Problem solve Get help with specific problems with your technologies, process and projects.

Is a firewall out there or not?

How to see if you have a firewall and links to free security scanners.

A friend of mine teaches beginning security classes for a couple of large PC manufacturers. One course is about antivirus software and virus protection, the other about firewalls and basic security. He told me that one question that always comes up from students is "How can I tell if I have a firewall or not?"

It's an innocuous question, but one that's surprisingly difficult to answer. Unless the person running the machine knows how to look for firewall software, and can recognize it when he or she sees it, there's no easy way in current Windows environments for end users to tell if they're protected or not. I think that's why Microsoft is adding a Security Center to Control Panel in Windows XP SP2, and I have to believe it will scan hard drives with a specific set of executable names and/or registry keys to help it identify what it finds.

In the meantime, XP users can employ the techniques I'm about to recommend. These may remain the only way to check for users of other or older Windows (unless Microsoft rolls Security Center back into future updates for Windows 2000). Though it's tricky to define a precise recipe to detect and identify the presence or absence of a firewall on a system (or on a network), there are several intelligent ways to go looking.

For those unafraid of Control Panel, one easy way to seek out firewalls is to open the Add/Remove Programs widget. Items listed under the Currently installed programs button show all applications that create registry entries during installation. In most cases, third-party firewalls and related security software shows up—often with links to support information to help identify items for those intrepid enough to poke around but who may not recognize some items they find. Windows XP users can check if the built-in Internet Connection Firewall is enabled or disabled as described in Microsoft's XP documentation.

But for those uninterested in venturing into these areas, it's easy to point a Web browser at a vulnerability scanner to see how well or ill protected a system might be. Though this won't tell you that a firewall is active on your system (or network), it's unlikely that a clean bill of health will occur on an unprotected or out of date system. Should results indicate that one or more vulnerabilities need remedy, you'll want to obtain an up-to-date firewall, make sure Windows gets all necessary security updates, and use up-to-date antivirus software too.

You'll find two good, free security scans available at:

These services not only identify vulnerabilities, they also describe potential remedies. This helps resolve underlying concerns about PC protection.

Tom Lancaster, CCIE# 8829 CNX# 1105, is a consultant with 15 years experience in the networking industry, and co-author of several books on networking, most recently, CCSPTM: Secure PIX and Secure VPN Study Guide published by Sybex.

Dig Deeper on Enterprise infrastructure management

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.