-snip-
As a person who also runs Win XP SP1 (for reasons unrelated to Bitcoin), I'm curious. Is there a real way to exploit such a machine (by a scriptkiddie or a real hacker) when the only Internet-visible port is tcp/8333 and the respective outgoing connections? Or is shorena spouting a standard pseudo-security paranoia? Please don't talk about social engineering attacks or other attacks involving physical access to the hardware.
Edit: Like Kelp! I also don't run antivirus on it, although I monitor it with a Tripwire-equivalent.
I dont see what an antivirus software would do to prevent an attack anyway, some sort of IDS certainly would.
I was under the impression that Kelp! is using the system to access the internet*, as in browse. If you are -as you describe it- only running a full node behind a proper firewall and never use a browser you should be fine.
The list for WinXP is long and its the "go to"-system for examples in the metasploit books [1] because its so easy to gain access to. Most exploits however need either an open port or the victim to request it (usually via browser).
Again, I did not intend to derail this thread with offtopic replies and if you are aware of the risks, go ahead. Its just that most people I encounted that still use WinXP do not use it deliberately but out of lazyness. And yes I am a bit paranoid.
* using multibit, trying to get Electrum to work, downloading torrent files, etc.
[1] refering to ISBN 978-3-89864-772-4 from 2012, but I assume others have similar content.