I have Windows XP and it seems everyone is telling me I need a firewall to protect my computer from hackers, spammer, etc. This seems like it should be a standard component of Windows XP. Why didn’t Microsoft include a firewall in Windows XP?
Microsoft doesn’t know your ISP when you buy the software.
Could you expound on your answere?
They did. XP does include it’s own firewall. It’s just that (true to many things microsoft related) it is not particularly robust when it comes to protecting you from outside intrusions. You can do much better by choosing one of the many alternatives that are available.
Here are a couple of quick links that may shed some light on what firewalls do and why they are necessary…
http://www.pcquest.com/content/Firewalls/101061601.asp
http://www.pcstats.com/articleview.cfm?articleID=1450
Hmmmmm…try the second link FIRST 
Thanks, I just went and enabled it, seems like it should have been enabled automatically though!
yes.
When Microsoft ships XP, it goes all over the world. There are certain nefarious types that just wait for the latest Microsoft program to be released and dedicate themselves to mess with the thousands of workers that depend on the paycheck.
This is easier since anyone running a PC, MAC, etc can get internet access. If you want to dedicate hours upon hours to make a statement, you go for the biggest software company, look for openings in security, and go from there. Of course, Microsoft has a few thousand dollars a day tied up in salaries paid to people looking to correct these holes.
Have you ever seen a portion of XP code? It is so friggin big, there is no way to write a code that is error-proof at this level. There will always be a loophole somewhere.
My humble advice (and I don’t work for them) Zone Alarm Pro.
Hope this helps, though it’s a bit rambly
From Service Pack 2, the firewall will be enabled by default.
However, I still prefer ZoneAlarm - it is more configurable and does permitted application validation - a really good feature in a personal firewall.
Simon
It’s not shipped activated because there are many installations (especially in the corporate world) where you don’t want it activated.
If you’re set up behind a corporate firewall, you don’t need it. In addition, with it activated, it removes the ability to access a computer on a network. I use this sort of thing all the time to adjust user rights or troubleshoot a computer. If the XP firewall is turned on, I lose that important ability.
The XP built-in firewall is fairly good at hiding your computer from the outside. What it doesn’t do is stop software on your computer from accessing the Internet. Thus, if you get a virus or spyware, it can open a port and start doing things to other computers. (It’d be the user that puts that on the computer, not the software or any security flaw.)
Microsoft probably didn’t set it up to do this because most of their users would be hard pressed to identify what accesses are legitimate (like MSIE, Netscape, etc.) and what are not (viruses, etc.). The users would see the warnings and have no idea what they meant, and would start wondering if something was wrong. In addition, many would just ignore them, making the firewall useless.
For just a firewall, the free version of Zone Alarm is great. The “Pro” version is not free.
I just checked my firewall logs for the last time I was online for a decent time and I had about 250 attempted intrusions.
I’m not asking specifically about you, but in a general sense, where do these intrusions come from? What kind of intrusion are they?
All the attacks are listed as:
Cloaking: Prevents your computer from being found. Cloaking hides the entry points (ports) of your computer making it appear to be disconnected from a network. Hackers using techniques like NetBIOS browsing, port scanning, or ICMP packet special processing will be unable to locate your computer.
Firewall: Provides a barrier between your computer and the network (LAN, Internet). This barrier examines and filters network traffic coming into your computer. By filtering network traffic, the firewall prevents malicious programs or files from entering your computer. The firewall protects against attacks hackers commonly use including: Ping of Death, IP conflict, SYN flooding, and others.
Usually there is a pile of ping attacks, but not in the recent logs.
Most of them come from “port sniffers”. Programs that scan a large range of IPs looking for open ports.