[ale] Good windows firewall ?

Adrin haswes at mindspring.com
Mon Jun 21 20:35:41 EDT 2004


This is interesting. You can really begin to see why Cisco is developing new hardware
switches and what the next step form hub to switch to smart switch.

Now my $0.02

I hate the XP firewall. I have not see anything to configure it.  How do you allow printer
sharing with it on?  how do you do shared folders? In a total windows enviroment. you have
to give windows users access to other machines (servers) Often you have to give that user
unreasonable read and write permissions for the software to operate properly.  Terminal
Services and https WebPages are a good example.  You will have a hard with some temp files
if you write protect the root windows temp directory.  Back to the workstation problems.
If a user is a power user or above he or she can install programs and make changes. Want
to stop problems lock the system down and make the profile mandatory, they will not be
able to make any lasting changes. You still have the problem of an email worm or other
program you have to lock down all ports that you don't use. Then take the crap for doing
it. Someone can still have a exploit going out on port 80, what can you do?  Not a lot.
You can even configure routers to only allow internet traffic to some IP addresses.


Zone Alarm and Norton Personal Firewall.  I loved Norton's, nothing like putting my custom
responses to queries from http servers.  There was a spy ware bot that was out about a
year ago. A wonderful windows app. that is sure to grow again sometime. This bot would
click allow TCP/IP traffic and allow on the Zone Alarm software popup, all at the blink of
an eye. Then you got all the popups you could stand.


As far as the laptop goes.  It happens and has happened. One unpatched windows machine
only takes about 5 sec to bring down a LAN. Once it finds one machine it is to late, kind
of like a STD. Personally if you come to my house you better have dialup if you want to
use your laptop and if you use my PC you will be either using the Linux Box or the guest
account.

Last few things.   Does anyone here read Network World?  The June 7th issue has a news
bit.  It seems homeland security is having trouble keeping up with patches.

And were is Bob??  I have not seen a commit from him yet.





More information about the Ale mailing list