New Windows Attack Can Disable Firewall

BobB writes to tell us NetworkWorld is reporting that new code released on Sunday could allow a fully patched Windows XP PC's personal firewall to be disabled via a malicious data packet. The exploit depends on the use of Microsoft's Internet Connection Service. From the article: "The attacker could send a malicious data packet to another PC using ICS that would cause the service to terminate. Because this service is connected to the Windows firewall, this packet would also cause the firewall to stop working, said Tyler Reguly, a research engineer at nCircle Network Security Inc."

Re:What can you trust?

[orpheus_okt]

worthless (keiro)

Uh... Is there something I missed in the last weeks/months? No, I'm not implying that I heard exactly the opposite, but it sounds like there are serious security holes in the old Kerio firewall although I was always convinved it's still one of the better free ones out there. And I really must have missed the news then...

Up to now, I was sticking to Kerio on Windows. Especially because of its rather powerful options to filter single applications, addresses, ports and plenty of other manually configurable stuff instead of a placebo firewall which provides a "Yes, I'll save you from all Evil"- and a "Take care of yourself"-Button (at maximum with a Beginner-Amateur-BetterAmateur switch). Those are worthless.

Come on, tell me people! Why is Kerio considered bad these days? (

How to disable the Windows FW in 2 lines of VBS

[Anonymous Coward]

Fortunaltey for all V(irus)B(uilding)S(script) coders, Microsoft gave us all a very easy way to silently disable the firewall at any time...

Set objFirewall = CreateObject("HNetCfg.FwMgr")
objFirewall.LocalPolicy.CurrentProfile.FirewallEna bled = FALSE

Re:Obvious

[ajs318]

You've most probably been been buying crap routers. D-link, Belkin, Linksys, Netgear - for chuff's sake, they might as well be branded "Barbie (or Action Man) My First Router". Treat yourself to a nice ZyXel router, and you might forget you even have a router in your network.

Re:Obvious

[Anonymous Coward]

What makes you believe that a (home) router, which is a small microcontroller with some dedicated firmware running on it, will outperform a modern PC that has 10-20 times more CPU power available?

Re:Obvious

[ajs318]

The smaller ZyXel routers use a traditional transformer power pack with 12V AC output. Judging by the temperature rise, the on-board regulator is most probably a switched-mode type. I'd guess this would be quite tolerant of power surges, just with the presence of a mains transformer (hefty inductance; doesn't like rapidly-changing current). The "surge suppressor coils" found in cheap, switched-mode power packs are laughable. A well-designed power supply should fail safely and protect the connected equipment, but cheap ones often aren't well-designed.

As for the wireless stuff, well, that's too bad. But your computer already needs one connection to the wall to get its power. Will one more for data kill you?

tards

[Anonymous Coward]

I cant wait till a journalist finally gets something right..

Its not "Internet Connection Service" its "Internet Connection Sharing" which hardly anyone has running anyway. They probably fudded it on purpose just to make their article sound more relevant.

(and /.'s captcha's are SO good that even I cant read them - round 2)