On Wed, 11 Jul 2012, James Harper <james.harper@bendigoit.com.au> wrote:
It's important to remain factual. All current desktop versions of Windows in use today (XP SP2+, Vista, Win 7) include the Windows Firewall, enabled by default, which filters all services unless you explicitly unblock them. [0]
This discussion is about firewalls and whether they are necessary. Stating that a firewall is enabled by default is not particularly relevant to the issue of whether it's necessary. Although the presence of a firewall by default may suggest that it is necessary. Someone could have responded to Andrew suggesting that his firewall suggestion might be obsoleted by the iptables configuration in RHEL or one of the variety of Windows firewall products.
Also note that the first time someone has problems with anything network related (p2p, multiplayer games), the first troubleshooting step is often to turn off the firewall, and if that fixes the problem it will remain off.
Yes. Also if you are setting up a server it's a good idea to turn off the firewall as it's a major PITA to have a server stop doing it's thing because the firewall gets in the way. I recently had this problem when dealing with some proprietary server software that only ran on Windows and was too broken to run correctly on Wine. To add to the fun there were two firewall products installed on the Windows server in question. The problem is that in most cases firewalls don't do much good. If a firewall is deny by default then it gets in the way every time the user installs a new Bittorrent program that uses different ports and is likely to get turned off. If it's allow by default then it probably won't do any good. http://en.wikipedia.org/wiki/SQL_Slammer Really the best thing is for applications to not listen for external connections unless explicitely configured to do so. This solves the problem of daemons the user didn't directly install being vulnerable, apparently some people who had their systems infected by Slammer were unaware that they had MSDE installed - including some MS employees. -- My Main Blog http://etbe.coker.com.au/ My Documents Blog http://doc.coker.com.au/