[unisog] Personal Firewalls

Adam Goldstein adam.goldstein at villanova.edu
Fri Apr 12 12:35:57 GMT 2002

We tested the XP firewall against some of the other popular personal 
firewalls for an upcoming rollout.  Its main disadvantage compared to 
the others was its inability to block outbound connections and that 
inbound rules could only be set based on port #, not port and ip.  It 
seemed effective against basic scans and probes.  As others noted, we 
also identified that activating certain MS apps (i.e. Messenger) would 
automatically open ports.  If anyone is interested I'd be happy to 
forward a summary of our findings.

Adam Goldstein
IT Security Specialist
Villanova University
adam.goldstein at villanova.edu

Gary Flynn wrote:

>I just got a new computer at home with XP Home. I turned on the
>included firewall and did a quick external scan and didn't even 
>see it. Pretty cool for free :)
>I think its just a simple, stateful packet filter so it won't 
>tell people when a remote control trojan or IRCBOT fires up 
>but I think it will keep the trojan from being accessed from 
>the outside (assuming the trojan doesn't disable it :) . It 
>should also protect computer owners who don't know they're 
>running IIS from Nimda and I assume it won't let people hack 
>at the C$ share in the Professional version.
>Anyone done any real evaluation on it? Next year, all the
>new student computers will probably have it available.

More information about the unisog mailing list