Feb 24 2005
Windows Firewall issues
Windows Firewall Has A Backdoor
The title of this article is misleading. The author states that the Windows Firewall allows programs to add themselves to the Windows Internet Connection Firewall Exception list without the users knowledge if they are logged in as administrator (been playing with *nix systems a lot lately, almost said ‘root’). This can be done by a program without any interaction from the user.
This is a bad design, and no program should be allowed to add itself to the exception list without user intervention, but I would hardly call this a ‘backdoor’ as the author has. It’s also one of the weaknesses of having a personal firewall that’s integrated with your OS. I’ll go on the record to say that I’d rather have the Windows Firewall on someones system than no firewall at all. But I’d rather see a third-party firewall with a lot more robust security than what Microsoft is currently offering.
The other issue is logging into your Windows machine and running programs as administrator. I do it, most systems administrators do it, but it’s a habit we should try to break. The number of times I really need administrator access is few and far between. It’s a bad habit a lot of us need to break.
![[del.icio.us]](http://images.del.icio.us/static/img/delicious.small.gif){kind=small}
There’s that. And then there’s a lot of software that just plain doesn’t run without administrator privileges. Which is even worse than a bad habit of oneself.
10 Steps to secure your windows network
This article will give you 10 steps on how to secure your network. Most networks are unsecure for such little reasons!