Re: win xp firewall

From: vinny (vinny@friggenbozo.com)
Date: 05/08/02 

From: "vinny" <vinny@friggenbozo.com>
Date: Tue, 7 May 2002 22:48:31 -0400

"Marshall Place" <punktdawg@cox.net> wrote in message
news:lNUB8.36721$9c5.1532720@news2.west.cox.net...
> "ThePsyko" <thepsyko@itookmyprozac.com> wrote in message
> news:Xns9206AD73C8E9EIWishIWas@marashouse.org...
> > On 06 May 2002 in that fucked up hellhole known as
> > alt.hackers.malicious, an identity claiming to be Marshall Place spewed
> > forth news:FJzB8.33819$9c5.1330353@news2.west.cox.net:
> >
> > > Even if you automated it using a batch the net send cmd will not crash
> > > a computer. Trust me a friend of mine and I tested it. The messenger
> > > service is mainly for people on large scale networks so admins can
> > > notify when the network is going down, etc. If you are just on the
> > > internet you don't need the service to be on but to go as far as to
> > > say it's a security flaw is the thought of somebody with a script
> > > kiddie mindset and doesn't understand what the cmd and service is used
> > > for. So microsoft turned it on by default woopidy do, that doesn't
> > > mean it wasn't there before. Just disable the service.
> > >
> > > All well,
> > > Marshall
> > >
> >
> > Hiya marshall... by definition, a Denial of Service "attack" doesn't
have
> > to crash the system, just interfere with the users ability to utilize
> > system resources. Closing popup after popup would, IMO, qualify since
> > you really can't get anything done with popups constantly coming to the
> > foreground. I also never referred to it in particular as a 'security
> > flaw' - my statement was that if a "firewall" is coded to let those
> > packets through, what else is it letting through? How well do you trust
> > MS ?? My entire point was that I personally don't trust the XP *cough*
> > firewall...
> >
> > The problem with the messenger service being 'on' by default is that
most
> > people don't realize it's there, what it's for, or how to disable it.
It
> > didn't matter before because it was only included in NT and 2K.. not
> > exactly your typical "home user" platforms (which XP is marketed as).
> >
> > And on a side note, the XP "firewall" does not, in any way, on any
level,
> > filter IPv6 traffic... and M$ designed it that way on purpose.. why? I
> > dunno.. they had their reasons.. and that's good enough for me to not
> > trust the XP firewall...
> >
> > --
> > ThePsyko
> > Public Enemy #7
> > "God told me to skin you alive"
> >
> > http://prozac.iscool.net
>
> The firewall is not ment to block services that are already on. Granted it
> is not sufficient security it is still security.
> As for Vinny's response you're right most people don't know what services
> are. much less how to turn them off. Endless popups on individual's comps
is
> not a security concern. It is a loophole that script kiddie pranksters
will
> use. If someone's marriage results in a divorce due to net sends there's
> obviously already some serious trust issues going on. There are people
> trading valid credit card numbers on IRC and you are worried about net
send
> messages and XP's crappy built in firewall, which on previous OS's they
> didn't even include any security. I don't know I am not defending
Microsoft
> but hell it just doesn't seem like that big of a deal, when attachments
> could be executed through outlook without the user doing anything, that
> seemed like a big deal. Net send messages. We'll live, nothing is damaged.
> Let the kiddies have their laughs. Maybe if they do enough, they will grow
> up.

Damn man, didn't you see peter pan when you were a kid...NEVER grow up.
  Seriously, the xp firewall is lame, but it is better than nothing, well,
maybe not, in fact it does nothing to protect your system now that I think
about it....
  Hey, come to think about it, most firewalls deployed in todays world are
useless....
  People think just because they got norton and zonealarm using 80% of their
resources theyre safe from the boogie man, give me a break!
  Hackers dont crack passwords anymore, they crack the "question" your email
provider gives you in case you forgot your password, they dont kick down
your netbios port, they trick you into installing trojens, which are
extremely easy to spot, as easy as watching the damn led on your modem.
  Give me a break...hackers...
So where are the magical hackers, been looking for them for years? I see dns
hijacking...password hijacking...and shitloads of the lamest scripts thrown
at web servers that start out "/script/"!!!
 You know who the hackers are, the really SCARrY guys, those fuckheads at
"brilliant", no matter how many times you disinfect your system from that
crap it reappears, its like the organized crime of the internet.
 The best thing in my opinion to do right now is get adaware and forget
about the dope smoking teenager on his daddy's dell trying to hack your
"lame as hell anyway" web page.

Just one lamers opinion.