Hi Ali,
Nice stuff..................I have answered your question in another thread.......might not be the "hottest" topic, but very worthy of your attentions IMHO :)
Cheers
Printable View
Hi Ali,
Nice stuff..................I have answered your question in another thread.......might not be the "hottest" topic, but very worthy of your attentions IMHO :)
Cheers
Just like someone else said, a lot of information.
But i dont think doing just those things will really help.
Most firewalls dont stop exploits, so you also gotta make sure you install every single hotfix.
The best thing to do for the windows XP users is enable the build in XP firewall, since it totally clocks you from the net.
Yeah...
The XP firewall DOES NOT totally block you from the net. All it does is prevent connections to some ports. All outgoing connections are permitted.Quote:
The best thing to do for the windows XP users is enable the build in XP firewall, since it totally clocks you from the net.
Cheers,
cgkanchi
My appologies. I just noted there was not sites or references on the original post.
Info Tech Geek... I appreciate your time and integrity to apologize.. but he does have a link in his sig which shows his site and that was one of the top listings you would of found on google.. ;)
regards..
the XP firewall doesnt respond to ICMP and ping replies, 2 things you need when scanning or things like that.Quote:
Originally posted here by cgkanchi
The XP firewall DOES NOT totally block you from the net. All it does is prevent connections to some ports. All outgoing connections are permitted.
Cheers,
cgkanchi
You can still get axx to a box even when the XP firewall is enabled, but you gotta work directly with exploits. enumeration and scanning are out of the question when a box doesnt repond to your request.
Since it doesnt respond to pings you are as good as off-line.
No you don't. That's just for one form of scanning. You can do scanning without the ICMP. Take a look at nmap -P0 <ip>Quote:
the XP firewall doesnt respond to ICMP and ping replies, 2 things you need when scanning or things like that.
LOL, beat me to it MsM. I LOVE nmap -p0. It's helped me scan myself remotely a few times. Also, nmap pingsweeps OWN.
Cheers,
cgkanchi
As some have already said it, the built-in xp fw only filters inbond... that's why many users fell they're pretty much safe when they are indeed vulnerable to any trojan they get from the web, since the FW doens't prevent it from phoning home.
And although nmap is the best (of the best, of the best), it isn't the only scanner allowing you to scan without pinging... so if you think the XP's FW is enough you are (IMHO) incredibly wrong.
-not to mention the multiple problems it gives (and gave me) users...it prevents some proggies from running and loads of other stuff... just google it for problems and you'll see what i mean: http://www.google.pt/search?q=xp+fir...hl=pt-PT&meta=.