Re: Do I really need a FW besides WXP

"?" <reply_in@xxxxxxxxx> wrote:
> One of the biggest problem with XP's built-in firewall is it lets all inside
> traffic go out.

No, this is not a problem. Controlling aleady running programs what
they're sending out is a b0rken concept anyway.

> Since XP Home doesn't really have good security like XP Pro

In what way?

> A real firewall would pop up a warning that "program xxxxx is trying to
> connect to the Internet."

Only a "Personal Firewall" with the design flaw to make the person
responsible for security decisions of all the people, who should be
protected and protect, the user, asks in such a absurd way.

A sensible implementation of a security system for home users offers
protection for them without making those people responsible for
security related decisions, who don't have a clue of what's going on.

> The advice about being behind a router is a great help and I do it as well.

If the "router" is running a packet filter and maybe NAT, then this is
a good idea, if the packet filter is well configured by default.

> But if malware gets installed on your computer, the NAT router is also going
> to let it happily send your passwords away without warning you as well.

Yes. And this is a very good idea, because filtering the PINs and passwords
directly leads into attacks to find them out. It's just misunderstanding
data security to filter away to hide something.

An example; say, I have a two digit PIN. And I'm filtering it away to
hide it. Well, which one was it?

00 01 02 03 04 05 06 07 08 09
10 11 12 13 14 15 16 17 18 19
20 21 22 23 24 25 26 27 28 29
30 31 32 33 34 35 36 37 38 39
40 41 43 44 45 46 47 48 49
50 51 52 53 54 55 56 57 58 59
60 61 62 63 64 65 66 67 68 69
70 71 72 73 74 75 76 77 78 79
80 81 82 83 84 85 86 87 88 89
90 91 92 93 94 95 96 97 98 99

Complete this yourself for usual PINs with 4 or 5 digits and a small
computer program, which does the job of counting. Then you'll have
your homework ;-)

Anybody, who offers filtering data away as a solution to hide this data,
has no clue of data security at all.

Yours,
VB.
--
Netzwerkgrundlagen anhand Windows lernen zu wollen ist doch wie seine
ersten sexuellen Erfahrungen mit einer Prostituierten zu sammlen: Die
Leidenschaft fehlt, das wirklich Wichtige lernt man dabei nicht, und die
Chance sich einen Schädling einzufangen ist hoch. (Lukas Graf in d.c.s.m)
.

Relevant Pages

  • Re: Do I really need a FW besides WXP
    ... Controlling aleady running programs what ... > Since XP Home doesn't really have good security like XP Pro ... If the "router" is running a packet filter and maybe NAT, ... data security to filter away to hide something. ...
    (comp.security.firewalls)
  • [NT] Vulnerability in Microsoft Internet Security and Acceleration Server 2000 H.323 Filter Could Al
    ... Get your security news from a reliable source. ... A security vulnerability exists in the H.323 filter for Microsoft Internet ... Security and Acceleration Server 2000 that could allow an attacker to ... overflow a buffer in the Microsoft Firewall Service in Microsoft Internet ...
    (Securiteam)
  • RE: How to restrict users to see data in a mutiuser environment?
    ... interested setting up workgroup security. ... ' Gets the userid of the current user. ... Dim Length As Long ... which you open the form you want to filter. ...
    (microsoft.public.access.modulesdaovba)
  • Re: Download the Earth - Sigh...
    ... My virus infestation to date. ... I also use the "filter" part of my email ... to download it, and then activate it. ... As has been said, security is not a "solution", its ...
    (alt.support.arthritis)
  • Re: Do I really need a FW besides WXP
    ... It's just misunderstanding data security to filter away to hide something. ... computer program, which does the job of counting. ...
    (comp.security.firewalls)