How much can I trust XP SP2 firewall on its own?

On Tue, 22 Mar 2005 21:01:00 GMT, Leythos <void.TakeThisOut@nowhere.lan> wrote:


 >You can not trust it any more than you trust anything based on MS
 >Security. I would never connect a workgroup computer directly to the
 >internet using SP2's firewall, and I would never suggest it as being "good
 >enough" to any client.

Gerald Vogt (someone who posts here frequently) would disagree with
the above statements. I've used the SP2 XP firewall with no
compromises but I am now using Sygate just because it allows better
monitoring and outbound protection.<!-- ~MESSAGE_AFTER~ -->
 >> Stay informed about: How much can I trust XP SP2 firewall on its own? 

On 22 Mar 2005 11:39:01 -0800, "YKhan" <yjkhan.RemoveThis@gmail.com> wrote:

 >Can I trust the Windows XP SP2 firewall to protected a machine with a
 >direct Internet connection? I usually use a broadband router to protect
 >my machines, but I still keep their own personal firewalls activated.
 >But due to various issues, I sometimes find it necessary to disconnect
 >the router and to connect one machine directly to the broadband modem.
 >
 >Prior to SP2, I had been using ZoneAlarm and Sygate, but once SP2 came
 >out, I figured the Windows Firewall should be at least as capable at
 >basic protection as the other two. I also used to notice that there
 >were regular updates to ZoneAlarm, which I figured were them plugging
 >up newly discovered security holes in their software. However, barely
 >any updates to Windows Firewall.
 >
 >Does anyone know if there's any vulnerability that's been discovered
 >that will allow a hacker to blow past the Windows Firewall?
 >
 > Yousuf Khan

Go into your XP root folder.
Count all of the $NtUninstall* folders.
Every one of those is one more reason not to put all your faith in a single
Microsoft solution.

So, let's cut to the chase: what are we actually wrestling with here, YK?
Gaming problem?
Can't solve it with Port Forward rules in your router?

/daytripper<!-- ~MESSAGE_AFTER~ -->
 >> Stay informed about: How much can I trust XP SP2 firewall on its own? 

I would think that taking the router out of the picture is just a
configuration issue. So why are you removing the router to make a direct
connect to the Internet with a machine?

Duane
 >> Stay informed about: How much can I trust XP SP2 firewall on its own? 

"YKhan" <yjkhan DeleteThis @gmail.com> wrote in news:1111520341.384250.73880
@z14g2000cwz.googlegroups.com:

 > Can I trust the Windows XP SP2 firewall to protected a machine with a
 > direct Internet connection?

NO! NMAP can drill right through SP2 firewall.

--
"Why do they call it rush hour when nothing moves?", Robin Williams<!-- ~MESSAGE_AFTER~ -->
 >> Stay informed about: How much can I trust XP SP2 firewall on its own? 

this post is not archived.
 >> Stay informed about: How much can I trust XP SP2 firewall on its own? 

Darko Gavrilovic wrote:
 > "YKhan" <yjkhan.DeleteThis@gmail.com> wrote in news:1111520341.384250.73880
 > @z14g2000cwz.googlegroups.com:
 >
 >
  >>Can I trust the Windows XP SP2 firewall to protected a machine with a
  >>direct Internet connection?
 >
 >
 > NO! NMAP can drill right through SP2 firewall.
 >

I checked out this thing after you mentioned it. It looks like it may
not be an issue with the SP2 version of the Firewall.

Dana Epp's ramblings at the Sanctuary: XPSP2 rips out raw sockets
<a style='text-decoration: underline;' href="http://silverstr.ufies.org/blog/archives/000666.html" target="_blank">http://silverstr.ufies.org/blog/archives/000666.html</a>

  Yousuf Khan<!-- ~MESSAGE_AFTER~ -->
 >> Stay informed about: How much can I trust XP SP2 firewall on its own? 

Leythos wrote:
 > On Tue, 22 Mar 2005 18:03:09 -0800, Connected wrote:
  >>Gerald Vogt (someone who posts here frequently) would disagree with
  >>the above statements. I've used the SP2 XP firewall with no
  >>compromises but I am now using Sygate just because it allows better
  >>monitoring and outbound protection.
 >
 >
 > There are always two or more sides to every solution, and I just will not
 > trust my clients with SP2 Firewall as their means of protection. I've been
 > working with computers since the 70's and never had a computer/server
 > compromised, never had a client compromised, and install firewalls all
 > over the country. I'm going to stick with what I know works and I see no
 > reason to trust any personal firewall, let alone one put out by MS. Don't
 > get me wrong, the company I own is a MS Partner, and we're also a ISV, but
 > I'm not abound to even think of trusting the SP2 Firewall.

Other than general reputation of the company who makes the product, is
there anything specifically known about the SP2 firewall?

  Yousuf Khan<!-- ~MESSAGE_AFTER~ -->
 >> Stay informed about: How much can I trust XP SP2 firewall on its own? 

daytripper wrote:
 > Go into your XP root folder.
 > Count all of the $NtUninstall* folders.
 > Every one of those is one more reason not to put all your faith in a single
 > Microsoft solution.

Yeah, but it also doesn't look like there's a too much they could do to
screw up this software -- listen for a signal on a port, and don't
answer it.

 > So, let's cut to the chase: what are we actually wrestling with here, YK?
 > Gaming problem?
 > Can't solve it with Port Forward rules in your router?

No, just a problem with the router itself, it seems to overheat and drop
connections.

  Yousuf Khan<!-- ~MESSAGE_AFTER~ -->
 >> Stay informed about: How much can I trust XP SP2 firewall on its own? 

Yousuf Khan <bbbl67.TakeThisOut@ezrs.com> wrote in news:fls0e.36450$nK.1208966
@news20.bellglobal.com:

 > Darko Gavrilovic wrote:
  >> "YKhan" <yjkhan.TakeThisOut@gmail.com> wrote in news:1111520341.384250.73880
  >> @z14g2000cwz.googlegroups.com:
  >>
  >>
   >>>Can I trust the Windows XP SP2 firewall to protected a machine with a
   >>>direct Internet connection?
  >>
  >>
  >> NO! NMAP can drill right through SP2 firewall.
  >>
 >
 > I checked out this thing after you mentioned it. It looks like it may
 > not be an issue with the SP2 version of the Firewall.
 >
 > Dana Epp's ramblings at the Sanctuary: XPSP2 rips out raw sockets
<font color=purple> > <a style='text-decoration: underline;' href="http://silverstr.ufies.org/blog/archives/000666.html</font" target="_blank">http://silverstr.ufies.org/blog/archives/000666.html</font</a>>
 >
 > Yousuf Khan
 >

Howdy. You may want to check these links.

<a style='text-decoration: underline;' href="http://seclists.org/lists/nmap-hackers/2004/Jul-Sep/0003.html" target="_blank">http://seclists.org/lists/nmap-hackers/2004/Jul-Sep/0003.html</a>

<a style='text-decoration: underline;' href="http://www.insecure.org/nmap/nmap_download.html#windows" target="_blank">http://www.insecure.org/nmap/nmap_download.html#windows</a>

<a style='text-decoration: underline;' href="http://www.antionline.com/showthread.php?s=&threadid=261405" target="_blank">http://www.antionline.com/showthread.php?s=&threadid=261405</a>
&highlight=nmap+sp2+works

It's nice the MS offer a free firewall, but the only thing I like about
it is the nice looking high quality icon that has the red bricks in it!

Cheers.

--
"Why do they call it rush hour when nothing moves?", Robin Williams<!-- ~MESSAGE_AFTER~ -->
 >> Stay informed about: How much can I trust XP SP2 firewall on its own? 

this post is not archived.
 >> Stay informed about: How much can I trust XP SP2 firewall on its own? 

Darko Gavrilovic <darkoDOTgavrilovicATutorontoDOTca> writes:


 > NO! NMAP can drill right through SP2 firewall.

And?
--
Justin Murdock<!-- ~MESSAGE_AFTER~ -->
 >> Stay informed about: How much can I trust XP SP2 firewall on its own? 

Yousuf Khan <bbbl67.RemoveThis@ezrs.com> wrote:

 > daytripper wrote:
  > > Go into your XP root folder.
  > > Count all of the $NtUninstall* folders.
  > > Every one of those is one more reason not to put all your faith in a single
  > > Microsoft solution.
 >
 > Yeah, but it also doesn't look like there's a too much they could do to
 > screw up this software -- listen for a signal on a port, and don't
 > answer it.
 >
  > > So, let's cut to the chase: what are we actually wrestling with here, YK?
  > > Gaming problem?
  > > Can't solve it with Port Forward rules in your router?
 >
 > No, just a problem with the router itself, it seems to overheat and drop
 > connections.
 >
 > Yousuf Khan

sounds like you need a new router then, on the whole a router should be
lot safer, and you can get a cheap wired one for beer money really.

roger<!-- ~MESSAGE_AFTER~ -->
 >> Stay informed about: How much can I trust XP SP2 firewall on its own? 

Roger Merriman wrote:
 > sounds like you need a new router then, on the whole a router should be
 > lot safer, and you can get a cheap wired one for beer money really.

The problem is, it is a new router, only had it for a few months.

It's one of those ultra-compact routers, a Dlink DI-524, extremely tiny.
I have an older DI-614+ in another location and that one has been
running nonstop flawlessly for several years now, but it's also twice
the volume of the DI-524. I think as is usual with these things, the
tinier they get, the more they overheat.

  Yousuf Khan<!-- ~MESSAGE_AFTER~ -->
 >> Stay informed about: How much can I trust XP SP2 firewall on its own?