Steve
I'm a PC, so shut up
Consultant
join:2001-03-10
Yorba Linda, CA
| Re: FIRST POST said by LiberalKing  : First moron, more like it.said by the article :
it was not really designed to stop programs from getting out (phoning home) Is "was in no way designed for" different from "was not really designed for" ? I think the latter suggests a minor effort which expects to fail, while the former suggests that the issue was not addressed in any way.
The XP/SP2 firewall is strictly inbound - by design - and though one can make a fair case for a firewall in both directions, hinting that XP/SP2 doesn't do such a good job on the outbound side is really disingenuous.
Steve
--
Stephen J. Friedl • Unix Wizard • Microsoft Security MVP • Tustin, California USA • my web site | |
|
 
TKJunkMail
Enjoy the sun
Premium
join:2002-03-03
Avalon, NJ
 ·Sprint Mobile Broa..
 ·Comcast
| Re: FIRST POST said by Steve :The XP/SP2 firewall is strictly inbound - by design - and though one can make a fair case for a firewall in both directions, hinting that XP/SP2 doesn't do such a good job on the outbound side is really disingenuous. I've read that the firewall that comes with Windows Vista will be a true 2 way firewall. The existing firewall vendors are already probably having their lawyers draw up anti-trust charges against Microsoft.
--
--
Join Red Room Forum
BLOG tkjunkmail.blogspot.com
My Web Page | |
|
 | Done_Posting
Shoot to kill
Premium
join:2003-08-22
Toledo, OH | Re: FIRST POST I've also read that the two-way firewall is supposed to make an appearance in XP/SP3 when it's realeased later this year.
- Tate
--
"I may work for a cable ISP, but I'm still an okay guy." | |
|
| |
BillRoland
Premium
join:2001-01-21
Ocala, FL
clubs:
·Cox HSI
| said by Steve :said by LiberalKing : First moron, more like it. said by the article :
it was not really designed to stop programs from getting out (phoning home) Is "was in no way designed for" different from "was not really designed for" ? I think the latter suggests a minor effort which expects to fail, while the former suggests that the issue was not addressed in any way. The XP/SP2 firewall is strictly inbound - by design - and though one can make a fair case for a firewall in both directions, hinting that XP/SP2 doesn't do such a good job on the outbound side is really disingenuous. Steve Amen Steve . I'd really like to know why an inbound only firewall failing an outboung firewall test, is news?
--
"Don't steal. The government hates competition." | |
|
micl
Visit Lovely Downtown Port Starboard
Premium
join:2001-10-25
Silver Spring, MD
| I remember when a firewall meant it blocked in-bound *and* outbound. If it just blocks in-bound, is it really a firewall just because someone calls it a firewall? Or is it just NAT?
--
If I don't see you in the future, I'll see you in the pasture | |
|
|
Steve
I'm a PC, so shut up
Consultant
join:2001-03-10
Yorba Linda, CA
| Re: FIRST POST said by micl :I remember when a firewall meant it blocked in-bound *and* outbound. That's never been the definition: a firewall is a device which applies access policy to network traffic, and the administrator can define it in any direction as he wishes.
In 1994 I was setting up Livingston Portmaster routers with fairly extensive filtering rules, and just because I chose to employ no outbound protection doesn't mean that it wasn't a firewall.
And the XP firewall isn't do NAT anyway.
Steve
--
Stephen J. Friedl • Unix Wizard • Microsoft Security MVP • Tustin, California USA • my web site | |
|
| | 
AnonName
@kaballero.com
| Re: FIRST POST Ah, the Portmaster... I remember them well. I managed a few of them.
Great device, I liked it better than the Cisco 52xx and 53xx RAS servers but a hundred and twenty modems is just a mess of wires and cables.
Ever work with a DiGi board? I still have a couple of those around 
-m-
The complements were intended not snide. I'm looking to bury the hatchet, not sharpen it.
| |
|
|
|
|
