The Pre-Service Pack 2 WindowsXP Firewalls' only major failing was that it had no way of filtering data leaving your network, which could open you up to Trojan horse programs which, once unwittingly installed, may attempt to send personal information out of your network. Service Pack 2 for Windows XP beefs up the firewall slightly, allowing it to monitor and regulate programs within your PC that attempt to act as servers (allowing machines on the Internet to connect to them). While the new XP firewall can block unauthorized programs from acting as servers, it cannot prevent other malicious software from connecting to the Internet directly. For this reason, you should keep up-to-date antivirus software installed.

If you have an application on your computer or inside your network which you would like to allow access to from the Internet, for example a web page or FTP server, you must configure a service or exception for it.

Services are the tool the Windows XP firewall uses to designate certain ports which should be permanently opened in the firewall, allowing data into the network. Exceptions are a new feature of the Service Pack 2 firewall, and allow specific programs the right to act as servers, accepting connections from the Internet.

Configuring Services

In Pre-Service Pack 2 Windows XP, click the 'settings' button at the bottom of the 'advanced page of your Internet connection properties.

If you have applied Service Pack 2, virtually the same options screen can be found by going to 'start\control panel\windows firewall' then clicking the 'advanced' tab, highlighting your Internet connection and hitting 'settings.'

Each of the buttons on the screen represents a built in service which you can enable to allow access to a specific port inside the firewall. For example, highlight the 'web server (HTTP)' list item, and hit the 'edit' button.

As you see, there is a description of the service, which is just for your benefit. The 'name or IP address of the computer hosting this service on your network' box needs to be filled with the name of the computer you are using to run the application you want to give outside access to.