Firewall - Vista vs WinXP2

What was the *technical* justification for adding outbound traffic
monitoring in Vista FW ?

Was it customer pressure :) ?

If MS is considering that monitoring outbound traffic is such a *pressing
security issue*, why aren't they provide an appropriate fix for the WinXP2
firewall via 'Patch Tuesday'?

Or, could we expect a *security enhancement* :) of the WinXP firewall when
WinXP3 is released in the first half of 2008?

Any thoughts?

Re: Firewall - Vista vs WinXP2

Kayman wrote:
> What was the *technical* justification for adding outbound traffic
> monitoring in Vista FW ?
>
> Was it customer pressure :) ?

Exactly.

> If MS is considering that monitoring outbound traffic is such a
> *pressing security issue*, why aren't they provide an appropriate fix
> for the WinXP2 firewall via 'Patch Tuesday'?

Because they want to sell more copies of Vista.

cu
59cobalt
--
"If a software developer ever believes a rootkit is a necessary part of
their architecture they should go back and re-architect their solution."
--Mark Russinovich

Re: Firewall - Vista vs WinXP2

Kayman wrote:

> What was the *technical* justification for adding outbound traffic
> monitoring in Vista FW ?


None, rather:

> Was it customer pressure :) ?


Yes.

> If MS is considering that monitoring outbound traffic is such a *pressing
> security issue*, why aren't they provide an appropriate fix for the WinXP2
> firewall via 'Patch Tuesday'?


Because they want to sell their newest crap.

> Or, could we expect a *security enhancement* :) of the WinXP firewall when
> WinXP3 is released in the first half of 2008?


No, since Microsoft already stated that XPSP3 won't introduce any new
functionality.

Re: Firewall - Vista vs WinXP2

"Ansgar -59cobalt- Wiechers" wrote in message
news:f5f1ptUjr7L1@news.in-ulm.de...
> Kayman wrote:
>> What was the *technical* justification for adding outbound traffic
>> monitoring in Vista FW ?
>>
>> Was it customer pressure :) ?
>
> Exactly.
>
That's what i thought as well, thanks :)

>> If MS is considering that monitoring outbound traffic is such a
>> *pressing security issue*, why aren't they provide an appropriate fix
>> for the WinXP2 firewall via 'Patch Tuesday'?
>
> Because they want to sell more copies of Vista.
>
Even though the impending issue of Win XP3 will endure for a considered
period of time?
I can't imagine that f/w outbound monitoring is a 'hot' selling issue.

Re: Firewall - Vista vs WinXP2

"Sebastian G." wrote in message
news:5e0itaF36mambU2@mid.dfncis.de...
> Kayman wrote:
>
>> What was the *technical* justification for adding outbound traffic
>> monitoring in Vista FW ?
>
> None, rather:
>
>> Was it customer pressure :) ?
>
>
> Yes.
>
>> If MS is considering that monitoring outbound traffic is such a *pressing
>> security issue*, why aren't they provide an appropriate fix for the
>> WinXP2
>> firewall via 'Patch Tuesday'?
>
> Because they want to sell their newest crap.

I agree with your sentiment, but don't think that f/w outbound monitoring
would be a marketing issue., but then again I am not a marketing expert
either :)
>
>> Or, could we expect a *security enhancement* :) of the WinXP firewall
>> when
>> WinXP3 is released in the first half of 2008?
>
> No, since Microsoft already stated that XPSP3 won't introduce any new
> functionality.
>
I am not a techy, isn't it possible to issue a fix? Why issue XP3 at all?

Re: Firewall - Vista vs WinXP2

"Kayman" wrote in message
news:f5f0h8$htd$1@aioe.org...
> What was the *technical* justification for adding outbound traffic
> monitoring in Vista FW ?
>
> Was it customer pressure :) ?
>
> If MS is considering that monitoring outbound traffic is such a *pressing
> security issue*, why aren't they provide an appropriate fix for the WinXP2
> firewall via 'Patch Tuesday'?
>
> Or, could we expect a *security enhancement* :) of the WinXP firewall when
> WinXP3 is released in the first half of 2008?
>
> Any thoughts?

There is an element on XP that can stop outbound traffic to supplement the
XP FW. It runs on my Vista machine to supplement its FW, and I don't fool
with the need to set outbound rules for Vista's FW, because I have been
using it for many years.

It's called IPsec.

http://www.analogx.com/CONTENTS/articles/ipsec.htm
http://www.petri.co.il/block_ping_traffic_with_ipsec.htm
http://support.microsoft.com/kb/813878

Re: Firewall - Vista vs WinXP2

"Mr. Arnold" wrote in message
news:7VHei.6671$tb6.1911@newsread3.news.pas.earthlink.net...
>
> There is an element on XP that can stop outbound traffic to supplement the
> XP FW. It runs on my Vista machine to supplement its FW, and I don't
> fool with the need to set outbound rules for Vista's FW, because I have
> been using it for many years.
>
> It's called IPsec.
>
> http://www.analogx.com/CONTENTS/articles/ipsec.htm
> http://www.petri.co.il/block_ping_traffic_with_ipsec.htm
> http://support.microsoft.com/kb/813878
>
Very interesting, this should keep me busy for a while.
Thanks a bunch :)

Re: Firewall - Vista vs WinXP2

Kayman wrote:
> "Ansgar -59cobalt- Wiechers" wrote:
>> Kayman wrote:
>>> If MS is considering that monitoring outbound traffic is such a
>>> *pressing security issue*, why aren't they provide an appropriate fix
>>> for the WinXP2 firewall via 'Patch Tuesday'?
>>
>> Because they want to sell more copies of Vista.
>>
> Even though the impending issue of Win XP3 will endure for a considered
> period of time?
> I can't imagine that f/w outbound monitoring is a 'hot' selling issue.

Backporting features into the previous OS version will most likely have
a negative impact on sales of the current version.

cu
59cobalt
--
"If a software developer ever believes a rootkit is a necessary part of
their architecture they should go back and re-architect their solution."
--Mark Russinovich

Re: Firewall - Vista vs WinXP2

Kayman wrote:


> I agree with your sentiment, but don't think that f/w outbound monitoring
> would be a marketing issue., but then again I am not a marketing expert
> either :)


Simple:

- It has no technical value. Malware can simply remote control existing
applications that have already been allowed, via various forms of IPC or via
writing into their configuration data.
- The clueless people don't understand this, are following the illusions
created by various third-party host-based packet filters, and then simply
demand it.
- Microsoft is a corporation, thus by law they're required to do their best
to make money. Even further, the company motto is to write software for
making money.

Now count this together and it becomes obvious.

>> No, since Microsoft already stated that XPSP3 won't introduce any new
>> functionality.
>>
> I am not a techy, isn't it possible to issue a fix?


It is no fix, it's an added functionality. They're *unwilling* to add such.

> Why issue XP3 at all?


Bugfixes. All those that had too low impact to issue public fixes and/or
were addressed with low priority.

Re: Firewall - Vista vs WinXP2

Mr. Arnold wrote:


> It's called IPsec.


It's called an open Port 500/UDP, 50/IP, 51/IP, and the inability to filter
Kerberos and multicast traffic (and, without further configuration, also the
inability to filter RSVP and broadcast traffic).

Re: Firewall - Vista vs WinXP2

Will you please go away. You are of no value to me, when I have repeatedly
told you that IPsec is being used in a supplemental fashion behind the XP
and Vista FW(s) to stop outbound traffic if need be.

Why can't you get that through your thick skull?

Are you hard of *reading* or something? Maybe, you need a *reading* aid.

You have got a serious problem with your postings. It's beyond ridiculous.
You are ridiculous.

I know you're going to reply, like the hound dog that you are.

Re: Firewall - Vista vs WinXP2

Mr. Arnold wrote:

> when I have repeatedly
> told you that IPsec is being used in a supplemental fashion behind the XP
> and Vista FW(s) to stop outbound traffic if need be.


But it simply isn't supplemental wrt. the mentioned excemptions. If you
activate IPSec, IPFilter and the XP/Vista FW, the mentioned ports are still
open and the mentioned traffic still passes through.

Long story short: Your suggested setup is horribly broken.

Re: Firewall - Vista vs WinXP2

My God, it is LOL!

Re: Firewall - Vista vs WinXP2

Stephen L. Arnold wrote:

> My God, it is LOL!


If you don't have anything useful to write: Shut up!

(Anyway else one should report your SPAM to Earthlink)

Re: Firewall - Vista vs WinXP2

Good bye SG, I have had enough of you for today. I know if you see me post,
you'll ride up on your cockroach with you mouth slobbering.

Re: Firewall - Vista vs WinXP2

Kayman wrote:
> What was the *technical* justification for adding outbound traffic
> monitoring in Vista FW ?
> Was it customer pressure :) ?

I think so.

Yours,
VB.
--
"Es muss darauf geachtet werden, dass das Grundgesetz nicht mit Methoden
geschützt wird, die seinem Ziel und seinem Geist zuwider sind."

Gustav Heinemann, "Freimütige Kritik und demokratischer Rechtsstaat"