« previous next »
Pages: [1]   Go Down

Author Topic: Windows Firewall  (Read 4071 times)

0 Members and 1 Guest are viewing this topic.

psychojs

  • Guest
Windows Firewall
« on: September 03, 2005, 08:46:03 AM »
From ZDnet News today

A flaw in Windows Firewall may prevent users from seeing all the open network ports on a Windows XP or Windows Server 2003 computer.

The flaw manifests itself in the way the security application handles some entries in the Windows Registry, Microsoft said in a security advisory published Wednesday. The Windows Registry stores PC settings and is a core part of the operating system.

The bug could allow a firewall port to be open without the user being informed through the standard Windows Firewall user interface, according to the Microsoft advisory. The company has released a fix that can be downloaded from Microsoft's Web site and will be part of a future Windows service pack, the company said.

Microsoft said the firewall issue is not a security vulnerability but said the flaw could be used by an attacker who already compromised a system in an attempt to hide exceptions in the firewall.

For example, miscreants who have penetrated a computer could create and hide a firewall exception by inserting a malformed Windows Firewall exception entry in the Windows Registry. "An attacker who already compromised the system would create such malformed registry entries with the intent to confuse a user," Microsoft said.

Like other firewall software, Windows Firewall is meant to block incoming traffic to a computer. Users can allow incoming connections by creating exceptions. Windows Firewall displays these exceptions in the firewall UI, which can be reached by going to the Windows Control Panel and selecting Windows Firewall.

PC users can view all firewall exceptions--including those the unpatched Windows Firewall doesn't see--through other tools, Microsoft notes. Typing "netsh firewall show state verbose = ENABLE" at a command prompt will display all active exceptions, the company said in its advisory.
Logged

Offline bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 48561
  • 64 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: Windows Firewall
« Reply #1 on: September 03, 2005, 09:09:32 AM »
Another reason not to use Windows firewall.
Since Windows firewall only protects you from incoming traffic, It shouldn't be used in the first place.
There are many other Firewall programs including FREE ones that do a complete job. IMHO ;D
Logged
Free Security Seminar: https://bit.ly/bobg2023  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 11 Pro v22H2 64bit, 16 Gig Ram, 1TB SSD, Avast Free 23.5.6066, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq -- My Online Activity https://bit.ly/BobGInternet

Offline Abraxas

  • Avast Evangelist
  • Advanced Poster
  • ***
  • Posts: 730
  • Perseverance Furthers...
    • PCLinuxOS-Forums
Re: Windows Firewall
« Reply #2 on: September 03, 2005, 11:40:57 AM »
From ZDnet News today
"Microsoft said the firewall issue is not a security vulnerability but said the flaw could be used by an attacker who already compromised a system in an attempt to hide exceptions in the firewall..."
Quote
bob3160:
...Since Windows firewall only protects you from incoming traffic, It shouldn't be used in the first place.

"For example, miscreants who have penetrated a computer could create and hide a firewall exception by inserting a malformed Windows Firewall exception entry in the Windows Registry. "An attacker who already compromised the system would create such malformed registry entries with the intent to confuse a user," Microsoft said.

It seems stupid going into details about the technicalities of an issue which isn't a  "Security issue", but a  Flaw, when MS Firewall leaves the Backdoor open for anyone to compromise your system.:P

"An attacker who already compromised the system would create such malformed registry entries with the intent to confuse a user," Microsoft said.
I bet Microsoft has "confused " quite a few users with their so called firewall. Why so ...  ???
Logged

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33900
  • malware fighter
Re: Windows Firewall
« Reply #3 on: September 03, 2005, 11:56:48 AM »
Hi Abraxas,

What I cannot seem to understand, why people have to spell out this vulnerability. There are always more than two red ears listening, and the owners thereof find other ways to insert code to wreck further harm. Much better would be to discuss ways to address these issues. A FW is as good as its configuration or as the person behind it. It is just as with viruses, you do not have to build viruses to be able to fight them.

greets,

polonus
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline Abraxas

  • Avast Evangelist
  • Advanced Poster
  • ***
  • Posts: 730
  • Perseverance Furthers...
    • PCLinuxOS-Forums
Re: Windows Firewall
« Reply #4 on: September 03, 2005, 12:22:06 PM »
polonus:
Quote
...Much better would be to discuss ways to address these issues...
Most definately my friend. :)
Ignorance leads to dangerous practices. That's why I ask why does MS have such lousy security advice, surely we all benefit from debating openly what is an issue , and how to protect  ourselves. Obviously we all need a functional Firewall .Then the issue is resolved, and no red ears burning ... ;D
I'm reminded of an issue I read where a guy in a small European country mentioned on his website that the government computers ran no Anti-Spyware programs. He was severely inconvenienced by the government as a result; whereas I feel he should've been rewarded, and the computer's security looked into .Such is life... :P
Logged
Pages: [1]   Go Up
« previous next »