Search: Home Bugtraq Vulnerabilities Mailing Lists Jobs Tools Beta Programs
Windows Firewalls Lacking
Mark Burnett, 2005-03-15

For something as simple as a firewall for Windows servers, a good solution just doesn't exist.

Comments Mode:
Windows Firewalls Lacking 2005-03-15
badri (4 replies)
Windows Firewalls Lacking 2005-03-15
Dave H.
Windows Firewalls Lacking 2005-03-15
Mark Burnett
Windows Firewalls Lacking 2005-03-16
Anonymous
Windows Firewalls Lacking 2005-03-17
Anonymous
Outbound filtering is weak anwyay... 2005-03-15
Nicholas Weaver (1 replies)
Outbound filtering is weak anwyay... 2005-03-16
Anonymous (1 replies)
Outbound filtering is weak anwyay... 2005-03-17
Nicholas Weaver (1 replies)
Outbound filtering is weak anwyay... 2005-03-17
Anonymous
Windows Firewalls Lacking 2005-03-15
Anonymous (1 replies)
Windows Firewalls Lacking 2005-03-16
Anonymous (another reader)
Windows Firewalls Lacking 2005-03-15
Anonymous (1 replies)
Windows Firewalls Lacking 2005-03-17
abs
Windows Firewalls Lacking 2005-03-16
Anonymous
Checkpoint FW-1 2005-03-16
Anonymous (2 replies)
Checkpoint FW-1 2005-03-16
Anonymous (2 replies)
Checkpoint FW-1 2005-03-19
Anonymous
Checkpoint FW-1 2005-03-22
Anonymous
Checkpoint FW-1 2005-03-20
haha
Windows Firewalls Lacking 2005-03-16
H Carvey <keydet89@yahoo.com> (2 replies)
Windows Firewalls Lacking 2005-03-17
M. Burnett
Windows Firewalls Lacking 2005-03-17
Anonymous
Windows Firewalls Lacking 2005-03-16
Anonymous (1 replies)
Windows Firewalls Lacking 2005-03-16
Anonymous
Windows Firewalls Lacking 2005-03-16
Anonymous
There are great one out there 2005-03-16
Anonymous
Windows Firewalls Lacking 2005-03-16
Pablo Gietz
Windows Firewalls Lacking 2005-03-16
Anonymous (1 replies)
Windows Firewalls Lacking 2005-03-17
Mark Burnett
I believe that WIPFW uses the IP Filter-Hook driver method. This is basically a Kernel Mode driver that registers a callback function with the IP Filter Driver. Most products don't use this method because only one app can register to be the callback function. If another app registers, this no longer works.

Using this method you can filter IP traffic and above but you don't have access to any lower-level headers.

It's really not the best method for developing firewalls, but I have to admit the tool is still very cool and it does have some promise. Ultimately, the problem is with the way Windows limits the how you can build stable, full-featured, and high-performance firewalls.

This column is a somewhat simplified view of the problem. There are many other details and idiosyncrasies that I just couldn't cover.

Mark

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/columns/307/30960#30960
BlackICE, er ISS RSDP works 2005-03-16
Anonymous
Windows Firewalls Lacking 2005-03-16
Adrian
Windows Firewalls Lacking 2005-03-17
Anonymous
Sygate or Outpost 2005-03-17
Anonymous (2 replies)
Sygate or Outpost 2005-03-20
Vuln
Re: Sygate or Outpost 2005-03-22
Anonymous
Windows Firewalls Lacking 2005-03-17
Anonymous (1 replies)
Windows Firewalls Lacking 2005-03-18
Anonymous
Windows Firewalls Lacking 2005-03-17
Rob
What is IPSec doing in that list? 2005-03-18
Anonymous (2 replies)
What is IPSec doing in that list? 2005-03-18
Steve (1 replies)
What is IPSec doing in that list? 2005-03-22
Anonymous
What is IPSec doing in that list? 2005-03-21
Anonymous
new firewall in SP1 2005-03-18
Anonymous former MS contractor-scum
Windows Firewalls Lacking 2005-03-19
Anonymous
Windows Firewalls Lacking 2005-03-21
chris
Microsoft Internet Security & Acceleration Server 2004 you twit! 2005-03-21
Anonymous
Windows Firewalls Lacking 2005-03-21
Anonymous
Windows Firewalls Lacking 2005-03-22
Anonymous
Windows Firewalls Lacking 2005-03-23
BobDaUnixMan
Windows Firewalls Lacking -Sygate {( )} 2005-03-23
Anonymous
Windows Firewalls Lacking 2005-03-23
Stefan
Windows Firewalls Lacking - Free Windows Server Firewall 2005-09-12
Claudio Szykman







 

Privacy Statement
Copyright 2009, SecurityFocus