Security Basics mailing list archives
Re: Windows XP Internet Connection Firewall
From: Ansgar -59cobalt- Wiechers <bugtraq () planetcobalt net>
Date: Thu, 16 Jun 2005 18:26:44 +0200
On 2005-06-16 sl2ck3rj2ck () gmail com wrote:
I am trying to understand the security implications of using the default Windows XP Internet Connection Firewall [ Not to be confused with Windows Firewall which comes with SP2 ] .
They are the same, except for some minor features and the name change.
I have read in many places that it is not a very secure firewall. And using some 3rd party firewall like zonealarm is better.
No. No.
From what I could understand was that was because of two main reasons. 1. It only blocks inbound connections
Which is the only thing a host-based firewall can do reliably.
2. It does that by hiding the computer and not by actually blocking the ports. Which would mean if some worm etc. was generating random IPs it may actually be able to connect and exploit some service like LSASS.
That's plain wrong. Regards Ansgar Wiechers -- "All vulnerabilities deserve a public fear period prior to patches becoming available." --Jason Coombs on Bugtraq
Current thread:
- Windows XP Internet Connection Firewall sl2ck3r j2ck (Jun 16)
- Re: Windows XP Internet Connection Firewall Ansgar -59cobalt- Wiechers (Jun 16)
- RE: Skype bypasses Windows XP Firewall David Low (Jun 17)
- Re: Windows XP Internet Connection Firewall Ansgar -59cobalt- Wiechers (Jun 16)