Re: Windows XP firewall against all others: what's wrong with it?
From: Duane Arnold (notme_at_notme.com)
Date: 06/17/04
- Next message: Duane Arnold: "BlackIce New Release CNJ"
- Previous message: Wolfgang Kueter: "Re: Software firewall for Windows NT domain controllers"
- In reply to: anonimo: "Windows XP firewall against all others: what's wrong with it?"
- Next in thread: anonimo: "Re: Windows XP firewall against all others: what's wrong with it?"
- Reply: anonimo: "Re: Windows XP firewall against all others: what's wrong with it?"
- Reply: Kwyjibo.: "Re: Windows XP firewall against all others: what's wrong with it?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 16 Jun 2004 22:23:22 GMT
"anonimo" <anonimo@anonimo.it> wrote in
news:S6_zc.480287$rM4.19802414@news4.tin.it:
> Hi,
>
> ZoneAlarm 5 crash with eMule.
> Sygate Personal Firewall block my connection when modem adsl
> re-connect
> (so first time is all ok, but if I lost connection and then reconnect,
> no program seems can access to internet).
> Kerio drives me crazy. Each 5 minutes it asks if eMule can accept
> on a
> new port and so on.
>
> I'm bored. I'm using only Windows XP firewall. What's wrong with
> it? Can
> someone tell me a REAL trojan attack this firewall can't block?
>
> Please help.
>
>
>
There is nothing wrong with XP's FW. Currently, the product doesn't have
outbound protection such as application control (stop trojans if you need
that). That will change with the release of SP 2 for XP and it will have
app control. The FW will also be able to get the TCP/IP connection first
at boot as well, which is a vulnerable area for PFW(s) that cannot get
there first.
There is another element on the XP O/S called IPsec which can be used to
supplement the XP FW. IPsec can stop inbound or outbound by port,
protocol or IP.
It's simple to implement with the AnalogX Secpol file.
http://www.petri.co.il/block_ping_traffic_with_ipsec.htm
http://www.analogx.com/contents/articles/ipsec.htm
IPsec is discussed on the XP link.
http://www.uksecurityonline.com/index5.php
You want to watch for Trojans, then use Active Ports (free) and put a
shout-cut for it in the Start-up folder and use it on a routine basis; it
will tell you what is connecting inbound and outbound.
http://www.windowsecurity.com/articles/Hidden_Backdoors_Trojan_Horses_and
_Rootkit_Tools_in_a_Windows_Environment.html
Duane :)
- Next message: Duane Arnold: "BlackIce New Release CNJ"
- Previous message: Wolfgang Kueter: "Re: Software firewall for Windows NT domain controllers"
- In reply to: anonimo: "Windows XP firewall against all others: what's wrong with it?"
- Next in thread: anonimo: "Re: Windows XP firewall against all others: what's wrong with it?"
- Reply: anonimo: "Re: Windows XP firewall against all others: what's wrong with it?"
- Reply: Kwyjibo.: "Re: Windows XP firewall against all others: what's wrong with it?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
