I agree with that... if you are a server!Originally posted here by Winston
If your system is properly locked down, i.e. serivces, patches, etc.
You simply don't need a firewall.
And, there is nothing wrong with ICF. If you put the effort into it, Windows with ICF is just as secure as any other OS with any other firewall.
Desktop users require functionality... functionality and variety brings insecurity.
IE... Outlook... Winamp...
All have been exploited and can continue to be regardless if a firewall is in place or not. And then, what if the payload is a trojan? Firewall is sounding pretty good right about then.
A reverse bind shell will beat SP2, but I haven' t found a firewall I like yet that blocks outgoing connections without trying to get it's hands in everything.