Re: Win2K FireWall
From: Duane Arnold (notme_at_notme.com)
Date: Sun, 28 Sep 2003 18:20:13 GMT
"ClareOldie" <firstname.lastname@example.org> wrote in
> Duane Arnold wrote:
>> Well,if you're not concerened about outbound protection, then it may
>> be good enough. I looked at Win2k FW and it didn't seem that bad. I
>> just didn't take it further and stuck with the host based FW solution
>> I am using at this time.
>> I keep hearing that if you keep Win2k security patches up to date and
>> remove vulnerable services from the Win2k machine, that's a big part
>> of the protection.
>> From that aspect, I don't see why that Win 2K FW would not portect as
>> well as any other host based FW. That along with a good AV for
>> Trojans, Ad-aware or something similar for spyware, Active Ports and
>> PRCview (both free) keeping an eye on outbound connections.
>> The links may help to further secure your machine.
>> Duane :)
> Just a thought - a lot of these procedures are to disable services
> that listen on various ports and may thus be hackable.
> Would it be true to say that if IPSec is used and all these ports are
> blocled then there is no need to go through the hassle of disabling
> these? It seems so to me. If true would it not have been 'sensible' of
> MS to have implementd this by default and thus avoided much of the
> agravation caused by the last lot of attacks as on Port 135? Much more
I my self, have only done a few things suggested by the link. Some things
like using NTFS and setting accounts usage on NTFS properly, done a
couple of things with the registry, discovered the MS Security Analyzer,
and how to lock down IIS. I think I would be doing more, if the machines
were not behind the router with a host based FW on them. To be honest, I
have not done anything to stop any unneeded services or close unneeded
ports at the machine level.
The router and the host based FW are protecting ports and services and
against applications that are allowed to run on the machines or