Home page logo

nanog logo nanog mailing list archives

Re: Microsoft to ship new versions with firewall enabled
From: Richard Cox <Richard () mandarin com>
Date: Thu, 14 Aug 2003 17:37:44 +0100

On Thu, 14 Aug 2003 16:07 UTC, "Eric A. Hall" <ehall () ehsco com> wrote:

| Wouldn't it make more sense to ship with all of the services disabled?

Yes it would - at least to US - but that would inevitably create a load
for the Support desk.  However as Microsoft charge for end-user support
I wouldn't put it past them thinking along those lines.  I hope there's
nobody from Microsoft reading this list ... that might give them ideas!

| if the role of the firewall is to block packets to weak services,
| wouldn't it be simpler to just disable the damn services since they
| aren't going to be usable anyway?

That wouldn't make sense at all.  What that would do is give the user
a false sense of security: it is just as important to block activities
by unauthorised programs ("trojans" etc) as it is to protect services
installed as part of the operating system.

What I do like in the latest release of Zone Alarm Pro is that it will
stop ANY program from connecting outbound on Port 25 unless that program
has been specifically authorised to send mail.  It was quite informative
to see which programs were trying to mail information back to their base!

Richard Cox

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]