Re: Windows XP Internet Connection Firewall
From: Ansgar -59cobalt- Wiechers (bugtraq_at_planetcobalt.net)
Date: Thu, 16 Jun 2005 18:26:44 +0200 To: firstname.lastname@example.org
On 2005-06-16 email@example.com wrote:
> I am trying to understand the security implications of using the
> default Windows XP Internet Connection Firewall [ Not to be confused
> with Windows Firewall which comes with SP2 ] .
They are the same, except for some minor features and the name change.
> I have read in many places that it is not a very secure firewall. And
> using some 3rd party firewall like zonealarm is better.
> From what I could understand was that was because of two main reasons.
> 1. It only blocks inbound connections
Which is the only thing a host-based firewall can do reliably.
> 2. It does that by hiding the computer and not by actually blocking
> the ports. Which would mean if some worm etc. was generating random
> IPs it may actually be able to connect and exploit some service like
That's plain wrong.
-- "All vulnerabilities deserve a public fear period prior to patches becoming available." --Jason Coombs on Bugtraq