Re: Blocking outbound traffic with XP Firewall

From: "Steven L Umbach" <n9rou@xxxxxxxxxxxxxxxxxxxxxxxxxx>
Date: Fri, 10 Mar 2006 23:18:05 -0600

To try to mitigate such it is best to use a software firewall that can use
MD5 hashes of applications allowed to access the internet so that other
programs can not pass as them though some malware can simply disable the
software firewall. In addition a hardware firewall device can be used that
can block all outbound access other than approved ports/protocols/IP
addresses though that will not totally stop processes that can use
legitimate ports such as 80/443. --- Steve

"JW" <plsreplyto@xxxxxxxxxxxxxxxxx> wrote in message
news:y09Qf.5972$8w2.1342@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

You should also read the section called Leak Test at www.grc.com

You will be amazed how it is for Trojan horses to even slip through many
software firewalls, like wolves in sheep's clothing, masquerading as
legitimate programs, such as Internet Explorer, Outlook, or explore.exe

Karl wrote:

That's a shame, but thanks for the tip. I've just been reading Paul
Thurrot's site and he says:

"Windows Firewall doesn't prevent outbound, application-initiated
communications"

Can you tell me what he means by "application initiated" - he means an
application on the PC right, not one from outside making a call on a
program residing on the firewalled PC?

Are there non-application-initiated outbound communications that ICF
doesn't block?

Many Thanks

Karl

"Carey Frisch [MVP]" wrote:

The built-in firewall in Windows XP cannot block
outgoing traffic. Perhaps you should consider purchasing
a good internet security suite.

Internet Firewalls: Frequently asked questions
http://www.microsoft.com/athome/security/protect/firewall.mspx

--
Carey Frisch
Microsoft MVP
Windows - Shell/User
Microsoft Community Newsgroups
news://msnews.microsoft.com/

-------------------------------------------------------------------------------------------

"Karl" wrote:

| Hi,
|
| Is it possible to setup Windows Firewall to block suspicious outbound
| traffic?
|
| I want to use it as last line of defense against Trojans which have
got
| around my av scanner and are trying to dial out.
|
| Thanks
|
| Karl

References:
- Re: Blocking outbound traffic with XP Firewall
  - From: Carey Frisch [MVP]
- Re: Blocking outbound traffic with XP Firewall
  - From: JW

Prev by Date: Re: Blocking outbound traffic with XP Firewall
Next by Date: Re: Remove GPO setting Help!!
Previous by thread: Re: Blocking outbound traffic with XP Firewall
Next by thread: Re: Blocking outbound traffic with XP Firewall
Index(es):
- Date
- Thread