[BC] Re: Windows XP

Porter, Allen PorterA
Mon Feb 13 11:31:01 CST 2006 

Keeping in mind that Windows Firewall will defend that work station
against anything coming in to it from you LAN/WAN but will not stop a
Trojan already on that system from generating traffic outbound.  Windows
Firewall is "protection" against inbound traffic but does nothing for
outbound traffic.  Zone Labs-Zone Alarm inspects traffic in both
directions.

  

Allen Porter
Network Systems Engineer
Convergent Media Systems
770.369.9663
http://www.convergent.com



-----Original Message-----
From: broadcast-bounces at radiolists.net
[mailto:broadcast-bounces at radiolists.net] On Behalf Of Sid Schweiger
Sent: Monday, February 13, 2006 11:25 AM
To: broadcast at radiolists.net
Subject: Re: [BC] Re: Windows XP

>>Am I wrong to worry about an internally-originated virus, and desiring

the protection of a software firewall?<<

No, you're not wrong to worry about it, and unless the Windows Firewall
is consistently blocking a program or service that you need and
programming exceptions into the firewall is not letting it work, I see
no reason to leave it off.  In the case of my SAV-CE server, it was the
only way I could make it work at the time.  At some point I'll go back
and see if I can get it to work with the firewall on.  Remember too that
viruses and worms often propagate not only through shares or mapped
drives, but through open ports, so anything you can do to close ports
that you don't need open is a good thing.  As I understand the Windows
Firewall, if you program a particular piece of software as an exception,
it will only open that app's ports when the app is running.  Programming
a port exception keeps that port open full-time, so you want to avoid
that wherever you can.

If you have a lot of machines to support, a centrally-managed antivirus
system is the only way to go.  It removes the huge headache of having to
make sure that each machine has up-to-date virus definitions, and the
server software (which plugs into Microsoft Management Console) lets you
see every machine in your antivirus group, tells you who's logged into
it and the software and virus-definition versions that are loaded onto
that machine.  If nothing else, you get a good inventory of your
office's computers that way.



Sid Schweiger
IT Manager, Entercom Boston LLC
WAAF - WEEI AM/FM - WMKK - WRKO - WVEI
20 Guest St / 3d Floor
Boston MA  02135-2040
Phone: 617-779-5369
Fax: 617-779-5379
E-Mail: sid at wrko.com

_______________________________________________
This is the BROADCAST mailing list
To send to the list, email: broadcast at radiolists.net
For sub changes, archives and info on this other lists:
http://www.radiolists.net/

More information about the Broadcast mailing list