Re: Does Windows Firewall Actualy Do Anything?



In article <bofe83ldpekatfkm5gu4ngr95th6s75kq6@xxxxxxx>,
b__nice@xxxxxxxxxxx says...
On Sat, 30 Jun 2007 08:56:27 -0400, Leythos <void@xxxxxxxxxxx> wrote:

In article <e72c83l13a494mf1dpo4fjf11c14a3l0kn@xxxxxxx>,
b__nice@xxxxxxxxxxx says...
On Fri, 29 Jun 2007 16:57:51 -0400, Leythos <void@xxxxxxxxxxx> wrote:

The windows firewall does very little to protect you unless you know how
to control it and monitor it daily.

Only true of one is stupid enough to run with full priviliges.

I would suggest that 90% of the people using XP don't have a clue about
the WF, that they don't even know it permits exceptions, that they don't
know that programs can create exceptions without them knowing, and that
at least 90% are running as a local admin because MS and the vendors
that write programs don't understand security.

And that is the problem that needs to be changed.

And it's not going to be changed, even in Vista it's not changed, and
the only thing we can do is tell people. So, we're back to monitoring
and checking the exceptions rules just like I said.


Most applications, when you run as a default user, can punch holes in it
and allow external connections without you even being aware that they
entered an "Exception" in the WF.

Which is true for any appliation run as a default user.

Some applications that are soft firewalls at least require or try and
require a check with the user

Yes. And by promoting these you promote status quo.

I don't and didn't promote using a third-party firewall, my first
statement was clear and didn't do what you suggest.

I personally suggest a NAT Router at the least and a Firewall appliance
as the best choice - one that filters SMTP and HTTP sessions for content
types (removes them).

--

Leythos
- Igitur qui desiderat pacem, praeparet bellum.
- Calling an illegal alien an "undocumented worker" is like calling a
drug dealer an "unlicensed pharmacist"
spam999free@xxxxxxxxxx (remove 999 for proper email address)
.