Wednesday, April 26, 2006

Windows Vista Firewall: No Outbound Filtering By Default

Ed Skoudis writes on the SANS ISC Daily Handler's Diary:

In a somewhat related story, ZDNet has an interesting article that discusses the fact that Microsoft has decided that the Windows Vista firewall will include no outbound filtering by default. Apparently, Microsoft was considering blocking outbound connections by default, but, in response to large enterprise customer requests, they won't be doing that. Not breaking corporate apps is more important than security, I suppose is the reasoning. This is a change from the original Plan (yes, note the capital P), which said that Vista would ship with a two-way firewall. It still has that capability, but outbound filtering will be turned off by default.

I remember a recent fascinating rant from Marcus Ranum, saying (I paraphrase) that a firewall that doesn't block outbound traffic isn't worthy of the name firewall. From the guy who popularized the term firewall so long ago (and the term script kiddie), that's an interesting point.

More here.

posted by Fergie @ 4/26/2006 08:03:00 AM

0 Comments:

Post a Comment

<< Home