Dear Tim,

I assume that you are very well informed guy, but let me say TWO VERY IMPORTANT THINGS that I haven't seen anywhere in your column:

1. Windows Firewall does NOT inspect OUTGOING traffic. It does tremendous job protecting machine from incoming threats, but does NOTHING in opposite direction. As far as I know, most of the personal firewall products let you control both directions. So, at the end, Windows Firewall is not really the firewall, it is a piece of software that blocks incoming traffic to your machine.
2. What Microsoft does not say is that this piece of software can be DISABLED without user intervention, and from the OTHER APPLICATION. So, right know, Zone Labs & Co. are fixing their products to be "XP" compatible", which means: Before installing Zone Labs firewall, first disable the Windows firewall, then install Zone Labs... Nicely done... Imagine a Trojan doing EXACTLY the SAME thing...

I can understand that you are very Microsoft oriented, because you earn money selling Microsoft solutions in one way or another, but please DO NOT promote that SP2 is a good step in security direction. I read somewhere that big players will talk BIG about security, and do ALMOST NOTHING to enforce it. Bill Gates is a big player...

m0rpheus



[ reply ]

Link to this comment: http://www.securityfocus.com/comments/columns/259/27975#27975