsolicited incoming requests trying to connect to your computer. When one appears, it shows a warning on your screen so you can decide if you are going to allow that particular software to connect to your computer.

Note that this warning may be deactivated, so if you want the Windows firewall to show warnings, go to Control Panel -> Windows Firewall -> Exceptions, and check “Display a notification when Windows Firewall blocks a program.”

A basic discussion of how to use Windows Firewall is beyond the scope of this article and you may refer to standard Microsoft documentation here.

If Windows XP recognizes a valid request, it will allow the connection to your computer. Based on the above diagram illustrating Windows Firewall’s behavior, it will only block incoming connections to your computer. It will not block outgoing connections. So if some malicious program installed on your computer (like a Trojan worm) tries to send stolen passwords and precious information stored there to a remote server, Windows Firewall cannot block this connection.

{mospagebreak title=Deciding Factors and Alternative Firewalls}

Now that we have enough information about the default Windows Firewall, we will try to decide which factors are crucial in the selection of appropriate firewalls which may (or may not) replace Windows Firewall.

One of the most important is cost. Since Windows Firewall comes at no additional charge, you should consider using a free firewall as well. There are a lot of free firewalls compatible with Windows XP (which I will cover later). Note that when you use a third-party firewall, you need to disable the Windows Firewall. This is advised by Microsoft.

The second most important factor is the ability to block outgoing connections. Since the Windows XP Firewall does not have the full ability to block outgoing Trojan connections, a replacement firewall should do this job.

The third deciding factor is the usability of the firewall; this is where most third party firewalls fail the test (even the award-winning ones). They are simply DIFFICULT to use. Blocking both incoming and outgoing connections can be nice, but not even the best firewall can decide which connections to allow.

Aside from the Windows XP firewall, I use Comodo Firewall. Unfortunately, it introduces some serious problems with my existing setup. Aside from the complexity and difficulty of configuring the firewall, it displays annoying pop-ups. The worst thing is that you can accidentally block clean connections.

Windows XP normally allows outbound connections initiated by svhost processes, and shutting it down means a failure to your normal Windows XP operation. I’ve tried even setting Comodo Firewall normal (non-aggressive mode), but it still won’t work for me.

Fixing issues with Comodo Firewall is beyond the ability of an average computer user wanting more network security. An alternative solution is necessary to provide more security without adding complexities.

Of course, a third-party Firewall like Comodo is great for advanced users that know what they are blocking; I do not recommend it for beginners or even average users. Experimenting with a third-party firewall can make Windows XP completely unusable. I’ve even tried experimenting a bit, but I find the computer freezes and I cannot connect to the Internet.

Two other factors you should consider when choosing a firewall are full compatibility with Windows XP (or whichever version of the operating system you are using) and full compatibility with the software you have installed on your system. 

Full Compatibility with Windows XP: Third-party firewalls, when installed, when installed, can introduce some serious incompatibility issues with Windows XP that require the user to make drastic changes to either the firewall software or the operating system. An ideally compatible firewall should run without interfering with all of the required or normal Windows processes.

Full Compatibility with the Software Installed: Aside from being compatible with Windows XP, it is also very important that the third-party firewall is also compatible with the existing software installed in the computer. For example, if the computer has an anti-virus program installed, the firewall should not be in conflict with its normal operations.

{mospagebreak title=What is the Best Firewall for Everybody?}

I do not have much time to diagnose third-party firewall issues; it is enough that I tried and saw it to be difficult. So the best firewall is still the Windows XP firewall.

Based on my years of experience, Windows XP Firewall is still the most intelligent firewall. It can block unsolicited connections trying to connect to your computer while allowing vital Windows networking processes to pass without disturbing you or affecting your networking operations.

Regarding the problems with malicious programs and Trojans trying to send data outside of your computer (outbound connections) without your permission, a solution is needed.

The first solution is to buy a reputable anti-virus. Windows XP does not have a default anti-virus installed, so IT IS HIGHLY RECOMMENDED THAT YOU BUY ANTI-VIRUS SOFTWARE FOR YOUR COMPUTER. Buy a trusted anti-virus solution; do not simply use the FREE ones.

Once you’ve bought anti-virus software, scan your computer on a daily basis. If you regularly connect to the Internet, which is an unsafe place, your computer is at increased risk of contracting an infection, particularly Trojans.

You can visit this Google link to help you decide which is the best anti-virus solution for you. 

{mospagebreak title=Windows Firewall Plus Trusted Antivirus Equals Protection}

If you are going to install anti-virus on your computer, it will scan and detect malicious programs installed. So if a Trojan (or even some spyware) is trying to execute (i.e. initiate a connection to a remote server), the real-time scanning of the anti-virus will try to detect it and block those programs.

The real-time scanning will analyze all running processes in your computer, which cannot be done by Windows Firewall. If the intent is malicious, or if it tries to run a program, an anti-virus will stop it and clean the infected file. This is why anti-virus software is very useful and should be installed in the computer — to protect your installed, clean programs as well as your privacy.

An additional protection to the above diagram can be added to your computer by installing the latest browsers. These browsers fix security problems, and will show a warning if you have visited malware sites which have tried to install some programs into your computer.

Some users are still not educated on the topic of how dangerous it is to your computer’s security to visit this type of site. Although a lot of browsers give you a warning, it is highly advisable to always turn on the firewall, use anti-virus software and keep away from those sites that display the dreaded malware signs (a red one in Firefox, for example).

[gp-comments width="770" linklove="off" ]