Re: Microsoft to ship new versions with firewall enabled

[Henry Linneweh <hrlinneweh () sbcglobal net>]

It comes standard with a firewall built in, which is not user friendly and you
have to still purchase a firewall that allows user access to control what
gets blocked and what does not, most intelligent people turn it off.
 
-Henry

Edward Lewis <edlewis () arin net> wrote:

> [Veering further off-topic]
>
> Hmm...I didn't even know XP had a built-in firewall. Any bets on how
> long it is before other companies with software firewall products bring
> suit against Microsoft for bundling a firewall in the OS?

Along the vein of "I dislike Microsoft, but let's get over it" - when 
some Linux started out with, what, ipchains/ip-something to protect 
it from network vulnerabilities, it took our little lab's folks some 
time to remember to punch holes in it for DNS, SSH, etc. each time we 
set a new one up. Ah, live and learn.

The legacy of shipping machines open to attack predates Microsoft, it 
isn't "their fault(tm)". This issue was raised in at least as far 
back as "The Cuckoo's Egg" (since I've met folks that don't remember 
it, by Clifford Stoll - very entertaining tale of an 
astronomer-turned-SA tracking a hacker). In the epilogue, he 
mentions the Morris worm, so we're talking about incidents in '87 or 
so. (The Morris thing was what, Nov 2, 1988? Give or take a week.) 
I highly recommend that book as part suspense novel and part security 
tutorial.

Every time a vendor/open-sourcer decides to stop shipping with 
security down, there's a learning curve forced on the buyers. But 
that's why we get paid to work in air conditioned offices in the 
summer. ;)

-- 
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Edward Lewis +1-703-227-9854
ARIN Research Engineer

Sponge Bob Square Pants? I'm still trying to figure out the Macarena.