Tip

Is a firewall out there or not?

A friend of mine teaches beginning security classes for a couple of large PC manufacturers. One course is about antivirus software and virus protection, the other about firewalls and basic security. He told me that one question that always comes up from students is "How can I tell if I have a firewall or not?"

It's an innocuous question, but one that's surprisingly difficult to answer. Unless the person running the machine knows how to look for firewall software, and can recognize it when he or she sees it, there's no easy way in current Windows environments for end users to tell if they're protected or not. I think that's why Microsoft is adding a Security Center to Control Panel in Windows XP SP2, and I have to believe it will scan hard drives with a specific set of executable names and/or registry keys to help it identify what it finds.

In the meantime, XP users can employ the techniques I'm about to recommend. These may remain the only way to check for users of other or older Windows (unless Microsoft rolls Security Center back into future updates for Windows 2000). Though it's tricky to define a precise recipe to detect and identify the presence or absence of a firewall on a system (or on a network), there are several intelligent ways to go looking.

For those unafraid of Control Panel, one easy way to seek out firewalls is to open the Add/Remove Programs widget. Items listed under the Currently installed programs button show all applications that

Requires Free Membership to View

create registry entries during installation. In most cases, third-party firewalls and related security software shows up—often with links to support information to help identify items for those intrepid enough to poke around but who may not recognize some items they find. Windows XP users can check if the built-in Internet Connection Firewall is enabled or disabled as described in Microsoft's XP documentation.

But for those uninterested in venturing into these areas, it's easy to point a Web browser at a vulnerability scanner to see how well or ill protected a system might be. Though this won't tell you that a firewall is active on your system (or network), it's unlikely that a clean bill of health will occur on an unprotected or out of date system. Should results indicate that one or more vulnerabilities need remedy, you'll want to obtain an up-to-date firewall, make sure Windows gets all necessary security updates, and use up-to-date antivirus software too.

You'll find two good, free security scans available at:

These services not only identify vulnerabilities, they also describe potential remedies. This helps resolve underlying concerns about PC protection.


Tom Lancaster, CCIE# 8829 CNX# 1105, is a consultant with 15 years experience in the networking industry, and co-author of several books on networking, most recently, CCSPTM: Secure PIX and Secure VPN Study Guide published by Sybex.


This was first published in April 2004

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

Disclaimer: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.