scruffy:

If possible, I'd recommend using one of the CD installation packages rather than downloading, since you must install ALL previous updates before you can install SP2 itself, and that can be a rather large bunch of downloads if you're not current. The SP2 download itself is about 80 MB. The SP2 CD, including all of the "incorporated updates," is close to 800 MB. You can order your own free copy of the CD at the SP2 support site at microsoft.com, or use one of the magazine copies.

I'd also recommend keeping an SP2 CD with your WinXP system CD. If you have to reinstall WinXP, the first installation will NOT include any patches that weren't there when you bought it. You are unlikely to be able to spend enough "web time" to download all the patches AND SP2 before someone finds all those unpatched holes, even with an incredibly fast web connection; so you need to be able to install the CD version SP2 (and your current AV) before you connect, after a reinstall.

Recent tests have reported an "average time to infection" of less than 20 minutes for unpatched machines simply making a web connection.

Tom:

With the WinXP SP2 firewall, at least, theres virtually no "competition" between the firewall on your machine and any other external firewalls. When I installed the SP2 package, it of course turned on the WinXP firewall. Since I go through a Norton firewall on a "server," the second firewall is pretty much redundant.

I did leave the XP firewall turned on for a while, but since the first (server) Norton firewall stops anything outside my LAN from accessing my computer, the XP firewall simply "has nothing to do."

With two internal firewalls trying to operate on the same machine the situation is a little different, but the SP2 version of WinXP's firewall should recognize that another firewall is present, and is supposed to ask which you want to use. If you visit the Microsoft XP support page, you'll find a FAQ section where Microsoft recommends turning off the WinXP SP2 firewall if you have another firewall that you prefer to use, internal or networked. Turning it off is not very complicated. Until you turn one of them off, you'll probably get a "warning" that there are two firewalls everytime the XP firewall detects any activity on your machine by the other firewall. This can get pretty annoying.

One or the other of your firewalls (when on the same machine) likely will report and try to block port probes by the other firewall. The other firewall will complain; but most operations will not be much affected unless you have significantly different setup for the two firewalls. You just have to listen to them tattle on each other, and it gets very tiresome.

WinXP SP2 also has a built in AV, and you'll get the same sort of obnoxious reports that there are two AV programs running, until you turn off the SP2 AV or uninstall your other one(s).

One firewall and One AV should be sufficient, if they're any good. You make the choice of whether to use the WinXP SP2 built-ins or your other(s). You SHOULD use one firewall AND one AV, since you're a hazard to the entire web community if you don't keep YOUR machine clean.

Norton (Symantec) has recently upgraded their Symantec Security Check site. Here, with your permission, at the "Scan for Security Risks" link, they will look at your connection and tell you, in some detail, what needs to be fixed. If you have a firewall, they will find it and ask for permission to probe it, since many companies object to having their network firewalls probed. (If applicable, you should get a sys admin permission before letting them probe a network firewall you don't personally "own.") Helpful explanations are provided for anything they find.

You can also get an AV probe at the same site, other link. I'd suggest bookmarking it, unless your own AV provider has comparable utilities online.

John