The Microsoft Firewall

For reasons that are beyond me, I have decided to turn on my firewall. My Windows XP firewall, that is. I don't know why. I guess I was just filled with the paranoid fear that space aliens are going to magically jump into the wires between my OpenBSD bridge and my Windows box and steal my credit cards or something.

Personal firewalls are a great idea for most people, and though as an advanced user I can exempt myself from letting Windows tell me which ports are OK and which aren't, I have chosen to double up on the packet filters. Consider it an experiment. My hypothesis is that the Windows firewall will protect my system from threats originating from inside the network, as improbable as they are. Still, it's better than nothing.

I've been working with Windows XP more and more lately. It's the OS of choice for another department, and the guy in charge doesn't really know much about things like "security" and "keeping Toby's network virus-free". So I'm working with him in a concerted effort to secure my network. This means, among other things, upgrading his systems to SP2 and leaving the firewall turned on. This in turn means that I need to get experienced with the Windows firewall now, whether I want to or not.

So far, it seems OK for recreational use. Easy enough to configure, but easily turned off as well. I won't be giving up my OpenBSD bridge any time soon. Or ever, for that matter. This brings about an interesting question. Should Microsoft backport the XP firewall to their entire line of Windows operating systems? In a word, yes. Though many third-party software firewall applications exist for the Windows 95/98/ME/2000 family, none have the ability to install themselves when a user visits Windows Update and selects it from the Critical Updates category.

What Windows needs is an easy-to-use, general purpose firewall that can install and configure itself, for free, with virtually zero user intervention. This is Microsoft's opportunity to shine and to show that they do indeed care about security.