Hal said:
Help
I have a system with XP HOME SP2 which tells me that I can not change
the firewall settings due to Group Policy Settings.... Now from
what I know about XP HOME there isn't a Group Policy feature. All
items on the firewall dialog are grayed out.
Please advise on how to resolve
Do not use the XP firewall there are several "better" ones that you can use.
Another poster to your ? states that malware may be the cause of this,well
just what good is this firewall if it can be effected by malware.....no good
at all!
http://www.simtel.net/product.download.mirrors.php?id=53687
http://www.zonelabs.com/store/content/company/products/znalm/freeDownload2.j
sp;jsessionid=EEDisJSZd34P9NJn2FVWsXn0FdtftRLKmB0185wNJAbUV4yaOqfw!195249684
!-1062696903!7551!7552!NONE
http://www.agnitum.com/products/outpost/download.php
From
www.spywareinfo.com
I promised myself a while back not to go on another anti-Microsoft rant,
that I would write calmly about any goofs they make. It has been a hard
promise to keep at times. And now, I must break that promise. If I don't
rant about this, I will burst at the seams.
The function of a software firewall is simple. It allows the user to control
the computer's access to other computers. To do that, it blocks attempts to
send unauthorized data out over a network, as well as the attempts of other
computers to send data to the protected computer. A proper firewall allows
data into or out of the computer, only when the user gives the firewall
permission to do so. I think most people will agree that this is an accurate
description of the proper function of a software firewall.
So I am left to wonder if the Microsoft programmers who designed the Windows
Firewall have lost their freakin minds. While the Windows Firewall will
block network access like any other firewall, the settings which determine
whether or not an attempt to access the network is permitted is stored in
the registry. Any piece of software is allowed to edit that part of the
registry and give itself permission to send or receive data over the
network.
There are several viruses, worms and spyware programs that edit the registry
settings for the Windows Firewall. Even if the user discovers a virus
infection and cleans it successfully, that computer can be reinfected at any
time, if the virus edited the firewall settings. Many network worms can
infect a computer if it discovers certain unsecured network ports. It
happened to me once, when I turned off my firewall and forgot to turn it
back on.
Changes to a firewall's settings should be possible only through the
firewall program's interface. Those changes should be saved into an
encrypted file, which cannot be altered by any other program. Those settings
should not EVER be written to the registry, where they can be altered by any
other program running on the PC. It takes only the smallest shred of common
sense to realize this.
Where was the common sense when they were creating the Windows Firewall?
This is like hiring security guards to keep gate crashers away from a party
but allowing the guests to write their own invitations.
But wait, there's more!
Someone discovered recently that the Windows Firewall interface won't even
tell the user about an opened port, if the registry entry granting it
permission has a malformed name. Not only can a malicious programmer give
his evil creation permission to bypass the firewall, he can hide the fact
that he's done it!
It is boneheaded mistakes like this which make it difficult to use Windows
safely. God help us all when Microsoft begins to make its own antivirus
software. The only reason Microsoft's antispyware program works well
probably is because Microsoft didn't write it.
Just my 2 cents worth <eg>
