Re: Windows XP Internet Connection Firewall
From: Ansgar -59cobalt- Wiechers (bugtraq_at_planetcobalt.net)
Date: 06/16/05
- Previous message: Ken Buchanan: "RE: Securing Backups via Encryption"
- In reply to: sl2ck3r j2ck: "Windows XP Internet Connection Firewall"
- Next in thread: David Low: "RE: Skype bypasses Windows XP Firewall"
- Reply: David Low: "RE: Skype bypasses Windows XP Firewall"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 16 Jun 2005 18:26:44 +0200 To: security-basics@securityfocus.com
On 2005-06-16 sl2ck3rj2ck@gmail.com wrote:
> I am trying to understand the security implications of using the
> default Windows XP Internet Connection Firewall [ Not to be confused
> with Windows Firewall which comes with SP2 ] .
They are the same, except for some minor features and the name change.
> I have read in many places that it is not a very secure firewall. And
> using some 3rd party firewall like zonealarm is better.
No. No.
> From what I could understand was that was because of two main reasons.
>
> 1. It only blocks inbound connections
Which is the only thing a host-based firewall can do reliably.
> 2. It does that by hiding the computer and not by actually blocking
> the ports. Which would mean if some worm etc. was generating random
> IPs it may actually be able to connect and exploit some service like
> LSASS.
That's plain wrong.
Regards
Ansgar Wiechers
-- "All vulnerabilities deserve a public fear period prior to patches becoming available." --Jason Coombs on Bugtraq
- Previous message: Ken Buchanan: "RE: Securing Backups via Encryption"
- In reply to: sl2ck3r j2ck: "Windows XP Internet Connection Firewall"
- Next in thread: David Low: "RE: Skype bypasses Windows XP Firewall"
- Reply: David Low: "RE: Skype bypasses Windows XP Firewall"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
