Re: Win2K FireWall

From: ClareOldie (no-one_at_no-where.ie)
Date: 09/28/03


Date: Sun, 28 Sep 2003 13:43:30 +0100

Duane Arnold wrote:

> Well,if you're not concerened about outbound protection, then it may
> be good enough. I looked at Win2k FW and it didn't seem that bad. I
> just didn't take it further and stuck with the host based FW solution
> I am using at this time.
>
> I keep hearing that if you keep Win2k security patches up to date and
> remove vulnerable services from the Win2k machine, that's a big part
> of the protection.
>
> From that aspect, I don't see why that Win 2K FW would not portect as
> well as any other host based FW. That along with a good AV for
> Trojans, Ad-aware or something similar for spyware, Active Ports and
> PRCview (both free) keeping an eye on outbound connections.
>
> The links may help to further secure your machine.
>
> http://support.microsoft.com/default.aspx?scid=kb;en-us;315669
> http://www.uksecurityonline.com/husdg/windows2000.php
>
> HTH
>
> Duane :)
Just a thought - a lot of these procedures are to disable services that
listen on various ports and may thus be hackable.
Would it be true to say that if IPSec is used and all these ports are
blocled then there is no need to go through the hassle of disabling these?
It seems so to me. If true would it not have been 'sensible' of MS to have
implementd this by default and thus avoided much of the agravation caused by
the last lot of attacks as on Port 135? Much more secure?

Seán