Home page logo
/

nanog logo nanog mailing list archives

Re: [Microsoft to ship new versions with firewall enabled]
From: Daniel Senie <dts () senie com>
Date: Thu, 14 Aug 2003 11:23:44 -0400


At 10:46 AM 8/14/2003, Joshua Sahala wrote:

Sean Donelan <sean () donelan com> wrote:
>
> John Markoff reports in the New York Times that Microsoft plans to change
> how it ships Windows XP due to the worm.  In the future Microsoft will
> ship both business and consumer verisons of Windows XP with the included
> firewall enabled by default.
>

while i think many of us will welcome this, i am skeptical of what
the firewall will be 'enabled' to block, and how easy it will be
for the user to set-up rules (and hopefully there will be a sanity
check included so that 'permit in any' is not a valid option, but
then 'permit out any' should not be one either)
but still, it is a step...

The firewall in XP appears to perform stateful inspection. I have run scans against my own XP machines using NMAP and other tools. The machine appears completely non-responsive to such scans (i.e. no response on any ports).

I use this feature most especially when using public wifi hot spots, and encourage my clients to do the same (or use some other firewall software) when at such locales.

What Microsoft implemented does seem quite sufficient for many users. The down-side to this and all other firewalls running in software on end hosts is the possibility of an application finding another path in (e.g. email attached virus) and disabling the firewall.

I am no Microsoft apologist and am a proponent of open source, but have to admit they did a good job on this feature. It's good that Microsoft has finally realized the value in defaulting this capability to ON.

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault