Thread: Microsoft Windows Vista includes a two-way firewall. TO THE TOP
View Single Post
  #22 (permalink)  
Old February 18th 09, 11:59 PM posted to microsoft.public.vb.vista.compatibility,microsoft.public.windows.vista.general,microsoft.public.windows.vista.performance_maintenance,microsoft.public.windows.vista.security
FromTheRafters[_2_]
external usenet poster
  
Posts: 221
Default Microsoft Windows Vista includes a two-way firewall. TO THE TOP
"Jack the Ripper" wrote in message
...
FromTheRafters wrote:
"John Doe" wrote in message
...
"FromTheRafters" wrote:

"Richard Mueller [MVP]" wrote
"FromTheRafters" wrote
"I.C. Greenfields" wrote
Some of us want to choose what "gets out" and what
doesn't.
And this info doesn't work since there is nowhere to
make such
a change in the Windows Firewall window that comes
up.
Configure it - HOW? Can someone explain how it's
configured to
actually work without being a programmer writing
strange
unknown confusing rules for everything that wants to
connect to
the net? If not, can someone recommend a good free
easy to
use two-way FireWall like ZoneAlarm that's
compatible with
Vista? Thanks.


http://www.vistastic.com/2007/03/09/...und-filtering/
I bet you didn't know that Microsoft Windows Vista
includes a
two-way firewall.
Windows Firewall with Advanced Security includes an
API that
allows services, applications, and installers to
write their own
ticket through the firewall. In other words, they can
add
themselves to the exclusions list.

http://msdn.microsoft.com/en-us/libr...53(VS.85).aspx
Thanks for the information.

So, it doesn't really do what most people think it
does.

The key to not having programs make outbound
connections, or
opening up ports for receiving unsolicited inbound
traffic, is
to not run those programs on
the machine.

Third party firewalls don't make it *that* easy - but
they don't
make it much
harder either. They provide the illusion that they
can stop
outbound traffic.
Apparently the makers of ZoneAlarm fixed such a problem
by
preventing ZoneAlarm from being shut down. After that ,
I have never
heard an authoritative claim that an application snuck
through
ZoneAlarm.

Which is why I never use the Windows firewall. Every
app thinks
they are special and should be able to contact big
brother with
news about me and retrieve info on things they feel I
need. Some
companies are especially bad. I know because I don't
use Windows
firewall so I see the requests and deny them. Over the
years it
seems to have gotten much worse.
I think it comes down to trust. If you don't trust a
program -
don't execute it. If you *do* trust it, let it do
whatever it is
programmed to do.
Sounds like a symptom of the ones and zeros disease.

When there is no "grey area" ones and zeroes describe
things accurately.
http://www.securityfocus.com/infocus/1839/1

Thanks for the link, although I'm not sure why you posted it
here. This poster seemed to imply that there is middle
ground to cover for programs that you trust to play your
video files, yet don't trust to access the internet for
instance. My point is that there is no middle ground - if
you don't trust it to access the internet, don't have it on
your system (who knows what other horrible things it could
be doing that you aren't aware of). There is no problem
having an API that allows a program you have given
permission to execute the ability to configure your
firewall. You indicated your trust when you installed or
executed the program.

In the case of foistware/malware, there is no reason to
assume outbound filtering would catch it in egression.
Houdini demonstrated that a safe isn't designed to keep a
person locked *in*. When he repeatedly managed to escape
from them, it didn't cause the manufacturers to redesign
their safes to be escape proof. You just have to work within
the safe's specifications.