Re: Win XP "Firewalled" Connection Indicator
From: Bill Sanderson (Bill_Sanderson_at_msn.com.plugh.org)
Date: 04/29/04
- Next message: Archer: "need teck help"
- Previous message: Tracy: "RE: Symantec"
- In reply to: W.F. Lipman: "Re: Win XP "Firewalled" Connection Indicator"
- Next in thread: W.F. Lipman: "Re: Win XP "Firewalled" Connection Indicator"
- Reply: W.F. Lipman: "Re: Win XP "Firewalled" Connection Indicator"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 28 Apr 2004 23:24:13 -0400
I don't understand what you saw either--it hasn't happened to me, and I
don't recall reading of it happening to others, and I've been reading
newsgroups related to usage of the firewall since it first existed.
(Not that I have perfect recall--but it certainly isn't a common complaint.)
Here's the standard description of the current XP firewall:
http://support.microsoft.com/default.aspx?scid=kb;en-us;320855
Starting with SP2, the firewall will be renamed to "Windows Firewall" (from
the current Internet Connection Firewall.) This name change reflects a
change in functionality, which is described in a number of documents:
http://msdn.microsoft.com/security/productinfo/XPSP2/networkprotection/firewall_devimp.aspx
http://msdn.microsoft.com/security/productinfo/XPSP2/networkprotection/firewall.aspx
http://msdn.microsoft.com/security/productinfo/XPSP2/introduction.aspx
There are some other excellent articles that I should add here, but I can't
spot them at the moment--but these should help.
"W.F. Lipman" <anonymous@discussions.microsoft.com> wrote in message
news:5d0401c42d95$d5870830$a001280a@phx.gbl...
> Thanks for your thoughts too. It would be easier to judge
> the fitness of the MS firewall if there were any
> documentation on it in the help system(s).
>
> But I haven't found any useful documentation at all, other
> than "how to turn it on" and, as I reported in the
> original posting of this topic, the only problem with that
> is "How did the indicator go off on the 'Control Panel |
> Networking' dialog even though the option was definitely
> CHECKED in the advanced TCP/IP settings dailog of the
> properties for that network connection?"
>
> In my view, if the indicator is off, that gives me a
> reason to believe that the firewall is NOT turned on when
> it should be, and that makes me suspect that perhaps I had
> actually been attacked remotely. That's why I ran the NAV
> 2004 full system scan [which turned up nothing].
>
> I am an extremely resourceful user of software. I make my
> living that way and have directed and deployed very large
> software systems running on Windows, UNIX, and other
> platforms; yet, I cannot get direct answers to direct
> questions about Windows. I find that very, very
> discouraging. This sort of forum should not be the best
> way to get such a direct response.
>
> In fact, it would be much better if Microsoft would
> furnish detailed documentation on what their firewall for
> XP actually does and does not do; what the features and
> functions are; and what kinds of threats it protects us
> against. I would be more than happy to read it.
>
> Also, firewall diagnostics [is it turned on?] and logs
> [when and what were the recent attacks?] would also be
> useful. Even my $70 router has much more detail in this
> area than the $250 OS package for XP pro that I bought
> from my OEM with my latest Intel-based computer. Why is
> that?! I have no clue, and it doesn't seem right or
> appropriate for a company as large and sophisticated as
> Microsoft.
>>-----Original Message-----
>>I don't consider the Microsoft firewall weak.
>>
>>It is inbound-only.
>>
>>If you want to open the Microsoft firewall, or any other,
> for file and
>>printer sharing, the information needed can be found
> here, among other
>>places:
>>
>>http://www.microsoft.com/security/protect/ports.asp
>>
>>With the release of SP2 for Windows XP, later this year,
> the firewall will
>>have a simple checkbox to open File and Printer sharing,
> and you will be
>>able to restrict that opening to local subnet only, as
> opposed to the world,
>>as things are arranged now.
>>
>>
>>"W.F. Lipman" <anonymous@discussions.microsoft.com> wrote
> in message
>>news:58bc01c42d58$c5541350$a401280a@phx.gbl...
>>> Thanks for the tips. No, I was not running Norton
> Internet
>>> Security at the same time--that was on a different
>>> computer. The one I am running now was purchased about a
>>> month ago and came with XP Pro. I am still very
> surprised
>>> that the Internet Connection Firewall indicator was off
>>> yesterday and on today. I did, however, download the
>>> latest XP Pro update yesterday. This is not the first
> time
>>> I have had an XP or 2000 issue for which no explanation
>>> has ever been given or offered; and Microsoft's
> knowledge
>>> base gave very little help on either one.
>>>
>>> Yes, I already knew that MS free firewall was weak, but
> my
>>> reasoning was that since I already have a firewall in my
>>> router, and it does network address translation, then my
>>> risks are pretty low, which led me to turn on
> Microsoft's
>>> free firewall as simple, added protection.
>>>
>>> I run NAV 2004 now, and I am doing a complete virus scan
>>> once a week or whenever installing new software,
> whichever
>>> comes first. That version does pick up trojan horses and
>>> such. I never, ever download free software over the Web-
> -
>>> that's just too risky.
>>>
>>> However, MS has admitted security issues that even allow
>>> HTML pages to unleash worms, and it has been identified
> as
>>> possible that the Outloook preview feature could unleash
>>> them too. That's all very discouraging.
>>>
>>> Finally, there is a serious problem for developers like
>>> me, who must run networks at home where we develop
>>> products. The typical firewall [such as Norton's]
> defeats
>>> Microsoft networking and Microsoft server-based
>>> workgroups; in addition, it issues many, many false
>>> alarms. I found it more trouble than it was worth. I
> just
>>> don't have the time it takes to overcome all the snafus
>>> they cause.
>>>
>>> In the end, I'm just being very, very careful and hoping
>>> that better and better firewalls can be built into
>>> hardware [like routers] that we can put on our networks,
>>> rather than installing and constantly upgrading them on
>>> each machine.
>>>>-----Original Message-----
>>>>Your best bet is to install a 3rd party firewall
>>>>(nortons/zonealarm). Dont run both windows and the 3rd
>>>>party. Windows will stop your network from seeing the
>>>>other computers and only blocks incoming traffic. It
> can
>>>>not currently and does not block or monitor or notify of
>>>>any outgoing information(such as current
>>>>viruses/trojans/spyware or such "creatures" you may
>>>>purposfully(yet unknowingly) download).
>>>>If you dont want to pay for something like nortons
>>>>firewall go with the free zonealarm.
>>>>Junk the windows firewall and forget about it. It is
> like
>>>>putting a small bandage on a large cut. Yet it works a
>>>>little but its not completely effective.
>>>>
>>>>>-----Original Message-----
>>>>>The Win XP Internet connection firewall
>>>>>indicator "firewalled" does not consistently appear
> when
>>>>I
>>>>>open network connections under control panel.
> Yesterday,
>>>>>the indicator did NOT appear even though I checked the
>>>>>Advanced TCP/IP settings and found the "Protect my
>>>>>computer ..." checkbox WAS checked. This morning, the
>>>>>firewall indicator is back on again. I haven't touched
>>> my
>>>>>settings other than to inspect them.
>>>>>
>>>>>Recently, I installed Symantec's NAV 2004 so I scanned
>>> my
>>>>>computer for threats and viruses. Nothing showed up, of
>>>>>course, so I am left with this nagging question. Why
> was
>>>>>the indicator off yesterday and on today? Is this a new
>>>>>kind of Internet attack mode?
>>>>>
>>>>>I am connecting through a D-link router to a cable
>>> modem,
>>>>>and it has a decent firewall built in. So good, in
> fact,
>>>>>that the Symantec personal firewall software stopped
>>>>>reporting any attempts to hack in, once I attached the
>>>>>router. So, I do have some reason to doubt that this is
>>>>>really an attack issue. My best guess is that there is
> a
>>>>>bug in the way the firewall setting is reported on
>>>>Control
>>>>>Panel | Network Connections.
>>>>>
>>>>>Can anyone out there advise me?
>>>>>
>>>>>Thanks
>>>>>.
>>>>>
>>>>.
>>>>
>>
>>
>>.
>>
- Next message: Archer: "need teck help"
- Previous message: Tracy: "RE: Symantec"
- In reply to: W.F. Lipman: "Re: Win XP "Firewalled" Connection Indicator"
- Next in thread: W.F. Lipman: "Re: Win XP "Firewalled" Connection Indicator"
- Reply: W.F. Lipman: "Re: Win XP "Firewalled" Connection Indicator"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
