Re: Software Firewall (2003)

From: Lanwench [MVP - Exchange] (lanwench_at_heybuddy.donotsendme.unsolicitedmail.atyahoo.com)
Date: 11/15/04

• Next message: Lanwench [MVP - Exchange]: "Re: dhcp or static ip"
• Previous message: Lanwench [MVP - Exchange]: "Re: okay, this is silly, but does Win2K have an alarm clock function ??"
• In reply to: Mike Smith: "Software Firewall (2003)"
• Next in thread: Mike Smith: "Re: Software Firewall (2003)"
• Reply: Mike Smith: "Re: Software Firewall (2003)"
• Messages sorted by: [ date ] [ thread ]

Date: Mon, 15 Nov 2004 11:05:17 -0500

Mike Smith wrote:
> I suppose this is the right group for Windows 2003 questions....

Well, MS is getting away from version-specific groups for server products,
so you may find W2003 help in here but note there's also
m.p.windows.server.general. Crossposting to both won't get you smacked
upside the head, I think....

>
>
> I have a question about the usage of software firewalls. Is it
> becoming common practice for organizations to use the Windows 2003
> software firewall on their servers?

By some, I suppose.

> With XP SP 2, Microsoft is
> basically making a statement about network security with workstations.
> I would be willing to bet that most if not all installations of
> Windows 2003 have the firewalls turned off, citing the usage of a PIX
> or other hardware firewall for their gateways.

Most networks I've seen/worked with don't use software firewalls on client
computers. Some do.

> I recently had an
> internal attack froma laptop running XP non SP2. The laptop attacked
> my router and took down all sites (main router was attacked) until the
> laptop was powered off. This eye-opening experience was enough to
> make me step up the XP SP2 rollout to workstations but I keep
> thinking, why not the servers too? It is a lot of work to configure
> the server firewalls but it is more work rebuilding after an incident.

The larger issue is why this laptop was allowed to be connected to the
network, and if it was a domain member, why it didn't have centralized AV
software on it! Did someone just come in and plug it in, unauthorized? Does
the company have a policy stating that this is not allowed? There are ways
(not simple) to control whether a computer gets access to your network (gets
an IP address via DHCP, etc) ...might be worth looking into. Also, all
computers/servers need good antivirus, and need to be kept patched to the
gills with all critical updates to mitigate disasters like this....
>
> I would like to hear from people/admins who use the 2003 firewalls on
> their servers.

I'm not one of them, but I'm sure other people will post their own
techniques and experiences. You might also want to post in m.p.security and
m.p.windows.server.networking - crosspost, not multipost. :)
>
> MIKE

• Next message: Lanwench [MVP - Exchange]: "Re: dhcp or static ip"
• Previous message: Lanwench [MVP - Exchange]: "Re: okay, this is silly, but does Win2K have an alarm clock function ??"
• In reply to: Mike Smith: "Software Firewall (2003)"
• Next in thread: Mike Smith: "Re: Software Firewall (2003)"
• Reply: Mike Smith: "Re: Software Firewall (2003)"
• Messages sorted by: [ date ] [ thread ]

• Windows
• Science
• Usenet

• Archive
• About
• Privacy
• Search
• Imprint