Page 1 of 3 123 LastLast
Results 1 to 20 of 51

Thread: Microsoft Firewall vs ????

  1. #1
    quodnomentibi@remailed.ws
    Guest

    Microsoft Firewall vs ????

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA256

    I just got a new laptop a few days ago, running Vista Home Premium. I am
    in the midst of "customizing" it. Presently, I am running the Microsoft
    Firewall. Is this an act of blind faith on my part. In the last few
    months of life of my last laptop, I ran Comodo Pro and was satisfied.

    I'd prefer to run a free firewall, if that is prudent.

    Any suggestions?

    Thanks for your time and attention.

    Q.N. Tibi

    -----BEGIN PGP SIGNATURE-----
    Version: PGP Desktop 9.8.2 (Build 3005)
    Comment: Protect Your Privacy With Encryption! www.pgp.com
    Charset: utf-8

    wsFVAwUBR+huJnAfpDHwMsutAQh1Ig//cx0fN32FtYk4yww/2Jky9xd/dOL38F0r
    eOzNSBBqoh3g1Hu+60R0lWnNakNISGqiTGirp/nUeUaPzXCXq6qKF5oXGbc6E05Y
    UHssKXRIMkDoff7CjY1B3d52g9qIj+/xePosr9OiL4+WMF7XDvRgNttFe/+bV3ef
    ETOwPifNE+kt2Zp1aPDcBd1Jj3zn1f637qXPlDfiWsVqzSKC0+OFbjUlZsOxIZ6F
    JHsCtU3FdYqtKig+skbpYCSv/o+HUBqBLNvHhBZbm0rRA2LfIMEVVGZEexfqpMiu
    iDidgCDZBrdJU3hQ2i77zolNSRwP8IleaO0yjMqJDenE2YFmcgacvi7QfpKlfVcn
    2+4eKg8q4XRHaJF1pBeSzNLLrka5zSlImK8cwIm15WwtEbcH8Apb0GxZCnVrOnI9
    0GFlkXPBs4PjZd3DlLMPH0vRehtA3ctSYluiAZ/ur5hznw9sjin0iq6AB5oxFIMB
    rSBjdQtWs059Wg4L2DfTLbk5d2tBvVSSv4vt1plZGs1LsfBPybxWiQ3YaYZR+ZtN
    r4dRa4bq2b5WbXB+f6DbAvmpVtKKShW23pMtNYInOVsfgxx+n/o5O0jW7meOgUIG
    I6Evbsj89LqWyfrwIf/T6CBch2m16CEoFbQM9YTzygRfHA3tZYF44iEimQi2MZb2
    EFBQXjwBaIY=
    =4Ygx
    -----END PGP SIGNATURE-----


  2. #2
    Sebastian G.
    Guest

    Re: Microsoft Firewall vs ????

    quodnomentibi@remailed.ws wrote:


    > I just got a new laptop a few days ago, running Vista Home Premium. I am
    > in the midst of "customizing" it. Presently, I am running the Microsoft
    > Firewall. Is this an act of blind faith on my part.



    Yes. Windows Vista is trivially insecure.

    > In the last few
    > months of life of my last laptop, I ran Comodo Pro and was satisfied.



    The only question is if this wasn't even worse.


    > I'd prefer to run a free firewall, if that is prudent.
    >
    > Any suggestions?



    Wipfw. But first you need to get rid of Vista.

  3. #3
    Kayman
    Guest

    Re: Microsoft Firewall vs ????

    On Mon, 24 Mar 2008 23:35:12 -0600 (MDT), quodnomentibi@remailed.ws wrote:
    >
    > I just got a new laptop a few days ago, running Vista Home Premium. I am
    > in the midst of "customizing" it. Presently, I am running the Microsoft
    > Firewall. Is this an act of blind faith on my part. In the last few
    > months of life of my last laptop, I ran Comodo Pro and was satisfied.
    >
    > I'd prefer to run a free firewall, if that is prudent.
    >
    > Any suggestions?
    >

    The best defenses are:
    1. Do not work in elevated level; Day-to-day work should be
    performed while the User Account Control (UAC) is enabled. Turning
    off UAC reduces the security of your computer and may expose you to
    increased risk from malicious software.
    2. Familiarize yourself with "Services Hardening in Windows Vista".
    3. Keep your operating (OS) system (and all software on it)
    updated/patched.
    4. Reconsider the usage of IE.
    5. Review your installed 3rd party software applications/utilities;
    Remove clutter.
    6. Don't expose services to public networks.
    7. Activate the build-in firewall and tack together its advanced
    configuration settings.
    7a.If on high-speed internet use a router as well.
    8. Routinely practice safe-hex.
    9. Regularly back-up data/files.
    10.Familiarize yourself with crash recovery tools and with
    re-installing your operating system (OS).
    11.Utilize a real-time anti-virus application and vital system
    monitoring utilities/applications.
    12.Keep abreast of the latest developments - ***** happens...you know.

    The least preferred defenses are:
    Myriads of popular anti-whatever applications and staying ignorant.

    Peez of pith, really :-)

  4. #4
    Sebastian G.
    Guest

    Re: Microsoft Firewall vs ????

    Kayman wrote:


    > The best defenses are:
    > 1. Do not work in elevated level;



    Doesn't matter; in Windows Vista it's trivial to elevate with any consent.

    > Day-to-day work should be
    > performed while the User Account Control (UAC) is enabled.



    UAC is trivial to spoof, and since it doesn't apply to all administrative
    actions it's trivially insecure. Even further, since there's no need to
    approve administrative actions if an elevated program is running in the
    desktop context of an unprivileged, it's even more insecure.


    > 4. Reconsider the usage of IE.



    There is nothing to reconsider. IE is a perfectly fine ActiveX Rich Platform
    Client, a wonderful platform to implement complex software clients in a
    trusted environment.
    The only problem is that some people seem to understand it a webbrowser, and
    consequently abuse it as such. Obviously a stupid idea.

    > 7a.If on high-speed internet use a router as well.



    Huh? Why?

    > 9. Regularly back-up data/files.



    And why isn't this #1?

    > 11.Utilize a real-time anti-virus application



    Wonderful idea. Introduce a horribly buggy and pretty useless piece of
    software....

  5. #5
    Victek
    Guest

    Re: Microsoft Firewall vs ????

    > I just got a new laptop a few days ago, running Vista Home Premium. I am
    > in the midst of "customizing" it. Presently, I am running the Microsoft
    > Firewall. Is this an act of blind faith on my part. In the last few
    > months of life of my last laptop, I ran Comodo Pro and was satisfied.
    >
    > I'd prefer to run a free firewall, if that is prudent.
    >
    > Any suggestions?
    >
    > Thanks for your time and attention.
    >
    > Q.N. Tibi


    I'm running Comodo firewall pro v3 on Vista and it's been fine. I also like
    Online Armor and there will be a Vista compatible version in the near
    future.


  6. #6
    Sebastian G.
    Guest

    Re: Microsoft Firewall vs ????

    Victek wrote:


    > I'm running Comodo firewall pro v3 on Vista and it's been fine.



    Which only shows that you never bothered auditing it.

    > I also like Online Armor


    Which supports my claim, since this one is even worse.

    OK, one shouldn't expect much if any understanding of security from a
    Windows Live Mail user... but please, if you have no clue, then please don't
    make suggestions to others.

  7. #7
    s|b
    Guest

    Re: Microsoft Firewall vs ????

    On Tue, 25 Mar 2008 21:05:56 +0100, Sebastian G. wrote:

    > OK, one shouldn't expect much if any understanding of security from a
    > Windows Live Mail user... but please, if you have no clue, then please don't
    > make suggestions to others.


    It's a good thing you are here to show us The Way, oh Wise One... |-)

    --
    s|b

  8. #8
    goarilla
    Guest

    Re: Microsoft Firewall vs ????

    Sebastian G. wrote:
    > quodnomentibi@remailed.ws wrote:
    >
    >
    >> I just got a new laptop a few days ago, running Vista Home Premium. I am
    >> in the midst of "customizing" it. Presently, I am running the Microsoft
    >> Firewall. Is this an act of blind faith on my part.

    >
    >
    > Yes. Windows Vista is trivially insecure.
    >

    do you have some evidence stating that fact?
    are you talking about microsoft os'es in general?
    since i really need some evidence to put on the table
    so my boss stops looking into vista as a worthy domain
    OS
    >> In the last few
    >> months of life of my last laptop, I ran Comodo Pro and was satisfied.

    >
    >
    > The only question is if this wasn't even worse.
    >
    >
    >> I'd prefer to run a free firewall, if that is prudent.
    >>
    >> Any suggestions?

    >
    >
    > Wipfw. But first you need to get rid of Vista.


  9. #9
    Sebastian G.
    Guest

    Re: Microsoft Firewall vs ????

    goarilla <"kevin<punt>paulus|"@|skynet punt> wrote:


    >> Yes. Windows Vista is trivially insecure.
    >>

    > do you have some evidence stating that fact?



    - you can spoof filename via desktop.ini, which itself can be triggered by
    shell namespaces
    - UAC doesn't apply to all administrative actions and is trivial to spoof;
    if you run as admin, it is trivial to circumvent; it provides no isolation;
    if a file includes a prudent application manifest or triggers the setup
    program detection, it won't even let you run a program without elevation
    - PatchGuard makes it trivial to corrupt kernel memory just by debugging an
    application in usermode
    - not even talking about what system access you get granted for simply
    presenting a DRMed media file...

    > are you talking about microsoft os'es in general?



    No. NT 5.1 and 5.2 look pretty secure.

    > since i really need some evidence to put on the table
    > so my boss stops looking into vista as a worthy domain
    > OS



    Oh, that's simple: Install it on his computer so he can try it for a while.
    Very likely that after two weeks he'll be fed up with it.

  10. #10
    Q
    Guest

    Re: Microsoft Firewall vs ????

    Sebastian G. wrote:

    > Wipfw. But first you need to get rid of Vista.


    Please qualify your comment about issues with Vista security. As you
    always do, you talk out of your arse.

  11. #11
    Sebastian G.
    Guest

    Re: Microsoft Firewall vs ????

    Q wrote:

    > Sebastian G. wrote:
    >
    >> Wipfw. But first you need to get rid of Vista.

    >
    > Please qualify your comment about issues with Vista security. As you
    > always do, you talk out of your arse.



    <news:64vk7lF25nl57U1@mid.dfncis.de>

  12. #12
    Q
    Guest

    Re: Microsoft Firewall vs ????

    Sebastian G. wrote:

    > <news:64vk7lF25nl57U1@mid.dfncis.de>


    Is that your email address and news should be mail?

    Why can't you post proof of concept links here? Sorry for the talking
    out of your arse comment. It was uncalled for. Would just like to see
    some proof of what you say though.

  13. #13
    Sebastian G.
    Guest

    Re: Microsoft Firewall vs ????

    Q wrote:

    > Sebastian G. wrote:
    >
    >> <news:64vk7lF25nl57U1@mid.dfncis.de>

    >
    > Is that your email address and news should be mail?



    No, it's a reference to one of my postings in this thread. Is your
    newsreader that defective?

    > Why can't you post proof of concept links here?



    Actually you can easily derive a PoC just from the description. For example
    the filename localization issue is well known, and you can take already
    existing desktop.ini files utilizing this feature directly from the Vista
    installation. Or, for example, a privilege that doesn't UAC consent is
    SE_BACKUP_RESTORE_PRIVILEGE, which allows you to bypass all ACLs and grants
    access to the raw disk.
    On the other hand, you'll find in-detail information about the
    implementation of PatchGuard at <http://uninformed.org/>. With a bit
    detailed understanding, you'll see that debugging heavily interacts with
    PatchGuard in almost unforseen ways (since it is, by itselt, nothing but a
    dirty kernel hack).

  14. #14
    Rat River Cemetary
    Guest

    Re: Microsoft Firewall vs ????

    Sebastian G. wrote:
    >
    > No, it's a reference to one of my postings in this thread. Is your
    > newsreader that defective?


    There is no proof in any of your postings to this thread.

  15. #15
    Rat River Cemetary
    Guest

    Re: Microsoft Firewall vs ????

    Sebastian G. wrote:

    > Actually you can easily derive a PoC just from the description. For
    > example the filename localization issue is well known, and you can take
    > already existing desktop.ini files utilizing this feature directly from
    > the Vista installation. Or, for example, a privilege that doesn't UAC
    > consent is SE_BACKUP_RESTORE_PRIVILEGE, which allows you to bypass all
    > ACLs and grants access to the raw disk.
    > On the other hand, you'll find in-detail information about the
    > implementation of PatchGuard at <http://uninformed.org/>. With a bit
    > detailed understanding, you'll see that debugging heavily interacts with
    > PatchGuard in almost unforseen ways (since it is, by itselt, nothing but
    > a dirty kernel hack).


    Every OS has exploits and is continually being patched. Linux has plenty
    of it's own, you just don't hear about them as much or they get patched
    quietly in the background. So your whole point is what exactly?

  16. #16
    Sebastian G.
    Guest

    Re: Microsoft Firewall vs ????

    Rat River Cemetary wrote:

    > Sebastian G. wrote:
    >
    >> Actually you can easily derive a PoC just from the description. For
    >> example the filename localization issue is well known, and you can take
    >> already existing desktop.ini files utilizing this feature directly from
    >> the Vista installation. Or, for example, a privilege that doesn't UAC
    >> consent is SE_BACKUP_RESTORE_PRIVILEGE, which allows you to bypass all
    >> ACLs and grants access to the raw disk.
    >> On the other hand, you'll find in-detail information about the
    >> implementation of PatchGuard at <http://uninformed.org/>. With a bit
    >> detailed understanding, you'll see that debugging heavily interacts with
    >> PatchGuard in almost unforseen ways (since it is, by itselt, nothing but
    >> a dirty kernel hack).

    >
    > Every OS has exploits and is continually being patched. Linux has plenty
    > of it's own, you just don't hear about them as much or they get patched
    > quietly in the background. So your whole point is what exactly?



    Seems like you don't even understand the difference between random and
    systematic errors...

  17. #17
    Sebastian G.
    Guest

    Re: Microsoft Firewall vs ????

    Rat River Cemetary wrote:

    > Sebastian G. wrote:
    >> No, it's a reference to one of my postings in this thread. Is your
    >> newsreader that defective?

    >
    > There is no proof in any of your postings to this thread.



    I never presented it as a proof, neither has been ask for some.

  18. #18
    Rat River Cemetary
    Guest

    Re: Microsoft Firewall vs ????

    Sebastian G. wrote:

    >
    > I never presented it as a proof, neither has been ask for some.


    I have and still see no positive proof from you.

  19. #19
    Rat River Cemetary
    Guest

    Re: Microsoft Firewall vs ????

    Sebastian G. wrote:

    > Seems like you don't even understand the difference between random and
    > systematic errors...


    Seems like you are nothing but a wind bag full of hot air. All talk and
    no action.

  20. #20
    Rat River Cemetary
    Guest

    Re: Microsoft Firewall vs ????

    Sebastian G. wrote:

    > Which supports my claim, since this one is even worse.
    >
    > OK, one shouldn't expect much if any understanding of security from a
    > Windows Live Mail user... but please, if you have no clue, then please
    > don't make suggestions to others.


    I saw you once post proof of concept code to prove that any software
    firewall can be bypassed. Would you please post that again as I want to
    read it again, thanks.

Similar Threads

  1. Microsoft Windows Malicious Software Removal Tool!
    By fords8 in forum Software Forum
    Replies: 8
    Last Post: 04-06-15, 09:08 AM
  2. winantivirus again
    By robertdempster in forum Software Forum
    Replies: 12
    Last Post: 02-20-07, 08:57 AM
  3. Replies: 27
    Last Post: 09-29-06, 03:39 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •