Re: Win2003sp1 Firewall "blocks ports for idle services" ???

From: Craig Humphrey (CraigHumphreyHatesSpam_at_newsgroup.nospam)
Date: 01/23/05


Date: Mon, 24 Jan 2005 11:39:18 +1300

Thanks Steve,

I figured that was the case, but Microsoft does occasionally pull a new
concept out of the hat :)

BTW Thanks for coming back to New Zealand for TechEd2004. Will you be back
again this year?

Later'ish
Craig

"Steve Riley [MSFT]" <steriley@microsoft.com> wrote in message
news:50001632412283446642546@news.microsoft.com...
> Sorry about that, I think Peter just misspoke. It's the same code as the
> firewall in XP service pack 2 and it behaves in exactly the same way. It
> allows all outbound traffic. It blocks everything inbound unless:
>
> * the inbound traffic is a reply to some request that went out
> * the inbound traffic matches a port you've statically opened
> * the inbound traffic is for an application that you've granted permission
> to open a port
>
> In the third case, the port remains open for as long as the application is
> executing.
>
> Steve Riley
> steriley@microsoft.com
>
>
>
> > Hi,
> >
> > I've just watched the TechNet webcast, with Peter Meister, on
> > "Introducing
> > Windows Server 2003 SP1 - Overview".
> > He mentioned that the Firewall in sp1 "blocks access to ports for
> > applications that are idle".
> > I tried to query him further on this, but I still don't get the
> > concept.
> > His example was of a web server on port 80, when there are no clients
> > connected to it, the Firewall blocks access to the port.
> >
> > Now to me this seems a little odd, since how do you then allow future
> > connections from other clients?
> >
> > Can someone point me at more info? I've googled and use the MS
> > search, but to no avail. This feature doesn't seem to be mentioned
> > anywhere...
> >
> > Thanks
> > Craig
>
>