If you pick up an exploit via a web browser a firewall isn't going to help you anyway.
I never said that it did. Re-read my original email.
The process needs only to hook into another process, or install a rootkit, or in the case of windows firewall, things can be added to the firewall 'convincing' it to not say anything.
All dependant on the privileges obtained by the exploit and any escalation obtainable.
A firewall may be needed for those who don't know what they are doing, but to say that EVERYONE should run a firewall is ludicrous.
As I said, I've been involved in computer security for many many years and my network is totally locked down.
I've been running firewall free for many years and i've NEVER gotten exploited. To say an unprotected windows box can be owned in 10 minutes isn't true.
No it's not, it's a proven fact.
All new copies of windows xp run at least sp2, which isn't subject to the exploits the original release was.
No, but it has a whole host of other vunls. It's not just the operating system though, in fact in most cases it's not the operating system which is attacked, it's the software which runs on it. What good is SP2 then?
You should consider writing an article for securityfocus.com on how to protect yourself with no security. It would be the first article on this topic and I'm sure it would be a hit.
************************************************************************ The information contained in this message or any of its attachments is confidential and is intended for the exclusive use of the addressee. The information may also be legally privileged. The views expressed may not be company policy, but the personal views of the originator. If you are not the addressee, any disclosure, reproduction, distribution or other dissemination or use of this communication is strictly prohibited. If you have received this message in error, please contact postmaster@exideuk.co.uk mailto:postmaster@exideuk.co.uk and then delete this message.
Exide Technologies is an industrial and transportation battery producer and recycler with operations in 89 countries. Further information can be found at www.exide.com
Windows XP RTM Shipped with a Firewall
It was called, rather cryptically, "Internet Connection Firewall". In SP2, it got a name change, and a better GUI added on top of, pretty much existing functionality.
On 11/16/05, David Hinz post.center@gmail.com wrote:
Murphy, Ged (Bolton) schrieb:
All new copies of windows xp run at least sp2, which isn't subject to the exploits the original release was.
No, but it has a whole host of other vunls. It's not just the operating system though, in fact in most cases it's not the operating system which is attacked, it's the software which runs on it. What good is SP2 then
Well, the good thing with SP2 is, that Microsoft adds a firewall to Windows XP with this SP ;-)
ros-general mailing list ros-general@reactos.org http://www.reactos.org/mailman/listinfo/ros-general
-- "I had a handle on life, but then it broke"
I'm sorry but the windows firewall is a joke. It can be controlled from the command line, i can even add my own rule without the user ever knowing.
TwoTailedFox wrote:
Windows XP RTM Shipped with a Firewall
It was called, rather cryptically, "Internet Connection Firewall". In SP2, it got a name change, and a better GUI added on top of, pretty much existing functionality.
On 11/16/05, David Hinz post.center@gmail.com wrote:
Murphy, Ged (Bolton) schrieb:
All new copies of windows xp run at least sp2, which isn't subject to the exploits the original release was.
No, but it has a whole host of other vunls. It's not just the operating system though, in fact in most cases it's not the operating system which is attacked, it's the software which runs on it. What good is SP2 then
Well, the good thing with SP2 is, that Microsoft adds a firewall to Windows XP with this SP ;-)
ros-general mailing list ros-general@reactos.org http://www.reactos.org/mailman/listinfo/ros-general
-- "I had a handle on life, but then it broke"
ros-general mailing list ros-general@reactos.org http://www.reactos.org/mailman/listinfo/ros-general
Richard Campbell wrote:
I'm sorry but the windows firewall is a joke. It can be controlled from the command line, i can even add my own rule without the user ever knowing.
So can the Linux firewall. The only major difference is that Windows runs by default as an administrator, and can have multiple administrators, so everyone that uses it has those permissions by default. Note that while I haven't tried it, I suspect that a regular user can't change that, since you can disable the command line and command line scripts entirely for a regular user.
That's a problem with the current structure of the Windows system. This is something that Microsoft has stated that they'll improve on in the future, though, I don't know if they're still following it. Rumor had it a while back that the release after Vista would be one that had a better permissions system that would allow users to have more customized abilities and roles in the system so that regular users would become easier to implement in the system. You can sort of do this with Windows XP, but it's still somewhat hard to do - there's no real mechanism of allowing the user to just play in their home directory like there is with UNIX and UNIX-like systems. The infrastructure is there, but it's highly error-prone and hard to use ATM.
- Mike
-
David Hinz -
Michael B. Trausch -
Murphy, Ged (Bolton) -
Richard Campbell -
TwoTailedFox