Re: Win xp sp2 firewall

From: Gerald Vogt <vogt@xxxxxxxxxxx>
Date: Fri, 23 Mar 2007 07:01:52 +0900

Mr. Arnold wrote:

If the malware configures the port in the XP FW then there won't be a warning. If it does not, there will be a warning and if the user is running as limited user at that time he is not even able to open the port.

Well, 99% of them are not running as limited user and those are the facts.

Well check again. I have just done it. Remove my sip phone from the XP SP2 firewall. Started the program as limited user. It pops up a warning that traffic is blocked and that an administrator is able to unblock it. No way to change that without being administrator.

If the malware configures the port in the PFW then there won't be a warning. If it does not, there will be a warning and very often even a limited user has the opportunity to let the malware open the port.

That's with any host based software FW/packet filter that malware can configure a port period.

What is your point?

If the malware configures a port there won't be a warning. Neither with the XP FW nor with any other PFW. It is also not true that the XP FW never shows a warning while the PFW does.

Gerald
.

Follow-Ups:
- Re: Win xp sp2 firewall
  - From: Mr. Arnold
- Re: Win xp sp2 firewall
  - From: Mr. Arnold

References:
- Win xp sp2 firewall
  - From: Laura25
- Re: Win xp sp2 firewall
  - From: Leythos
- Re: Win xp sp2 firewall
  - From: Hexalon
- Re: Win xp sp2 firewall
  - From: Volker Birk
- Re: Win xp sp2 firewall
  - From: Mr. Arnold
- Re: Win xp sp2 firewall
  - From: Mr. Arnold
- Re: Win xp sp2 firewall
  - From: Volker Birk
- Re: Win xp sp2 firewall
  - From: Mr. Arnold
- Re: Win xp sp2 firewall
  - From: Mr. Arnold
- Re: Win xp sp2 firewall
  - From: Gerald Vogt
- Re: Win xp sp2 firewall
  - From: Mr. Arnold

Prev by Date: Re: Port closed but no firewall is running
Next by Date: Re: PIX: Ping VPN host from inside network
Previous by thread: Re: Win xp sp2 firewall
Next by thread: Re: Win xp sp2 firewall
Index(es):
- Date
- Thread

Relevant Pages

Re: Win xp sp2 firewall
... If the malware configures the port in the XP FW then there won't be a warning. ... there will be a warning and if the user is running as limited user at that time he is not even able to open the port. ... once they have the PFW running they think they don't have to worry about security anymore because the PFW is doing everything possible to protect the computer... ...
(comp.security.firewalls)
Re: Win xp sp2 firewall
... there will be a warning and if the user is running as limited user at that time he is not even able to open the port. ... there will be a warning and very often even a limited user has the opportunity to let the malware open the port. ...
(comp.security.firewalls)
Re: Win xp sp2 firewall
... If the malware configures the port in the XP FW then there won't be a warning. ... there will be a warning and if the user is running as limited user at that time he is not even able to open the port. ... If the malware configures the port in the PFW then there won't be a warning. ...
(comp.security.firewalls)
Re: Kernel panic on all versions of FreeBSD
... WARNING: WITNESS option enabled, expect reduced performance. ... <ACPI PCI bus> on pcib0 ... configured irq 4 not in bitmap of probed irqs 0 ... port may not be enabled ...
(freebsd-current)
Kernel panic on 7.2-STABLE
... WARNING: WITNESS option enabled, expect reduced performance. ... <ACPI PCI bus> on pcib0 ... configured irq 4 not in bitmap of probed irqs 0 ... port may not be enabled ...
(freebsd-stable)