Re: Win xp sp2 firewall

On Tue, 20 Mar 2007 16:17:18 +0900, Gerald Vogt wrote:

Leythos wrote:
Windows XP SP2 fireall is the last resort - it has one serious flaw - if
you run as a local administrator, and most people do, it allows programs
and services to create holes (exceptions) in it. Also, if you normally
share files/printers, it will default to allowing File/Printer sharing,
which also greatly exposes you.

No other firewall is different. If you are administrator you can change
the settings of any firewall running on your system. No firewall running
on the computer can prevent that. Thus, if a program wants to open a
port it can do so if it is running as administrator. Maybe the installer
of the program does not care about opening the port on a 3rd party
firewall but still it could do so. It is usually not necessary anyway
because people running personal firewalls tend to turn off the whole
firewall whenever there is a networking issue, anyway.

Moreover, the firewall does not "default" to allow file sharing. The
default is to block sharing. However, if you want to share files and run
the file sharing wizard the necessary ports are opened. This is very
reasonable as it helps people to achieve what they want to achieve:
share files in their network. With other personal firewalls people have
a much harder time to figure out how to get it working. Many file
sharing problems are due to 3rd party firewalls.

But you seem to have little experience with other firewalls - as most
NON XP SP2 firewalls will alert/ask the user for permission to create the
rule. Win XP SP2 doesn't alert you, it just blindly lets it happen.

How is it that you guys miss the holes in XP Sp2 firewall while missing
that anything that makes it harder to put holes in a firewall is good?



spam999free@xxxxxxxxxx (remove 999 for proper email address)