comp.security.firewalls archive
Re: I am sick of windows firewall
Date: Tue Mar 21 2006 - 19:51:44 CET
V S Rawat wrote:
> Plus za also controls and reports outbound
> traffic, which windows firewall doesn't, hence za is one up on
> windows firewall.
Any serious firewall configuration assumes that every outbound traffic
is trusted and an according rule is added ("allow tcp,udp from any to me
related,etablished keep-state"). Windows Firewall has this rule implied,
but you obviously don*t want to understand why it's there,
> Suppose I switch on windows firewall, and uninstall za, which
> other software should I install to observe and control outbound
> traffic?
netstat is already existent. Microsoft ships a tool "portqry" for
automatic monitoring and processing, and there are a lot of alternatives
like TcpView, Active Ports, ...
Received on Mon May 1 01:00:40 2006