Home page logo
/

basics logo Security Basics mailing list archives

Re: Windows XP Internet Connection Firewall
From: Ansgar -59cobalt- Wiechers <bugtraq () planetcobalt net>
Date: Thu, 16 Jun 2005 18:26:44 +0200

On 2005-06-16 sl2ck3rj2ck () gmail com wrote:
I am trying to understand the security implications of using the
default Windows XP Internet Connection Firewall [ Not to be confused
with Windows Firewall which comes with SP2 ] .

They are the same, except for some minor features and the name change.

I have read in many places that it is not a very secure firewall. And
using some 3rd party firewall like zonealarm is better.

No. No.

From what I could understand was that was because of two main reasons.

1. It only blocks inbound connections

Which is the only thing a host-based firewall can do reliably.

2. It does that by hiding the computer and not by actually blocking
the ports. Which would mean if some worm etc. was generating random
IPs it may actually be able to connect and exploit some service like
LSASS.

That's plain wrong.

Regards
Ansgar Wiechers
-- 
"All vulnerabilities deserve a public fear period prior to patches
becoming available."
--Jason Coombs on Bugtraq


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault