[Microsoft to ship new versions with firewall enabled]

Thu Aug 14 15:23:44 UTC 2003

At 10:46 AM 8/14/2003, Joshua Sahala wrote:

>Sean Donelan <sean at donelan.com> wrote:
> >
> > John Markoff reports in the New York Times that Microsoft plans to change
> > how it ships Windows XP due to the worm.  In the future Microsoft will
> > ship both business and consumer verisons of Windows XP with the included
> > firewall enabled by default.
> >
>
>while i think many of us will welcome this, i am skeptical of what
>the firewall will be 'enabled' to block, and how easy it will be
>for the user to set-up rules (and hopefully there will be a sanity
>check included so that 'permit in any' is not a valid option, but
>then 'permit out any' should not be one either)
>but still, it is a step...

The firewall in XP appears to perform stateful inspection. I have run scans 
against my own XP machines using NMAP and other tools. The machine appears 
completely non-responsive to such scans (i.e. no response on any ports).

I use this feature most especially when using public wifi hot spots, and 
encourage my clients to do the same (or use some other firewall software) 
when at such locales.

What Microsoft implemented does seem quite sufficient for many users. The 
down-side to this and all other firewalls running in software on end hosts 
is the possibility of an application finding another path in (e.g. email 
attached virus) and disabling the firewall.

I am no Microsoft apologist and am a proponent of open source, but have to 
admit they did a good job on this feature. It's good that Microsoft has 
finally realized the value in defaulting this capability to ON. 