[unisog] Personal Firewalls

Peter Van Epp vanepp at sfu.ca
Fri Apr 12 03:20:24 GMT 2002


> 
> 
> I just got a new computer at home with XP Home. I turned on the
> included firewall and did a quick external scan and didn't even 
> see it. Pretty cool for free :)
> 
> I think its just a simple, stateful packet filter so it won't 
> tell people when a remote control trojan or IRCBOT fires up 
> but I think it will keep the trojan from being accessed from 
> the outside (assuming the trojan doesn't disable it :) . It 
> should also protect computer owners who don't know they're 
> running IIS from Nimda and I assume it won't let people hack 
> at the C$ share in the Professional version.
> 
> Anyone done any real evaluation on it? Next year, all the
> new student computers will probably have it available.
> 
> -- 
> Gary Flynn
> Security Engineer - Technical Services
> James Madison University
> 
> Please R.U.N.S.A.F.E.
> http://www.jmu.edu/computing/runsafe
> 

	Being a suspicious sort (and having spoken with an uncredited firewall
developer about their NT product :-) ) I'd be tempted to re run the scan during 
a boot. It was said of NT (acting as a pass through firewall which is a 
different case) that it brings up the interfaces and forwards packets for 
15 to 20 seconds before services start (one of which is the firewall software).
In this case there may not be anything else interesting active before the 
firewall but it might also be interesting ...

Peter Van Epp / Operations and Technical Support 
Simon Fraser University, Burnaby, B.C. Canada



More information about the unisog mailing list