Experts say hack attack bypasses XP firewalls
Computerworld writes that nCircle Network Security says that an attack on Internet Connection Sharing (ICS) may disable Windows firewalls. Using ICS, an attacker may send a command to terminate a firewall on the network. Note: “The Windows Firewall service in Windows XP SP2 replaces the Internet Connection Firewall (ICF) service in earlier versions of Windows XP.” [Microsoft.com]
Microsoft contends: “the issue only impacts users of Windows XP” and says they have received NO reports of successful attacks using this technique.A researcher at nCircle countered: “Once the firewall is down, where’s your line of defense?”
Defend yourself:
While experts debate the impact of the hack, there are several things you can do to prevent this attack.
Add a router to your home network and use it as your first line of defense. Most routers double as excellent firewalls. To defend your network or home computer, use the router and make sure it uses Network Address Translation (NAT) to transparently shield you from attack. Users with DSL, cable modems and fiOS (fiber optics) already have routers installed and these routers normally include NAT protection by default. If you are on a dialup connection, you can disable ICS (impractical). In the days before routers existed, I installed and used a hardware firewall: Linux PC, which sat between my dialup connection and my Windows network. All of our PCs had private addresses. I discarded the PC when we moved to broadband Verizon fiOS because the included router became my firewall.
To learn more about Windows Firewall in Windows XP, Service Pack 2, explore these articles in the Microsoft Knowledge Base:
- 875357 (http://support.microsoft.com/kb/875357/) Troubleshooting Windows Firewall settings in Windows XP Service Pack 2
- 892199 (http://support.microsoft.com/kb/892199/) You cannot start the Windows Firewall service in Windows XP Service Pack 2
- To troubleshoot Windows Firewall in Windows XP SP2
- If you are an expert and have backed up your registry, you may try Microsoft’s registry guide fix to Windows Firewall (advanced tech support only and even then, I don’t recommend tinkering in the registry, if you can avoid it)
If you can’t use a router, you can temporarily disable ICS until Microsoft releases a patch. (New attack can flatten XP firewall [Computerworld via Daily Rotation] Related: Turn on, plug in and drop out: of wireless security hassles, Will Black Hats always have the upper hand
I think the very nature of the internet and of computer systems make them continuously vulnerable to attack. Internet systems, networks and computers are continuously changing. None are static and because of this flexibility and ability to change and adapt, they will always be vulnerable to future attack. But that doesn’t mean we are losing out to hackers and attacks. It’s an unending battle, however.
What do you think? Do you think Black Hats will always have the upper hand? Express your opinion here. Thank you.
Technorati Tags: hack attack, XP SP2, firewall, Microsoft Windows, you cannot start Windows Firewall service, Windows XP, troubleshoot firewall, powered by performancing firefox
Related Stories
POSTED IN: Articles, Defend Yourself, How-To, OS Troubleshooting, Secure That Computer, Security
0 opinions for Experts say hack attack bypasses XP firewalls
No one has left a comment yet. You know what this means, right? You could be first!
Have an opinion? Leave a comment: