[unisog] Personal Firewalls
ransel at net.kent.edu
Thu Apr 11 22:06:23 GMT 2002
> I just got a new computer at home with XP Home. I turned on the
> included firewall and did a quick external scan and didn't even
> see it. Pretty cool for free :)
> I think its just a simple, stateful packet filter so it won't
> tell people when a remote control trojan or IRCBOT fires up
> but I think it will keep the trojan from being accessed from
> the outside (assuming the trojan doesn't disable it :) . It
> should also protect computer owners who don't know they're
> running IIS from Nimda and I assume it won't let people hack
> at the C$ share in the Professional version.
> Anyone done any real evaluation on it? Next year, all the
> new student computers will probably have it available.
> Gary Flynn
> Security Engineer - Technical Services
> James Madison University
> Please R.U.N.S.A.F.E.
I ran nmap udp and tcp scans, nothing leaked.
A smbclient null connection to the Admin account does not leak either.
However, I found that after applying an update from MS for their
AIM-like software, i.e. MS instant messenger, MS opened ports for it,
even though it was not running. In particular, the update opens
the following ports:
msmsgs 10875 TCP
mssmgs 11488 UDP
Kent State University
More information about the unisog