XP Service Pack 2 Firewall?

[Lou]

Archived from groups: comp.security.firewalls (More info?)

I just installed Windows XP Service Pack 2 (RC1). Anyone have any
opinions on the "new" firewall that comes with it?

 

[Guest]

Archived from groups: comp.security.firewalls (More info?)

In article <netg70l5v0dutnovbmnvuk9evufsccr166@4ax.com>, nomail@rr.com
says...
> I just installed Windows XP Service Pack 2 (RC1). Anyone have any
> opinions on the "new" firewall that comes with it?

Sure, same opinion that's saved many IT managers in the past:

1) Never install updates unless they provide a direct fix for a problem
you currently have. Just because there are updates does not mean you
need to blindly install them.

2) Never trust a new patch (especially a new service pack) until it's
been on the street for at least a month, unless (see #1 above).

3) Never trust integrated programs to do what stand-alone programs do
better - this is only addressing the apps that come with an OS. What I
mean by this is that you should not trust the firewall feature if it's
built into the OS unless you've tested it and it's passed every instance
of attack/hack.

4) The less things your run on a computer the more stable is should be.
If you don't have a reason to run the XP firewall, don't. I would limit
it's use to laptops and installations where the user has no
alternatives.

--
--
spamfree999@rrohio.com
(Remove 999 to reply to me)

 

[Guest]

Archived from groups: comp.security.firewalls (More info?)

Lou <nomail@rr.com> wrote in news:netg70l5v0dutnovbmnvuk9evufsccr166@
4ax.com:

> I just installed Windows XP Service Pack 2 (RC1). Anyone have any
> opinions on the "new" firewall that comes with it?

My understanding from computer magazines is that it does NOT include
control over outgoing application connections. It would be good to hear if
this is your experience.

--
Tom McCune
My PGP Page & FAQ: http://www.McCune.cc/PGP.htm

 

[Guest]

Archived from groups: comp.security.firewalls (More info?)

Much improved inbound protection over the previous firewall, but of little
use if you are behind a hardware device as there is no outbound protection
(but again the same could be said for a majority of software firewalls).

The service pack security components are a very good thing for the casual
computer user who doesn't know from security, but is of little value for the
average nerd.


"Lou" <nomail@rr.com> wrote in message
news:netg70l5v0dutnovbmnvuk9evufsccr166@4ax.com...
> I just installed Windows XP Service Pack 2 (RC1). Anyone have any
> opinions on the "new" firewall that comes with it?

 

[Lou]

Archived from groups: comp.security.firewalls (More info?)

On Sat, 10 Apr 2004 23:25:44 GMT, Tom McCune
<news@DELETE_THISmccune.cc> wrote:

>Lou <nomail@rr.com> wrote in news:netg70l5v0dutnovbmnvuk9evufsccr166@
>4ax.com:
>
>> I just installed Windows XP Service Pack 2 (RC1). Anyone have any
>> opinions on the "new" firewall that comes with it?
>
>My understanding from computer magazines is that it does NOT include
>control over outgoing application connections. It would be good to hear if
>this is your experience.

I've only had it installed for a day, but it does have some control
over outbound connections, at least some of them. It hasn't tried to
stop any of my normal internet programs (browsers, email, etc.), but
it asked me if I wanted to let a program called "Echolink" access the
net, which I did.

 

[Guest]

Archived from groups: comp.security.firewalls (More info?)

"Lou" <nomail@rr.com> wrote in message
news:a7hh70drns8srmddvhkncmh6mr2i246f0b@4ax.com...
> On Sat, 10 Apr 2004 23:25:44 GMT, Tom McCune
> <news@DELETE_THISmccune.cc> wrote:
>
> >Lou <nomail@rr.com> wrote in news:netg70l5v0dutnovbmnvuk9evufsccr166@
> >4ax.com:
> >
> >> I just installed Windows XP Service Pack 2 (RC1). Anyone have any
> >> opinions on the "new" firewall that comes with it?
> >
> >My understanding from computer magazines is that it does NOT include
> >control over outgoing application connections. It would be good to hear
if
> >this is your experience.
>
> I've only had it installed for a day, but it does have some control
> over outbound connections, at least some of them. It hasn't tried to
> stop any of my normal internet programs (browsers, email, etc.), but
> it asked me if I wanted to let a program called "Echolink" access the
> net, which I did.

It's on the O/S too and can be used to supplement XP's FW as it will stop
outbound or inbound on the ports.

http://www.petri.co.il/block_ping_traffic_with_ipsec.htm
http://www.analogx.com/contents/articles/ipsec.htm

Duane

 

[Guest]

Archived from groups: comp.security.firewalls (More info?)

Lou <nomail@rr.com> wrote in
news:a7hh70drns8srmddvhkncmh6mr2i246f0b@4ax.com:

>>My understanding from computer magazines is that it does NOT include
>>control over outgoing application connections. It would be good to
>>hear if this is your experience.
>
> I've only had it installed for a day, but it does have some control
> over outbound connections, at least some of them. It hasn't tried to
> stop any of my normal internet programs (browsers, email, etc.), but
> it asked me if I wanted to let a program called "Echolink" access the
> net, which I did.

Thank you.

--
Tom McCune
My PGP Page & FAQ: http://www.McCune.cc/PGP.htm

 

[Guest]

Archived from groups: comp.security.firewalls (More info?)

Tom McCune wrote:

> Lou <nomail@rr.com> wrote in news:netg70l5v0dutnovbmnvuk9evufsccr166@
> 4ax.com:
>
>
>>I just installed Windows XP Service Pack 2 (RC1). Anyone have any
>>opinions on the "new" firewall that comes with it?
>
>
> My understanding from computer magazines is that it does NOT include
> control over outgoing application connections. It would be good to hear if
> this is your experience.
>
Being able to limit access to specific ports and protocols ought to be
good enough for users who aren't "at risk".

 

[Guest]

Archived from groups: comp.security.firewalls (More info?)

optikl <optikl@invalid.net> wrote in
news:Jsbec.115955$w54.829884@attbi_s01:

>> My understanding from computer magazines is that it does NOT include
>> control over outgoing application connections. It would be good to
>> hear if this is your experience.
>>
> Being able to limit access to specific ports and protocols ought to be
> good enough for users who aren't "at risk".

Is the ability to do this realistically within the ability of the average
computer user?

--
Tom McCune
My PGP Page & FAQ: http://www.McCune.cc/PGP.htm

 

[Guest]

Archived from groups: comp.security.firewalls (More info?)

Tom McCune wrote:

> optikl <optikl@invalid.net> wrote in
> news:Jsbec.115955$w54.829884@attbi_s01:
>
>
>>>My understanding from computer magazines is that it does NOT include
>>>control over outgoing application connections. It would be good to
>>>hear if this is your experience.
>>>
>>
>>Being able to limit access to specific ports and protocols ought to be
>>good enough for users who aren't "at risk".
>
>
> Is the ability to do this realistically within the ability of the average
> computer user?
>
Tom, I don't know. I think you may be right. I do know that a lot is
made of a firewalls ability to block or permit access to the internet
for specific applications and drivers. I'm not certain that "total
outbound control" buys anyone but the most "high risk" computer users
anything at all. And if one can't be trusted to keep malware off his/her
system, "total outbound control" is of use only in that it might contain
the problem.

 

[Guest]

Archived from groups: comp.security.firewalls (More info?)

optikl <optikl@invalid.net> wrote in news:mudec.14538$rg5.38300@attbi_s52:

> Tom, I don't know. I think you may be right. I do know that a lot is
> made of a firewalls ability to block or permit access to the internet
> for specific applications and drivers. I'm not certain that "total
> outbound control" buys anyone but the most "high risk" computer users
> anything at all. And if one can't be trusted to keep malware off his/her
> system, "total outbound control" is of use only in that it might contain
> the problem.

I would largely agree. I personally have maybe only once really caught
something with the outbound firewall application control - spyware on a
Verizon CD - the company never responded to my question as to why they had
it there. But the average user is much more likely to install software
that contains spyware, or to open a file attachment with a worm.
Unfortunately, the average user is also unlikely to know what to deny
Internet access to. At least in my home, my wife (and probably my
daughters, when visiting) would call me in and ask what to do.

--
Tom McCune
My PGP Page & FAQ: http://www.McCune.cc/PGP.htm

 

[Guest]

Archived from groups: comp.security.firewalls (More info?)

Lou wrote:

> I just installed Windows XP Service Pack 2 (RC1). Anyone have any
> opinions on the "new" firewall that comes with it?

My opinion: WinXP ICF is usually good enough for the average home user.
However, if someone wants real security, they can further harden their OS.

--
This sentence contradicts itself -- no actually it doesn't.
-- Hofstadter