Re: Win2003sp1 Firewall "blocks ports for idle services" ???
From: Craig Humphrey (CraigHumphreyHatesSpam_at_newsgroup.nospam)
Date: Mon, 24 Jan 2005 11:39:18 +1300
I figured that was the case, but Microsoft does occasionally pull a new
concept out of the hat :)
BTW Thanks for coming back to New Zealand for TechEd2004. Will you be back
again this year?
"Steve Riley [MSFT]" <firstname.lastname@example.org> wrote in message
> Sorry about that, I think Peter just misspoke. It's the same code as the
> firewall in XP service pack 2 and it behaves in exactly the same way. It
> allows all outbound traffic. It blocks everything inbound unless:
> * the inbound traffic is a reply to some request that went out
> * the inbound traffic matches a port you've statically opened
> * the inbound traffic is for an application that you've granted permission
> to open a port
> In the third case, the port remains open for as long as the application is
> Steve Riley
> > Hi,
> > I've just watched the TechNet webcast, with Peter Meister, on
> > "Introducing
> > Windows Server 2003 SP1 - Overview".
> > He mentioned that the Firewall in sp1 "blocks access to ports for
> > applications that are idle".
> > I tried to query him further on this, but I still don't get the
> > concept.
> > His example was of a web server on port 80, when there are no clients
> > connected to it, the Firewall blocks access to the port.
> > Now to me this seems a little odd, since how do you then allow future
> > connections from other clients?
> > Can someone point me at more info? I've googled and use the MS
> > search, but to no avail. This feature doesn't seem to be mentioned
> > anywhere...
> > Thanks
> > Craig