Re: Writing Trojans that bypass Windows XP Service Pack 2 Firewall

[<mrinfosec () hushmail com>]

This was an interesting message, until the beginning of the third paragraph.

Why are so many people on this mailing list so eager to deliver yet another
"Microsoft is evil incarnate" rant?  The basic gist of this note, as
far as I can tell, is that the firewall is no good because you need to
open some ports to enable management, and that the buffer overflow work
shows some merit but that sucks too because they didn't simultaneously
do that for W2K as well.

I think it's important to understand that this is the first time in history
that Microsoft has decided to compromise convenience for security.  
As security professionals, we need to applaud this work, not condemn
it.  Certainly I agree there is much more work to be done, but it's counterproductive
to dismiss the benefits of having a firewall on every Windows machine
out on the internet, or doing everything possible to eliminate buffer
overflows, or to provide more communication about security to users who
are willing to read and learn.  Any project on the scale of securing
Windows is going to take baby steps, people.

It sounds like "americanidiot" is unhappy with the general state of security
around Windows.  That's a reasonable stance -- but in that case, don't
use it!  There are lots of free options for other, more secure operating
systems, and even more commercial options.  At the moment, however, Windows
is the OS of the masses, and anything that Microsoft can to do protect
the rest of us from the uneducated hordes of unprotected potential zombie
hosts is progress, in my book.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html