Sign in with
Sign up | Sign in
Your question

Skype Messenger is Bypassing Windows Firewall-Firewall doe..

Last response: in Windows XP
Share
June 19, 2005 5:39:19 PM

Archived from groups: microsoft.public.windowsxp.general (More info?)

Skype is bypassing the Fireall and automatically adding itself to exception
list. Even if you remove it from exception or block, the skype automatic ally
adds itself.

Is it a security hole?

Also, skype is able to start during startup even after denying access.

Another security hole.
Anonymous
a b 8 Security
June 19, 2005 7:53:47 PM

Archived from groups: microsoft.public.windowsxp.general (More info?)

"Skype" is not a Microsoft product.

Submit a Support Request to Skype
http://support.skype.com/?_a=tickets&_m=submit

--
Carey Frisch
Microsoft MVP
Windows XP - Shell/User
Microsoft Newsgroups

Get Windows XP Service Pack 2 with Advanced Security Technologies:
http://www.microsoft.com/athome/security/protect/window...

-------------------------------------------------------------------------------------------

"Jim" wrote:

| Skype is bypassing the Fireall and automatically adding itself to exception
| list. Even if you remove it from exception or block, the skype automatic ally
| adds itself.
|
| Is it a security hole?
|
| Also, skype is able to start during startup even after denying access.
|
| Another security hole.
Anonymous
a b 8 Security
June 19, 2005 11:24:43 PM

Archived from groups: microsoft.public.windowsxp.general (More info?)

Hi,

Part of why it has to be installed with Admin privileges. This isn't a
security hole, it's part of how the software works. If you don't like how it
works, uninstall it and don't use it.

--
Best of Luck,

Rick Rogers, aka "Nutcase" - Microsoft MVP
http://mvp.support.microsoft.com/
Associate Expert - WindowsXP Expert Zone
www.microsoft.com/windowsxp/expertzone
Windows help - www.rickrogers.org

"Jim" <Jim@discussions.microsoft.com> wrote in message
news:2B00A370-C585-44A2-94CF-C3E0968802D2@microsoft.com...
> Skype is bypassing the Fireall and automatically adding itself to
> exception
> list. Even if you remove it from exception or block, the skype automatic
> ally
> adds itself.
>
> Is it a security hole?
>
> Also, skype is able to start during startup even after denying access.
>
> Another security hole.
Related resources
Anonymous
a b 8 Security
June 19, 2005 11:40:12 PM

Archived from groups: microsoft.public.windowsxp.general (More info?)

Rick "Nutcase" Rogers wrote:
> Hi,
>
> Part of why it has to be installed with Admin privileges. This isn't a
> security hole, it's part of how the software works. If you don't like
> how it works, uninstall it and don't use it.

While you may not consider a program being allowed to write it's own
breech through the firewall a security hole, I sure as hell would not
use a firewall that allowed it. With all the morons allowing spyware to
be installed on their computer, it seeks ridiculous to have a firewall
that allows that kind of behavior of a program writing its own ticket
through the firewall, without any warning to the End User.

--
Peace!
Kurt
Self-anointed Moderator
microscum.pubic.windowsexp.gonorrhea
http://microscum.com/mscommunity
"Trustworthy Computing" is only another example of an Oxymoron!
"Produkt-Aktivierung macht frei"
Anonymous
a b 8 Security
June 20, 2005 12:08:51 AM

Archived from groups: microsoft.public.windowsxp.general (More info?)

Hey kurt,

Haven't read the Skype EULA, but I'd bet it's in there someplace. Fact is,
for the software to work it has to open a port of some sort. I'm unfamiliar
with any software install routine that specifically states which ones it
opens, only that it will establish some paths. It, like many other programs,
installs with admin privileges so that it can establish these and operate
according to how the user expects it to.

Not saying I like it, or that it's good or bad, just that it is what it is,
and it's not alone.

--
Best of Luck,

Rick Rogers, aka "Nutcase" - Microsoft MVP
http://mvp.support.microsoft.com/
Associate Expert - WindowsXP Expert Zone
www.microsoft.com/windowsxp/expertzone
Windows help - www.rickrogers.org

"kurttrail" <dontemailme@anywhereintheknowuniverse.org> wrote in message
news:%23gsm$gSdFHA.1288@tk2msftngp13.phx.gbl...
> Rick "Nutcase" Rogers wrote:
>> Hi,
>>
>> Part of why it has to be installed with Admin privileges. This isn't a
>> security hole, it's part of how the software works. If you don't like
>> how it works, uninstall it and don't use it.
>
> While you may not consider a program being allowed to write it's own
> breech through the firewall a security hole, I sure as hell would not use
> a firewall that allowed it. With all the morons allowing spyware to be
> installed on their computer, it seeks ridiculous to have a firewall that
> allows that kind of behavior of a program writing its own ticket through
> the firewall, without any warning to the End User.
>
> --
> Peace!
> Kurt
> Self-anointed Moderator
> microscum.pubic.windowsexp.gonorrhea
> http://microscum.com/mscommunity
> "Trustworthy Computing" is only another example of an Oxymoron!
> "Produkt-Aktivierung macht frei"
>
Anonymous
a b 8 Security
June 20, 2005 12:20:02 AM

Archived from groups: microsoft.public.windowsxp.general (More info?)

Rick "Nutcase" Rogers wrote:
> Hey kurt,
>
> Haven't read the Skype EULA, but I'd bet it's in there someplace.
> Fact is, for the software to work it has to open a port of some sort.
> I'm unfamiliar with any software install routine that specifically
> states which ones it opens, only that it will establish some paths.
> It, like many other programs, installs with admin privileges so that
> it can establish these and operate according to how the user expects
> it to.
> Not saying I like it, or that it's good or bad, just that it is what
> it is, and it's not alone.
>

You aren't quite understanding what I see as the problem. My software
firewall would warn me that a program is trying to access the interent
and ask me if I would want to allow it to happen. This has NOTHING to
do with a EULA, but with allowing a program opening a hole thru the
firewall without the firewall saying boo about it.

If Skype can open a two-way inbound/outbound hole through the firewall,
then ANY virus or spyware program can do it too.

--
Peace!
Kurt
Self-anointed Moderator
microscum.pubic.windowsexp.gonorrhea
http://microscum.com/mscommunity
"Trustworthy Computing" is only another example of an Oxymoron!
"Produkt-Aktivierung macht frei"
Anonymous
a b 8 Security
June 20, 2005 12:31:52 AM

Archived from groups: microsoft.public.windowsxp.general (More info?)

Hi,

> If Skype can open a two-way inbound/outbound hole through the firewall,
> then ANY virus or spyware program can do it too.

I gotcha. That's why it installs with admin privileges, so that it can open
them unimpeded. Any virus can do this too. This is one scenario where a
third party firewall has an advantage over the native one.

--
Best of Luck,

Rick Rogers, aka "Nutcase" - Microsoft MVP
http://mvp.support.microsoft.com/
Associate Expert - WindowsXP Expert Zone
www.microsoft.com/windowsxp/expertzone
Windows help - www.rickrogers.org

"kurttrail" <dontemailme@anywhereintheknowuniverse.org> wrote in message
news:ur2vS4SdFHA.3712@TK2MSFTNGP09.phx.gbl...
> Rick "Nutcase" Rogers wrote:
>> Hey kurt,
>>
>> Haven't read the Skype EULA, but I'd bet it's in there someplace.
>> Fact is, for the software to work it has to open a port of some sort.
>> I'm unfamiliar with any software install routine that specifically
>> states which ones it opens, only that it will establish some paths.
>> It, like many other programs, installs with admin privileges so that
>> it can establish these and operate according to how the user expects
>> it to.
>> Not saying I like it, or that it's good or bad, just that it is what
>> it is, and it's not alone.
>>
>
> You aren't quite understanding what I see as the problem. My software
> firewall would warn me that a program is trying to access the interent and
> ask me if I would want to allow it to happen. This has NOTHING to do with
> a EULA, but with allowing a program opening a hole thru the firewall
> without the firewall saying boo about it.
>
> If Skype can open a two-way inbound/outbound hole through the firewall,
> then ANY virus or spyware program can do it too.
>
> --
> Peace!
> Kurt
> Self-anointed Moderator
> microscum.pubic.windowsexp.gonorrhea
> http://microscum.com/mscommunity
> "Trustworthy Computing" is only another example of an Oxymoron!
> "Produkt-Aktivierung macht frei"
>
Anonymous
a b 8 Security
June 20, 2005 2:59:02 AM

Archived from groups: microsoft.public.windowsxp.general (More info?)

Hi Rick,
This doesn't hapen with other Applications. Even those are installed with
the same admin privilege but caught by Windows firewall while trying to run.

Skype messenger tryes to run by adding itself diretcly to the exception list
should never happen if Windows tightens the Security.

I guess this is a Security hole in XP or a Violation in Skype.

"Rick "Nutcase" Rogers" wrote:

> Hi,
>
> Part of why it has to be installed with Admin privileges. This isn't a
> security hole, it's part of how the software works. If you don't like how it
> works, uninstall it and don't use it.
>
> --
> Best of Luck,
>
> Rick Rogers, aka "Nutcase" - Microsoft MVP
> http://mvp.support.microsoft.com/
> Associate Expert - WindowsXP Expert Zone
> www.microsoft.com/windowsxp/expertzone
> Windows help - www.rickrogers.org
>
> "Jim" <Jim@discussions.microsoft.com> wrote in message
> news:2B00A370-C585-44A2-94CF-C3E0968802D2@microsoft.com...
> > Skype is bypassing the Fireall and automatically adding itself to
> > exception
> > list. Even if you remove it from exception or block, the skype automatic
> > ally
> > adds itself.
> >
> > Is it a security hole?
> >
> > Also, skype is able to start during startup even after denying access.
> >
> > Another security hole.
>
>
>
Anonymous
a b 8 Security
June 20, 2005 3:26:19 AM

Archived from groups: microsoft.public.windowsxp.general (More info?)

Kurt,

I use Skype, along with ZoneAlarm. ZA catches it every time and I have to
give it permission.

I don't know what firewall it "writes" it's own permission for, unless it is
the Windows Firewall that has no control over outbound connections.

--
Regards,

Richard Urban

If you knew as much as you think you know,
You would realize that you don't know what you thought you knew!


"kurttrail" <dontemailme@anywhereintheknowuniverse.org> wrote in message
news:ur2vS4SdFHA.3712@TK2MSFTNGP09.phx.gbl...
> Rick "Nutcase" Rogers wrote:
>> Hey kurt,
>>
>> Haven't read the Skype EULA, but I'd bet it's in there someplace.
>> Fact is, for the software to work it has to open a port of some sort.
>> I'm unfamiliar with any software install routine that specifically
>> states which ones it opens, only that it will establish some paths.
>> It, like many other programs, installs with admin privileges so that
>> it can establish these and operate according to how the user expects
>> it to.
>> Not saying I like it, or that it's good or bad, just that it is what
>> it is, and it's not alone.
>>
>
> You aren't quite understanding what I see as the problem. My software
> firewall would warn me that a program is trying to access the interent and
> ask me if I would want to allow it to happen. This has NOTHING to do with
> a EULA, but with allowing a program opening a hole thru the firewall
> without the firewall saying boo about it.
>
> If Skype can open a two-way inbound/outbound hole through the firewall,
> then ANY virus or spyware program can do it too.
>
> --
> Peace!
> Kurt
> Self-anointed Moderator
> microscum.pubic.windowsexp.gonorrhea
> http://microscum.com/mscommunity
> "Trustworthy Computing" is only another example of an Oxymoron!
> "Produkt-Aktivierung macht frei"
>
Anonymous
a b 8 Security
June 20, 2005 5:08:50 AM

Archived from groups: microsoft.public.windowsxp.general (More info?)

"Jim" <Jim@discussions.microsoft.com> wrote in message
news:2B00A370-C585-44A2-94CF-C3E0968802D2@microsoft.com...
> Skype is bypassing the Fireall and automatically adding itself to
> exception
> list. Even if you remove it from exception or block, the skype automatic
> ally
> adds itself.
>
> Is it a security hole?
>
> Also, skype is able to start during startup even after denying access.
>
> Another security hole.

No. And you installed Skype- you are the cause of your perceived security
breach, not the program.It didn't install itself.
Anonymous
a b 8 Security
June 20, 2005 5:08:51 AM

Archived from groups: microsoft.public.windowsxp.general (More info?)

Alan Smith wrote:
> "Jim" <Jim@discussions.microsoft.com> wrote in message
> news:2B00A370-C585-44A2-94CF-C3E0968802D2@microsoft.com...
>> Skype is bypassing the Fireall and automatically adding itself to
>> exception
>> list. Even if you remove it from exception or block, the skype
>> automatic ally
>> adds itself.
>>
>> Is it a security hole?
>>
>> Also, skype is able to start during startup even after denying
>> access. Another security hole.
>
> No. And you installed Skype- you are the cause of your perceived
> security breach, not the program.It didn't install itself.

No, but the firewall didn't warn that a hole was opened up in both
directions through it either. What good is a firewall that doesn't warn
a user that a hole has been created through it?

--
Peace!
Kurt
Self-anointed Moderator
microscum.pubic.windowsexp.gonorrhea
http://microscum.com/mscommunity
"Trustworthy Computing" is only another example of an Oxymoron!
"Produkt-Aktivierung macht frei"
Anonymous
a b 8 Security
June 20, 2005 5:08:51 AM

Archived from groups: microsoft.public.windowsxp.general (More info?)

Hi Alan,
The same thing may happen unknowingly to some user. Shouldn't the XP's
Firewall warn him or prevent Application(s) that breaches security.

In't it the job of OS to prevent? Or the user should prevent it. More than
60% of user wouldn't know a security breach unless if he is a Techie.

"Alan Smith" wrote:

>
> "Jim" <Jim@discussions.microsoft.com> wrote in message
> news:2B00A370-C585-44A2-94CF-C3E0968802D2@microsoft.com...
> > Skype is bypassing the Fireall and automatically adding itself to
> > exception
> > list. Even if you remove it from exception or block, the skype automatic
> > ally
> > adds itself.
> >
> > Is it a security hole?
> >
> > Also, skype is able to start during startup even after denying access.
> >
> > Another security hole.
>
> No. And you installed Skype- you are the cause of your perceived security
> breach, not the program.It didn't install itself.
>
>
>
Anonymous
a b 8 Security
June 20, 2005 5:23:54 AM

Archived from groups: microsoft.public.windowsxp.general (More info?)

Jim wrote:

> Skype is bypassing the Fireall and automatically adding itself to
> exception list. Even if you remove it from exception or block, the skype
> automatic ally adds itself.
>
> Is it a security hole?
>
> Also, skype is able to start during startup even after denying access.
>
> Another security hole.

Skype uses Port 80 to communicate with the outside world, as does Windows
Media Services. I don't believe that Windoze firewall will block this port.


--
Get Microsoft PowerToys for Windows XP here:
http://www.microsoft.com/windowsxp/downloads/powertoys/...
"A must-have for your Toy Operating System"
Anonymous
a b 8 Security
June 20, 2005 6:09:08 AM

Archived from groups: microsoft.public.windowsxp.general (More info?)

Richard Urban wrote:
> Kurt,
>
> I use Skype, along with ZoneAlarm. ZA catches it every time and I
> have to give it permission.
>
> I don't know what firewall it "writes" it's own permission for,
> unless it is the Windows Firewall that has no control over outbound
> connections.

Yes, I thought it was quite clear that we were talking about the Windows
Firewall, and this more than just an outboand connection. This program
opens up a two way hole through the firewall, without warning or asking
permission. It is creating a firewall rule, not just allowing all
outbound connections.

--
Peace!
Kurt
Self-anointed Moderator
microscum.pubic.windowsexp.gonorrhea
http://microscum.com/mscommunity
"Trustworthy Computing" is only another example of an Oxymoron!
"Produkt-Aktivierung macht frei"
Anonymous
a b 8 Security
June 20, 2005 11:07:58 PM

Archived from groups: microsoft.public.windowsxp.general (More info?)

kurttrail wrote:

>
>
> Yes, I thought it was quite clear that we were talking about the Windows
> Firewall, and this more than just an outboand connection. This program
> opens up a two way hole through the firewall, without warning or asking
> permission. It is creating a firewall rule, not just allowing all
> outbound connections.
>


This has *always* been the main weakness of WinXP's built-in firewall:
It doesn't monitor or impede out-bound traffic at all, and it passes
in-bound responses to that traffic without a quibble. It's based upon
the rather silly premise that the average computer user knows what he's
doing when he installs an application.


--

Bruce Chambers

Help us help you:
http://dts-l.org/goodpost.htm
http://www.catb.org/~esr/faqs/smart-questions.html

You can have peace. Or you can have freedom. Don't ever count on having
both at once. - RAH
Anonymous
a b 8 Security
June 21, 2005 7:01:08 PM

Archived from groups: microsoft.public.windowsxp.general (More info?)

Bruce Chambers wrote:

> kurttrail wrote:
>
>> Yes, I thought it was quite clear that we were talking about
>> the Windows Firewall, and this more than just an outboand
>> connection. This program opens up a two way hole through
>> the firewall, without warning or asking permission. It is
>> creating a firewall rule, not just allowing all outbound
>> connections.
>>
>
> This has *always* been the main weakness of WinXP's
> built-in firewall: It doesn't monitor or impede out-bound
> traffic at all, and it passes in-bound responses to that
> traffic without a quibble. It's based upon the rather silly
> premise that the average computer user knows what he's doing
> when he installs an application.
Hi,

If you read the article by Christian Huitema [MSFT] in the link below,
it looks that it's more based on the premise that the average computer
user do /not/ knows what he's doing when he installs an application.

The Windows XP/SP2 Firewall
http://www.huitema.net/sp2-firewall.asp


--
torgeir, Microsoft MVP Scripting and WMI, Porsgrunn Norway
Administration scripting examples and an ONLINE version of
the 1328 page Scripting Guide:
http://www.microsoft.com/technet/scriptcenter/default.m...
Anonymous
a b 8 Security
June 21, 2005 7:01:09 PM

Archived from groups: microsoft.public.windowsxp.general (More info?)

Torgeir Bakken (MVP) wrote:
> Bruce Chambers wrote:
>
>> kurttrail wrote:
>>
>>> Yes, I thought it was quite clear that we were talking about
>>> the Windows Firewall, and this more than just an outboand
>>> connection. This program opens up a two way hole through
>>> the firewall, without warning or asking permission. It is
>>> creating a firewall rule, not just allowing all outbound
>>> connections.
>>>
>>
>> This has *always* been the main weakness of WinXP's
>> built-in firewall: It doesn't monitor or impede out-bound
>> traffic at all, and it passes in-bound responses to that
>> traffic without a quibble. It's based upon the rather silly
>> premise that the average computer user knows what he's doing
>> when he installs an application.
> Hi,
>
> If you read the article by Christian Huitema [MSFT] in the link below,
> it looks that it's more based on the premise that the average computer
> user do /not/ knows what he's doing when he installs an application.
>
> The Windows XP/SP2 Firewall
> http://www.huitema.net/sp2-firewall.asp

Ease of Use vs. Security. There same old aurgument, and the same old
Microsoft. Security is not job one.

I don't buy the argument given in the article, especially when you
consider that MS expects its end users to know and deal with all the
policies of PA, but a firewall, that the end user shouldn't have to deal
with!

When it comes to securing the OS from its paying customers, pile on the
BS, when it comes to securing the OS FOR its paying customers, make sure
that its easy to use!

Sorry Torgeir, don't mean to pile this on you, I'm just cannot believe
that argument for one second.

--
Peace!
Kurt
Self-anointed Moderator
microscum.pubic.windowsexp.gonorrhea
http://microscum.com/mscommunity
"Trustworthy Computing" is only another example of an Oxymoron!
"Produkt-Aktivierung macht frei"
Anonymous
a b 8 Security
June 21, 2005 7:02:24 PM

Archived from groups: microsoft.public.windowsxp.general (More info?)

Jim Clark wrote:

> Hi Rick,
> This doesn't hapen with other Applications. Even those are
> installed with the same admin privilege but caught by Windows
> firewall while trying to run.
>
> Skype messenger tryes to run by adding itself diretcly to the
> exception list should never happen if Windows tightens the
> Security.
>
> I guess this is a Security hole in XP or a Violation in Skype.
Hi,

Actually, it is by design and not a security hole. Microsoft decided
that an application that already was running on your computer was
allowed to add itself to the FW exception list without the FW warning
you about it. But Microsoft recommends that the developer adds code
that asks the user for permission before doing it (and Skype have
obviously not followed that recommendation).

See this article by Christian Huitema [MSFT] for more on the reasoning
behind this decision:

The Windows XP/SP2 Firewall
http://www.huitema.net/sp2-firewall.asp


--
torgeir, Microsoft MVP Scripting and WMI, Porsgrunn Norway
Administration scripting examples and an ONLINE version of
the 1328 page Scripting Guide:
http://www.microsoft.com/technet/scriptcenter/default.m...
Anonymous
a b 8 Security
June 22, 2005 12:40:07 AM

Archived from groups: microsoft.public.windowsxp.general (More info?)

On Sun, 19 Jun 2005 19:40:12 -0400, "kurttrail"
>Rick "Nutcase" Rogers wrote:

>> Part of why it has to be installed with Admin privileges. This isn't a
>> security hole, it's part of how the software works. If you don't like
>> how it works, uninstall it and don't use it.

>While you may not consider a program being allowed to write it's own
>breech through the firewall a security hole, I sure as hell would not
>use a firewall that allowed it.

Yup. What you're seeing here is that NT was (and still is) written to
be remotely administered, as appropriate for corporate use. There's
typically more that can be done by software than from the keyboard,
and most everything can be done remotely, too.

As a consumer, you'd rather have a system under full control from the
keyboard, with limits to what software can do, and absolutely nothing
to be possible from anywhere "out there" - but, etc.


>--------------- ----- ---- --- -- - - -
Never turn your back on an installer program
>--------------- ----- ---- --- -- - - -
Anonymous
a b 8 Security
June 22, 2005 12:57:22 AM

Archived from groups: microsoft.public.windowsxp.general (More info?)

On Mon, 20 Jun 2005 19:07:58 -0600, Bruce Chambers
>kurttrail wrote:

>> Yes, I thought it was quite clear that we were talking about the Windows
>> Firewall. This program opens up a two way hole through the firewall,
>> without warning or asking permission... It is creating a firewall rule.

>This has *always* been the main weakness of WinXP's built-in firewall:
> It doesn't monitor or impede out-bound traffic at all... It's based upon
>the rather silly premise that the average computer user knows what he's
>doing when he installs an application.

Let's look at the silliness of that premise:
- that it's the user who is initiating the install
- that what the user thinks he's doing, is what's happening

You can create a file called "THIS IS A VIRUS.EXE" and sure enough,
some users will run it. This has been PoC'd.

You can also write malware, even commercial malware, that the system
auto-installs without prompting at all. This too has been PoC'd.

Between these extremes, as well as piled up at both ends of the
spectrum, is a lot of stuff. Sometimes this stuff exploits genuine
mistakes in how the system is coded, such as CoolWebSearch vs. Java,
Lovesan vs. RPC, Sasser vs. LSASS, the latest bots vs. ANS.1

Sometimes this stuff exploits bad software design at the code detail
level, such as raw code within .PIF, MIME-spoofed attachments
exploiting IE's failure to sanity-check this, or Word macros within
file types that should not contain them, such as .RTF

Other times, this stuff simply uses the system as it was designed to
be used. For example, web trash can put up a free-standing dialog
that looks exactly like a "system" dialog box, and which runs the code
as if you pressed OK when you click the top right-hand [X] or the
Cancel button - all without having to "exploit" anything at all.


>--------------- ----- ---- --- -- - - -
Never turn your back on an installer program
>--------------- ----- ---- --- -- - - -
Anonymous
a b 8 Security
June 22, 2005 1:26:00 PM

Archived from groups: microsoft.public.windowsxp.general (More info?)

On Sun, 19 Jun 2005 22:59:02 -0700, Jim Clark <Jim

>I guess this is a Security hole in XP or a Violation in Skype.

Violation? "Mercy is for the weak, Todd!"

When XP's firewall first came out, I wasn't surprised that MS looked
at only traditional incoming traffic risks, and ignored outgoing
traffic - the idea being that a firewall keeps network things out, and
an antivirus keeps code things out, and because these always work,
there's no need to worry about anything already "in".

The reason is that watching outgoing traffic, especially if
"editorializing" on the nature of that traffic, would require MS to
watch and develop for particular malware on an ongoing basis. That's
an open-ended committment poorly suited to "one off payment, free
support" and better suited to the av industry's "subscription" model.

And the LAST thing I want to see is permanent software being "sold"
via rental slavery, where you have to keep paying for the same old
product if you don't want to upgrade, or cannot do so because you're
using a perfectly good but increasingly "ancient" computer.

Since that time, MS has embraced the challenge of keeping up with the
bad guys, what with the acquisition or RAV, the mutation of Giant into
MSAS Beta, and subsequent initiatives.

Against that background, I'd expect to see egress awareness, and
perhaps even whitelisting for local code as well. I'd like to see
egress minitoring that's smart enough to stab wolves through the usual
BHO, SVCHost and RunDLL sheepskins, too.

Actually, there's a lot I'd like to see, but my hopes are not high.



>------------------------ ---- --- -- - - - -
Forget http://cquirke.blogspot.com and check out a
better one at http://topicdrift.blogspot.com instead!
>------------------------ ---- --- -- - - - -
!