Linked by Eugenia Loli-Queru on Thu 2nd Sep 2004 19:56 UTC, submitted by Jon Cooper
"We evaluated the security features of Windows XP SP2 on a test machine, following a clean install of XP Pro with no configuration changes and no third-party software or drivers installed. We installed XP with the NTFS file system, choosing all of the factory defaults, then patched it with each recommended security update including SP-1 (required), before installing SP2." Read the rest at TheRegister.
Permalink for comment
To read all comments associated with this story, please click here.
To read all comments associated with this story, please click here.
Recent Original Stories
Recent Comments
Headlines
Random Comments
Random Stories
Random OS Link
IMO a firewall shouldn't even be needed. If you are running a process that needs to accept inbound connections to work (e.g. a webserver or a P2P program) and there is a remotely exploitable weakness in it, then a firewall is not going to help you. The reason you need a firewall when running Windows is because of all the ports it listens on by default and services that shouldn't be running at all. A fresh install of any operating system should only be listening for SSH connections or something to that effect (and maybe not even that!).
I repeat: A firewall does not mean you are safe!
What a firewall can be useful for is managing outbound connections, doing some logging or maybe making sure that your webserver is only available on your local subnet. It can also be used to plug a hole temporarily when there's been found a bug in your webserver, and you are not interested in shutting it down. Sure it pretty much has the same effect as just shutting down the server, but removing one firewall rule is probably easier than setting the service/daemon up again.