Full Disclosure mailing list archives
Re: Writing Trojans that bypass Windows XP Service Pack 2 Firewall
From: <mrinfosec () hushmail com>
Date: Fri, 15 Oct 2004 11:50:58 -0700
This was an interesting message, until the beginning of the third paragraph. Why are so many people on this mailing list so eager to deliver yet another "Microsoft is evil incarnate" rant? The basic gist of this note, as far as I can tell, is that the firewall is no good because you need to open some ports to enable management, and that the buffer overflow work shows some merit but that sucks too because they didn't simultaneously do that for W2K as well. I think it's important to understand that this is the first time in history that Microsoft has decided to compromise convenience for security. As security professionals, we need to applaud this work, not condemn it. Certainly I agree there is much more work to be done, but it's counterproductive to dismiss the benefits of having a firewall on every Windows machine out on the internet, or doing everything possible to eliminate buffer overflows, or to provide more communication about security to users who are willing to read and learn. Any project on the scale of securing Windows is going to take baby steps, people. It sounds like "americanidiot" is unhappy with the general state of security around Windows. That's a reasonable stance -- but in that case, don't use it! There are lots of free options for other, more secure operating systems, and even more commercial options. At the moment, however, Windows is the OS of the masses, and anything that Microsoft can to do protect the rest of us from the uneducated hordes of unprotected potential zombie hosts is progress, in my book. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Writing Trojans that bypass Windows XP Service Pack 2 Firewall americanidiot (Oct 12)
- Re: Writing Trojans that bypass Windows XP Service Pack 2 Firewall Georgi Guninski (Oct 12)
- Re: Writing Trojans that bypass Windows XP Service Pack 2 Firewall Martin Mkrtchian (Oct 15)
- <Possible follow-ups>
- Re: Writing Trojans that bypass Windows XP Service Pack 2 Firewall mrinfosec (Oct 15)
- Re: Writing Trojans that bypass Windows XP Service Pack 2 Firewall Georgi Guninski (Oct 12)