Is XP SP2 necessary, since my router acts like a firewall?

Infopackets Reader Kathy O. writes:

" Dear Dennis,

I am getting ready to build a new computer and plan to put Windows XP Home Edition with XP Service Pack 1, although I have already ordered the XP Service Pack 2 CD from Microsoft. As it stands now, I will be running both computers from my LinkSys router; however, I was told by a friend that I would need to turn off Windows XP's firewall from the Control Panel after I install Service Pack 2. Is this true? And also, is it necessary to apply XP Service Pack 2 since my router acts like a firewall? If so, should I disable the Windows Firewall? I have Norton Antivirus / Norton Firewall installed on my machine. "

My response:

There are a number of issues to address here, as the majority of your questions are based on incorrect assertions. Let me try to break it down into short-but-sweet answers.

RE: " I will build a new computer and install XP SP1, then apply SP2 after. "

You can go this route; however, you can save a great deal of time if you wait for the SP2 CD to arrive and only apply that to your new system. Service Pack 2 is cumulative, which means that it includes fixes from Service Pack 1; therefore, installing SP1 then SP2 is not necessary. And, as I've mentioned a number of times in the newsletter, installing SP2 to a fresh system will surely decrease the likelihood of a failed installation.

RE: " I have a LinkSys Router. Do I need to turn off the Windows Firewall after installing SP2? "

I'm not sure why your friend told you this, but you shouldn't have to disable the Windows Firewall if you have a LinkSys -- or any brand name -- router installed on your PC. There are, however, some program (or "software") incompatibilities with the new Windows firewall. On a side note, you can refer to Microsoft's KB article #884130, which details a number "programs that experience a loss of functionality" due to the Windows Firewall.

RE: " Is it necessary to apply XP Service Pack 2 since my router acts like a firewall? "

The short answer is: Yes. And just to clarify, Service Pack 2 addresses *much* more than just security issues with the new Windows Firewall. For a list of "top 10" reasons to install Service Pack 2, you can refer to Microsoft's "top 10 reasons to install Service Pack 2" page.

Having said that, I'm not sure if what you meant to ask was "Do I need to use a software firewall even though my router acts like a hardware firewall?" In this case, a router ("hardware firewall") may not be enough to stop a hacker, simply because:

a) the router may not be configured properly and could allow hackers into your system without you realizing it. On a side note, some routers have blank admin passwords by default; subsequently, a hacker *may* be able to access your system without restriction if it allows "remote access changes" to its configuration.

b) the router, although considered "hardware", operates from software built into the router; hence, there is always a chance that the software inside the router can be flawed. Case and point: a little while back, pcWorld published an article which describes a security flaw that was found in a LinkSys router.

c) routers typically don't offer a high level "activity log" so that you can see who's attacking what communication port. Subsequently, you may not know to properly resolve a problem (if one arises).

RE: " Can I use Norton Firewall and the Windows Firewall at the same time? "

Short answer: Not Recommended. Having two firewalls installed on your PC can severely complicate issues, as it may cause some programs (which require network access) from functioning properly.

RE: " Should I disable the Windows Firewall? "

Short Answer: Yes. The Windows Firewall, as we have discussed previously in the newsletter, only blocks incoming traffic (not outgoing -- which is problematic if you get attacked with Spyware). I personally don't have experience with Norton Firewall, but I do highly recommend Zone Alarm; it's free and blocks both incoming / outgoing communication.

Both my Service Pack 2 FailSafe Guide and Internet Security Guide explicitly detail how to download, setup, and configure the Zone Alarm Firewall, using a unique video tutorial that can be played back on your computer. For more information, details of my XP Service Pack 2 eBook can be found here; details of my Windows Security Guide (for any version of Windows) can be found here.