0

I have a Linux Mint host running Windows XP Virtual Machines with VirtualBox. The XP VM's are connected to the internet via the host. In the Linux host, I have blocked every port with a firewall except for ports 80, 443, 8333, 9332, 9333, 22556.

One VM, for example, is for my Bitcoin and other coin wallets. Another VM is used to run a custom web spider software that analyzes data from websites, and so on.

My question is: is it safe to run an old Windows such as XP from behind a firewall? By safe, I am mainly referring to remote exploits.

Improve this question
1
  • Given that most exploits are directed at client software, the firewall only covers one minor portion of the security spectrum. Given that most exploits use phone home over http/https outbound, no.
    – Fiasco Labs
    Commented Feb 8, 2014 at 18:30

2 Answers 2

Reset to default
0

Adding another firewall in between the internet and a machine is just adding another layer of security. This is like saying, "Would it be less safe to wear two layers of kevlar body armor rated next to wearing one layer of kevlar body armor". More is not going to cause a security hole.

I do not know how much you know about firewalls, but blocking ports is just one feature of a firewall. Depending on how robust a firewall is, there are many other items they can do, such as Intrusion Protection, Point-to-Point VPN's, URL filtering, etc. Many big business require for at least two different firewall, from two different manufacturers (i.e. Juniper and Check Point), to be between their machines and the internet. It only adds more security, it doesn't take away security.

The problem with having more than one firewall between a machine and the internet is more places for traffic to be stopped that you do not want stopped. It will cause more troubleshooting to have to happen in order to get traffic flowing if something is being blacked that shouldn't be blocked.

Improve this answer
0

I think you will find Windows XP is relatively safe behind a firewall. The biggest threat vector will be "drive bys", where you visit a web site which has malware which you download and (unwittingly) run, which compromises your system.

In order to fix that problem you would need to do deep packet inspection or run something on the box to protect you.

Other then that, if you are not running any remotely accessible servers, simply firewall the XP box from everything and allow only outbound and established connections.

Improve this answer

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .