E-mail attachment virii clean-up

"Alias" wrote in message =
...
=20
"John R. Copeland" wrote
"Mark Lloyd" wrote

Notice that the XP firewall is incoming-only, and provides much less
protection than a good firewall.

Mark Lloyd

No, Mark. You're describing the old Internet Connection Firewall.
The Windows Firewall in XP intercepts both incoming and outgoing =
traffic.
---JRC---
=20
No it doesn't and it doesn't to avoid law suits like what happened =
with=20
Internet Explorer. Please do your research before you post false=20
information.
=20
Thanks
=20
Alias
=20

Alias:
Perhaps there's a fine distinction about intercepting which I missed.
But the Windows Firewall offers a level of protection many people
complained was absent in the Internet Connection Firewall.
The ICF was vulnerable to a Trojan Horse, which could establish
internet connections without drawing much attention to itself.

Just for you, I set up a small test to get something from the internet,
but purposely did not create the appropriate exception in the firewall.
When I ran my little test, which I called Alias,
here's a verbatim transcript of the resulting dialog box:

{
Windows Security Alert
To help protect your computer, Windows Firewall has blocked
some features of this program.
Do you want to keep blocking this program?
Name: Alias
Publisher: Unknown
- Keep blocking
- Unblock
- Ask Me Later
Windows Firewall has blocked this program from accepting connections
from the Internet or a network. If you recognize the program or trust =
the
publisher, you can unblock it.
}

You may rightly point out that the firewall claims to have blocked
the program from *accepting* connections, but it was my little Trojan
which ended up being blocked.
I think that's good, and the old firewall didn't do that.

Now, since I'm not about to write a mass-mailing worm,
I'll leave that up to somebody else to test against the firewall.
---JRC---

Alias wrote:
Notice that the XP firewall is incoming-only, and provides much less
protection than a good firewall.

No, Mark. You're describing the old Internet Connection Firewall.
The Windows Firewall in XP intercepts both incoming and outgoing traffic.

No it doesn't and it doesn't to avoid law suits like what happened with
Internet Explorer. Please do your research before you post false
information.

The XP firewall inspects both ways.

heheheh remain alias cause your making yourself look stupid. SP1 and
SP2 firewalls are dramatically different. Although I still would
rather have sygate or whatever instead.


"Alias" wrote in message
...

"John R. Copeland" wrote
"Mark Lloyd" wrote

Notice that the XP firewall is incoming-only, and provides much
less
protection than a good firewall.

Mark Lloyd

No, Mark. You're describing the old Internet Connection Firewall.
The Windows Firewall in XP intercepts both incoming and outgoing
traffic.
---JRC---

No it doesn't and it doesn't to avoid law suits like what happened
with
Internet Explorer. Please do your research before you post false
information.

Thanks

Alias

"Z" wrote in message ...
: Alias wrote:
: Notice that the XP firewall is incoming-only, and provides much less
: protection than a good firewall.
:
: No, Mark. You're describing the old Internet Connection Firewall.
: The Windows Firewall in XP intercepts both incoming and outgoing
traffic.
:
: No it doesn't and it doesn't to avoid law suits like what happened with
: Internet Explorer. Please do your research before you post false
: information.
:
: The XP firewall inspects both ways.

If you say so ... but, you're wrong. Search xp.general with Google and you
will find posts like these:


Hi

The XP SP2 doesn't monitor outgoing access to the internet. You will need
to install a 3rd party '2-way' Firewall such ZoneAlarm.

--

Will Denny
MVP - Windows Shell/User
Please reply to the News Groups
Greetings --

The "next generation" Windows Firewall included with SP2, while
vastly superior to the original ICF in terms of visibility, usability
and configurability, is still rather lacking, as a solid security
component. It still can't supplant 3rd-party solutions, nor is it
intended to do so; rather, it's intended to complement them. And, like
the original ICF, it will not monitor out-going traffic.

It's most important virtues, I think, are it's improved
compatibility with internal LANs and its configurability via group
policies. Now, there's a simple, cheap tool that system admins can
use to protect the LAN workstations from that occasional - but not
rare enough - fool who manages to bypass the perimeter firewall and
manually install some malware that could then spread throughout the
LAN via shared drives.

WinXP's built-in firewall is _adequate_ at stopping incoming
attacks, and hiding your ports from probes. What WinXP also
does not do, is protect you from any Trojans or spyware that you (or
someone else using your computer) might download and install
inadvertently. It doesn't monitor out-going traffic at all, other
than to check for IP-spoofing, much less block (or at even ask you
about) the bad or the questionable out-going signals. It assumes that
any application you have on your hard drive is there because you want
it there, and therefore has your "permission" to access the Internet.
Further, because the ICF is a "stateful" firewall, it will also assume
that any incoming traffic that's a direct response to a Trojan's or
spyware's out-going signal is also authorized.

ZoneAlarm, Kerio, or Sygate are all much better than WinXP's
built-in firewall, and are much more easily configured, and there are
free versions of each readily available. Even the commercially
available Symantec's Norton Personal Firewall is superior by far,
although it does take a heavier toll of system performance then do
ZoneAlarm or Sygate.

SP2's Windows Firewall is intended to complement
3rd-party firewalls, so it won't hurt anything to leave it enabled
whilst using another software firewall, but it also won't do much
good, except as extra "insurance."


Bruce Chambers The inbuilt one does a perfectly good job of blocking probes
from the
outside. But it is not easy to configure where there may be exceptions
you need to make, and especially if these are relevant to just one
program. Nor does it do anything at all about nasties that get on your
machine trying to 'phone home'. So a separate product is better - and
generally the free version of Zone Alarm from www.zonelabs.com is quite
adequate


--
Alex Nichol MS MVP (Windows Technologies)
Bournemouth, U.K. The XP firewall compares quite well with
Zone Alarm and the others
insofar as blocking incoming traffic is concerned.

As others have explained, it has no ability to block outgoing traffic,
such as that generated by spyware and/or trojans, and so if that is
also a concern of yours then you would be better served by another
product.

Good luck


Ron Martell Duncan B.C. Canada
--
Microsoft MVPSoooo, you were saying?Alias

"JAD" wrote

: heheheh remain alias cause your making yourself look stupid. SP1 and
: SP2 firewalls are dramatically different. Although I still would
: rather have sygate or whatever instead.

You're the ones making yourselves look stupid. From a cursory search of
news:microsoft.public.windowsxp.general:

Hi

The XP SP2 doesn't monitor outgoing access to the internet. You will need
to install a 3rd party '2-way' Firewall such ZoneAlarm.

--

Will Denny
MVP - Windows Shell/User
Please reply to the News Groups

Greetings --

The "next generation" Windows Firewall included with SP2, while
vastly superior to the original ICF in terms of visibility, usability
and configurability, is still rather lacking, as a solid security
component. It still can't supplant 3rd-party solutions, nor is it
intended to do so; rather, it's intended to complement them. And, like
the original ICF, it will not monitor out-going traffic.

It's most important virtues, I think, are it's improved
compatibility with internal LANs and its configurability via group
policies. Now, there's a simple, cheap tool that system admins can
use to protect the LAN workstations from that occasional - but not
rare enough - fool who manages to bypass the perimeter firewall and
manually install some malware that could then spread throughout the
LAN via shared drives.

WinXP's built-in firewall is _adequate_ at stopping incoming
attacks, and hiding your ports from probes. What WinXP also
does not do, is protect you from any Trojans or spyware that you (or
someone else using your computer) might download and install
inadvertently. It doesn't monitor out-going traffic at all, other
than to check for IP-spoofing, much less block (or at even ask you
about) the bad or the questionable out-going signals. It assumes that
any application you have on your hard drive is there because you want
it there, and therefore has your "permission" to access the Internet.
Further, because the ICF is a "stateful" firewall, it will also assume
that any incoming traffic that's a direct response to a Trojan's or
spyware's out-going signal is also authorized.

ZoneAlarm, Kerio, or Sygate are all much better than WinXP's
built-in firewall, and are much more easily configured, and there are
free versions of each readily available. Even the commercially
available Symantec's Norton Personal Firewall is superior by far,
although it does take a heavier toll of system performance then do
ZoneAlarm or Sygate.

SP2's Windows Firewall is intended to complement
3rd-party firewalls, so it won't hurt anything to leave it enabled
whilst using another software firewall, but it also won't do much
good, except as extra "insurance."


Bruce Chambers The inbuilt one does a perfectly good job of blocking probes
from the
outside. But it is not easy to configure where there may be exceptions
you need to make, and especially if these are relevant to just one
program. Nor does it do anything at all about nasties that get on your
machine trying to 'phone home'. So a separate product is better - and
generally the free version of Zone Alarm from www.zonelabs.com is quite
adequate


--
Alex Nichol MS MVP (Windows Technologies)
Bournemouth, U.K. The XP firewall compares quite well with
Zone Alarm and the others
insofar as blocking incoming traffic is concerned.

As others have explained, it has no ability to block outgoing traffic,
such as that generated by spyware and/or trojans, and so if that is
also a concern of yours then you would be better served by another
product.

Good luck


Ron Martell Duncan B.C. Canada
--
Microsoft MVP Soooo, you were saying?Alias

:
:
: "Alias" wrote in message
: ...
:
: "John R. Copeland" wrote
: "Mark Lloyd" wrote
:
: Notice that the XP firewall is incoming-only, and provides much
: less
: protection than a good firewall.
:
: Mark Lloyd
:
: No, Mark. You're describing the old Internet Connection Firewall.
: The Windows Firewall in XP intercepts both incoming and outgoing
: traffic.
: ---JRC---
:
: No it doesn't and it doesn't to avoid law suits like what happened
: with
: Internet Explorer. Please do your research before you post false
: information.
:
: Thanks
:
: Alias
:
:
:
:

anybody with the moniker 'MVP' I take what they say with a HUGE
granule of salt.
These guys argue amongst themselves about every thing, taking the
opposing side to create discussion.
When has Microsoft ever made anything with the intent on it being
complimentary to 3rd party anything??

And, like
the original ICF, it will not monitor out-going traffic.

definition of 'monitor' I guess, is in question. Will it block
EVERYTHING outgoing? So we get to the specific scenarios which
supports either side. No thanks.

XP firewall is positioning itself for the future. Cause what it
doesn't block will be deemed permissible. For those that know me, know
where I'm going with this. Obvious as the nose on your face.




"Alias" wrote in message
...

"Z" wrote in message
...
: Alias wrote:
: Notice that the XP firewall is incoming-only, and provides much
less
: protection than a good firewall.
:
: No, Mark. You're describing the old Internet Connection
Firewall.
: The Windows Firewall in XP intercepts both incoming and outgoing
traffic.
:
: No it doesn't and it doesn't to avoid law suits like what
happened with
: Internet Explorer. Please do your research before you post false
: information.
:
: The XP firewall inspects both ways.

If you say so ... but, you're wrong. Search xp.general with Google
and you
will find posts like these:


Hi

The XP SP2 doesn't monitor outgoing access to the internet. You
will need
to install a 3rd party '2-way' Firewall such ZoneAlarm.

--

Will Denny
MVP - Windows Shell/User
Please reply to the News Groups
Greetings --

The "next generation" Windows Firewall included with SP2, while
vastly superior to the original ICF in terms of visibility,
usability
and configurability, is still rather lacking, as a solid security
component. It still can't supplant 3rd-party solutions, nor is it
intended to do so; rather, it's intended to complement them. And,
like
the original ICF, it will not monitor out-going traffic.

It's most important virtues, I think, are it's improved
compatibility with internal LANs and its configurability via group
policies. Now, there's a simple, cheap tool that system admins can
use to protect the LAN workstations from that occasional - but not
rare enough - fool who manages to bypass the perimeter firewall and
manually install some malware that could then spread throughout the
LAN via shared drives.

WinXP's built-in firewall is _adequate_ at stopping incoming
attacks, and hiding your ports from probes. What WinXP also
does not do, is protect you from any Trojans or spyware that you (or
someone else using your computer) might download and install
inadvertently. It doesn't monitor out-going traffic at all, other
than to check for IP-spoofing, much less block (or at even ask you
about) the bad or the questionable out-going signals. It assumes
that
any application you have on your hard drive is there because you
want
it there, and therefore has your "permission" to access the
Internet.
Further, because the ICF is a "stateful" firewall, it will also
assume
that any incoming traffic that's a direct response to a Trojan's or
spyware's out-going signal is also authorized.

ZoneAlarm, Kerio, or Sygate are all much better than WinXP's
built-in firewall, and are much more easily configured, and there
are
free versions of each readily available. Even the commercially
available Symantec's Norton Personal Firewall is superior by far,
although it does take a heavier toll of system performance then do
ZoneAlarm or Sygate.

SP2's Windows Firewall is intended to complement
3rd-party firewalls, so it won't hurt anything to leave it enabled
whilst using another software firewall, but it also won't do much
good, except as extra "insurance."


Bruce Chambers The inbuilt one does a perfectly good job of blocking
probes
from the
outside. But it is not easy to configure where there may be
exceptions
you need to make, and especially if these are relevant to just one
program. Nor does it do anything at all about nasties that get on
your
machine trying to 'phone home'. So a separate product is better -
and
generally the free version of Zone Alarm from www.zonelabs.com is
quite
adequate


--
Alex Nichol MS MVP (Windows Technologies)
Bournemouth, U.K. The XP firewall compares quite
well with
Zone Alarm and the others
insofar as blocking incoming traffic is concerned.

As others have explained, it has no ability to block outgoing
traffic,
such as that generated by spyware and/or trojans, and so if that is
also a concern of yours then you would be better served by another
product.

Good luck


Ron Martell Duncan B.C. Canada
--
Microsoft MVPSoooo, you were saying?Alias

Alias wrote:
: The XP firewall inspects both ways.

If you say so ... but, you're wrong. Search xp.general with Google and you
will find posts like these:
The XP SP2 doesn't monitor outgoing access to the internet. You will need
to install a 3rd party '2-way' Firewall such ZoneAlarm.

Google for "flat earth" next.

Wow, I guess that proves the planet is really flat.


The current XP SP2 firewall most DEFINITELY inspects both ways. I'm
using it now. If I deny my term emulator s/w access, it won't get an
outside connection.

"Z" wrote in message ...
: Alias wrote:
: : The XP firewall inspects both ways.
:
: If you say so ... but, you're wrong. Search xp.general with Google and
you
: will find posts like these:
: The XP SP2 doesn't monitor outgoing access to the internet. You will
need
: to install a 3rd party '2-way' Firewall such ZoneAlarm.
:
: Google for "flat earth" next.

I googled
microsoft.public.windowsxp.general


:
: Wow, I guess that proves the planet is really flat.

Stupid analogy.
:
:
: The current XP SP2 firewall most DEFINITELY inspects both ways. I'm
: using it now. If I deny my term emulator s/w access, it won't get an
: outside connection.

Um, you're wrong, sorry. I have crossposted this message to the appropriate
newsgroup so that the XPers over there can help me straighten you guys out.

Alias

lol the XPer's. Here we go with the specifics............

"Alias" wrote in message
...

"Z" wrote in message
...
: Alias wrote:
: : The XP firewall inspects both ways.
:
: If you say so ... but, you're wrong. Search xp.general with
Google and
you
: will find posts like these:
: The XP SP2 doesn't monitor outgoing access to the internet. You
will
need
: to install a 3rd party '2-way' Firewall such ZoneAlarm.
:
: Google for "flat earth" next.

I googled
microsoft.public.windowsxp.general


:
: Wow, I guess that proves the planet is really flat.

Stupid analogy.
:
:
: The current XP SP2 firewall most DEFINITELY inspects both ways.
I'm
: using it now. If I deny my term emulator s/w access, it won't get
an
: outside connection.

Um, you're wrong, sorry. I have crossposted this message to the
appropriate
newsgroup so that the XPers over there can help me straighten you
guys out.

Alias

On Wed, 17 Nov 2004 15:19:55 GMT, "John R. Copeland"
wrote:

"Mark Lloyd" wrote in message ...

Notice that the XP firewall is incoming-only, and provides much less
protection than a good firewall.

Mark Lloyd

No, Mark. You're describing the old Internet Connection Firewall.
The Windows Firewall in XP intercepts both incoming and outgoing traffic.
---JRC---

I checked a system with SP2 applied a couple of weeks before.

Would you have a specific procedure for demonstrating the presence of
an outgoing firewall? If possible, I'd probably test that.

--
38 days until the winter solstice celebration

Mark Lloyd
http://notstupid.laughingsquid.com