Unless you are running a Web server on your computer, you don't need to have port 80 open. Closing this port doesn't mean you can't visit Web sites anymore. You can block both ICMP and HTTP traffic from being initiated from the Internet and at the same time, you can allow ICMP and HTTP traffic from the Internet as long as you requested it. For example: opening up your Web browser, going to the Symantec Web site and requesting a scan. A personal firewall will behave this way by default. If you can picture the firewall as having two sets of rules: one set that governs inbound connections (the ones hackers would use) and the other set that governs outbound connections (the ones good people like you and I would use). You can now see why it is tricky to answer that question as a simple yes or no.
Some simple guidelines:
- Make sure that you have a personal firewall installed and enabled. If you are running Windows XP with Service Pack 2 you have one already.
- When the firewall prompts you that your system is trying to connect to something that it is configured to not allow, or something is trying to connect to you, "Just Say No."
Do you have comments on this Ask the Expert question and response? Let us know.
This was first published in February 2005