If you're running Windows XP Service Pack 2 (SP2) the Windows Firewall is turned on by default. This means that most programs will not be allowed to accept unsolicited communications from the Internet unless you choose to list those programs as exceptions. There are two programs that, by default, are already added to the exceptions list and can accept unsolicited communications from the Internet: Files and Settings Transfer Wizard and File and Printer Sharing. Because firewalls restrict communication between your computer and the Internet, you might need to adjust settings for some other programs that prefer an open connection. You can make an exception for these programs, so that they can communicate through the Windows Firewall. Allowing Exceptions—the RisksEach time you allow an exception for a program to communicate through Windows Firewall, your computer is made more vulnerable. To allow an exception is like poking a hole through the firewall. If there are too many holes, there's not much wall left in your firewall. Hackers often use software that scans the Internet looking for computers with unprotected connections. If you have lots of exceptions and open ports, your computer can become more vulnerable. To help decrease your security risk: | • | Only allow an exception when you really need it. | | • | Never allow an exception for a program that you don't recognize. | | • | Remove an exception when you no longer need it. |
Allowing Exceptions Despite the RisksSometimes you might want someone to be able to connect to your computer, despite the risk—such as when you expect to receive a file sent through an instant messaging program, or when you play a multiplayer game over the Internet. For example, if you're exchanging instant messages with someone who wants to send you a file (a photo, for example), Windows Firewall will ask you if you want to unblock the connection and allow the photo to reach your computer. Or, if you want to play a multiplayer network game with friends over the Internet, you can add the game as an exception so that the firewall will allow the game information to reach your computer. To add a program to the exceptions list 1. | Click Start and then click Control Panel. | 2. | In the control panel, click Security Center, and then click Windows Firewall. | 3. | On the Exceptions tab, under Programs and Services, select the check box for the program or service that you want to allow, and then click OK. |
 Windows Firewall Exceptions tab If the program (or service) that you want to allow is not listed 1. | Click Add Program. | 2. | In the Add a Program dialog box, click the program that you want to add, and then click OK. The program will appear, selected, on the Exceptions tab, under Programs and Services. | 3. | Click OK. |
Tip If the program (or service) that you want to allow is not listed in the Add a Program dialog box click Browse, locate the program that you want to add, and then double-click it. (Programs are usually stored in the Program Files folder on your computer.) The program will appear under Programs, in the Add a Program dialog box. As a Last Resort, Open a PortIf you still do not find the program, you can open a port instead. A port is like a small door in the firewall that allows communications to pass through. To specify which port to open, on the Exceptions tab, click Add Port. (When you open a port, remember to close it again when you are done using it.) Adding an exception is preferable to opening a port because: | • | It is easier to do. | | • | You do not need to know which port number to use. | | • | It is more secure than opening a port, because the firewall is only open while the program is waiting to receive the connection. |
Advanced OptionsAdvanced users can open ports for, and configure the scope of, individual connections to minimize opportunities for intruders to connect to a computer or network. To do this, open Windows Firewall, click the Advanced tab, and use the settings under Network Connection Settings.
| |
