RE: Windows Vista Firewall: No Outbound Filtering By Default

[warkda rrior <warkda () yahoo com>]

Michael P. Blanchard wrote:

>  Now if any product installed on vista would be able
to
> open up their own ports, with user's permission (and
> perhaps user's password?), then Microsoft could
> probably ship with all ports turned off in/out.


This would work quite nicely for (not against!) a
virus/bot/spyware, given that users tend to click
OK/Yes/Allow almost automatically.

"The application Mydoom.Internet_helper is trying to
open an Internet connection. Allow? Y|N"

Then the outgoing firewall is useless.

I wonder whether Microsoft could use signed binaries
to allow known third party applications to open ports
automatically. Something as follows: vendor X has a
new version of application Y. Vendor X provides Y to
Microsoft, together with a list of desired ports.
Microsoft signs app Y or attaches a certificate saying
this app can open certain ports. Vendor X distributes
certified app Y. Then Vista firewall could check the
app binary: if MS signature/certificate present and
valid, then ports are opened automatically. Otherwise
prompt the user.


__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com 
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.