|
Microsoft new policy, XP to ship with firewall switched on
http://news.bbc.co.uk/2/hi/technology/3153229.stm
<quote> The news that Microsoft is going to start shipping Windows XP with its various security features enabled by default should be welcomed, even if it is does not solve the bigger problem. After all, it still leaves tens of millions of users with an operating system that was set up to make it easy for them to play online games and use e-commerce websites, and at the same time giving virus and worm writers lots of ways to attack their computers. And that is to say nothing of the Windows 98, NT and 2000 installed base, where security is more a matter of hoping and installing third-party software than using anything provided by Microsoft. But it is a start. The decision to change the standard installation of XP is a result of this week's fuss about the MSBlast worm, which has infected hundreds of thousands of internet-connected computers and continues to cause problems on the net. This could get significantly worse on Saturday when infected computers are programmed to send fake requests to the Microsoft website and try to make it inaccessible. Firewall trouble MSBlast is another embarrassment for Microsoft, but it could mark a turning point in how we think about online security. At last ordinary Windows users will have to do something - actually turn off their firewall - if they want to expose themselves to risk. So far everyone has been so focused on ease of use and not getting in the way that they have designed and built systems which are intrinsically insecure. Then it is been left to untrained, unskilled and unaware users to make the changes which limit risks. Few of us, even the technically skilled among us, bother to do this. And few of us do it all the time. </quote> |
Re: Microsoft new policy, XP to ship with firewall switched on
Who would want to use XP ICF anyway? It lacks many features a normal free
software firewall has. "Howard Johnson" <hojos@xx.xx> wrote in message news:A_x%a.11878$9f7.1367698@news02.tsnz.net... > http://news.bbc.co.uk/2/hi/technology/3153229.stm > > <quote> > The news that Microsoft is going to start shipping Windows XP with its > various security features enabled by default should be welcomed, even if it > is does not solve the bigger problem. > > After all, it still leaves tens of millions of users with an operating > system that was set up to make it easy for them to play online games and use > e-commerce websites, and at the same time giving virus and worm writers lots > of ways to attack their computers. > > And that is to say nothing of the Windows 98, NT and 2000 installed base, > where security is more a matter of hoping and installing third-party > software than using anything provided by Microsoft. > > But it is a start. > > The decision to change the standard installation of XP is a result of this > week's fuss about the MSBlast worm, which has infected hundreds of thousands > of internet-connected computers and continues to cause problems on the net. > > This could get significantly worse on Saturday when infected computers are > programmed to send fake requests to the Microsoft website and try to make it > inaccessible. > > Firewall trouble > > MSBlast is another embarrassment for Microsoft, but it could mark a turning > point in how we think about online security. > > At last ordinary Windows users will have to do something - actually turn off > their firewall - if they want to expose themselves to risk. > > So far everyone has been so focused on ease of use and not getting in the > way that they have designed and built systems which are intrinsically > insecure. > > Then it is been left to untrained, unskilled and unaware users to make the > changes which limit risks. Few of us, even the technically skilled among us, > bother to do this. And few of us do it all the time. > > </quote> > > > |
Re: Microsoft new policy, XP to ship with firewall switched on
"anon" wrote
> Who would want to use XP ICF anyway? It lacks many features a normal free > software firewall has. My mom... she doesn't need the advanced features, and just needs a simple Firewall, nothing too hard. |
Re: Microsoft new policy, XP to ship with firewall switched on
On Sun, 17 Aug 2003 10:11:33 +1200, "Howard Johnson" <hojos@xx.xx>
wrote: >http://news.bbc.co.uk/2/hi/technology/3153229.stm > ><quote> >The news that Microsoft is going to start shipping Windows XP with its >various security features enabled by default should be welcomed, even if it >is does not solve the bigger problem. > <snip /> </quote> This is silly. All the naive Windows XP users are now going to think that they are protected. What a shock for them when a) they receive a virus in email b) they can't f'rinstance run ftp or use kazaa or netmeeting, or MSN Messenger..... Of course, the first thing any future email virus is going to do is to switch off the ICF. Cheers, Cliff -- Signed and sealed with Great Seal of the Executive Council of the Internet, by The Master of The Net. |
Re: Microsoft new policy, XP to ship with firewall switched on
"Enkidu" <enkidu@cliffp.com> wrote in message news:38otjvk1kkqimjofhf7m0kah790g349hkk@4ax.com... > On Sun, 17 Aug 2003 10:11:33 +1200, "Howard Johnson" <hojos@xx.xx> > wrote: > > >http://news.bbc.co.uk/2/hi/technology/3153229.stm > > > ><quote> > >The news that Microsoft is going to start shipping Windows XP with its > >various security features enabled by default should be welcomed, even if it > >is does not solve the bigger problem. > > > <snip /> > </quote> > > This is silly. All the naive Windows XP users are now going to think > that they are protected. They already did. |
Re: Microsoft new policy, XP to ship with firewall switched on
"anon" <aannnnoooonn@invalid.adress> wrote in message news:3f3ebe2f@news.iconz.co.nz... > Who would want to use XP ICF anyway? It lacks many features a normal free > software firewall has. Between 300,000 and 1.5 million infected victims of the DCOM exploit. |
Re: Microsoft new policy, XP to ship with firewall switched on
> This is silly. All the naive Windows XP users are now going to think
> that they are protected. What a shock for them when a) they receive a > virus in email b) they can't f'rinstance run ftp or use kazaa or > netmeeting, or MSN Messenger..... Messenger should still work, as it uses upnp calls to get a port opened, so that it works behind ICS, from what someone at microsoft was telling me some time ago, upnp is the only way to get ports past the firewall, he lead me to believe that there was no way to open them manually. |
Re: Microsoft new policy, XP to ship with firewall switched on
On Sun, 17 Aug 2003 17:58:55 +1200, Richard Malcolm-Smith <rich@ihug.co.nz>
wrote: >> This is silly. All the naive Windows XP users are now going to think >> that they are protected. What a shock for them when a) they receive a >> virus in email b) they can't f'rinstance run ftp or use kazaa or >> netmeeting, or MSN Messenger..... > >Messenger should still work, as it uses upnp calls to get a port opened, so that >it works behind ICS, from what someone at microsoft was telling me some time >ago, upnp is the only way to get ports past the firewall, he lead me to believe >that there was no way to open them manually. Please tell my Why these people did not bother to get the XP Updates, as that is on by default..? |
Re: Microsoft new policy, XP to ship with firewall switched on
On Sun, 17 Aug 2003 17:58:55 +1200, Richard Malcolm-Smith
<rich@ihug.co.nz> wrote: >> This is silly. All the naive Windows XP users are now going to think >> that they are protected. What a shock for them when a) they receive a >> virus in email b) they can't f'rinstance run ftp or use kazaa or >> netmeeting, or MSN Messenger..... > >Messenger should still work, as it uses upnp calls to get a port opened, so that >it works behind ICS, from what someone at microsoft was telling me some time >ago, upnp is the only way to get ports past the firewall, he lead me to believe >that there was no way to open them manually. > Urgh! I disabled uPnP when the first exploit arrived and haven't restarted it since. I haven't checked whether there have been any exploits recently. You can get *any* port past the firewall. All you have to do is open it. What is a little more trouble is if the internal addresses are NATted to an external one. This is the URL for uPnP. http://www.upnp.org/ "The UPnP Forum is an industry initiative designed to enable simple and robust connectivity among stand-alone devices and PCs from many different vendors. As a group, we are leading the way to an interconnected lifestyle". I *think* what they are saying later in the page, is that if you are connected to the Internet and uPnP and the discovery service are activated, someone could, in theory, easily use your printer, your hard disk, your CD.... Cheers, Cliff -- Signed and sealed with Great Seal of the Executive Council of the Internet, by The Master of The Net. |
Re: Microsoft new policy, XP to ship with firewall switched on
On Sun, 17 Aug 2003 18:27:27 +1200, Robert Mathews
<r.math@nopost.com> wrote: >On Sun, 17 Aug 2003 17:58:55 +1200, Richard Malcolm-Smith <rich@ihug.co.nz> >wrote: > >>> This is silly. All the naive Windows XP users are now going to think >>> that they are protected. What a shock for them when a) they receive a >>> virus in email b) they can't f'rinstance run ftp or use kazaa or >>> netmeeting, or MSN Messenger..... >> >>Messenger should still work, as it uses upnp calls to get a port opened, so that >>it works behind ICS, from what someone at microsoft was telling me some time >>ago, upnp is the only way to get ports past the firewall, he lead me to believe >>that there was no way to open them manually. > >Please tell my Why these people did not bother to get the XP Updates, as that >is on by default..? > ....and many vendors switch it off. As I suspect they will do for the ICF. Cheers, Cliff -- Signed and sealed with Great Seal of the Executive Council of the Internet, by The Master of The Net. |
| All times are GMT. The time now is 04:23 PM. |
Powered by vBulletin®. Copyright ©2000 - 2013, vBulletin Solutions, Inc.
SEO by vBSEO ©2010, Crawlability, Inc.