APLawrence.com -  Resources for Unix and Linux Systems, Bloggers and the self-employed

Crippled Firewalls

© April 2006 Anthony Lawrence

Microsoft announced that Vista (whenever it becomes a real product) will ship with outbound firewalling turned off. The reason: it's too "tricky" for Windows users to understand ("But I just can't imagine individuals dealing with outbound protocols and ports on their own. The idea of an outbound firewall is pretty darn technically tricky for the average user.").

Well, what isn't?

Seriously. We all know that most users don't even begin to understand what is happening and why. Heck, there's plenty of Windows stuff that most tech folk don't grok: open up a random tree in the registry and tell me what each entry really does. Most of us wouldn't have a great advantage over Joe User.

But does that mean Joe is a hopeless air-head who can't understand anything? Sometimes, sure. But really stupid people are just as rare as really bright folks. Maybe the problem isn't Joe User but Joe Programmer?

Let's say Vista left its outbound firewall on and Joe is presented with this message:

Foobar.exe attempting TCP port 25 to Allow?

I certainly agree that Joe probably isn't going to understand that. You and I would, but Joe wouldn't. So no firewall software is likey to present it like that. No, instead it will probably say something like:

Foobar is trying to access the internet. Allow?

The problem with that is that it's not enough information. How the heck would Joe or I know whether that's OK or not? I've seen that message when telneting inside a lan - it's pretty stupid because telnet was NOT trying to access the internet. A paranoid user who knew that might say "No" to the access and then wouldn't be able to do their job.

How about instead the messages went something like this:

A program named foobar.exe is attempting network activity.

Foobar.exe does not appear to be part of any application you installed on this computer. It is attempting to reach the Internet mail interface (port 25) of a machine outside of your network (hobo.xyz.com,

Suggested action: Do not allow. This may be a virus or trojan program.

And for our telnet?

The telnet.exe program is attempting network activity.

Telnet is part of Windows and appears not to have been modified or corrupted. It is attempting to reach its normal interface (port 23) on a machine within your network (unixbox,

Suggested action: Allow always.

Would Joe understand those? I think most Joes would. Informative and intelligent messages aren't all that hard to create, and would allow ordinary users to make intelligent decisions about their firewall rules.

Got something to add? Send me email.

(OLDER)    <- More Stuff -> (NEWER)    (NEWEST)   

Printer Friendly Version

-> Crippled Firewalls

Inexpensive and informative Apple related e-books:

Photos for Mac: A Take Control Crash Course

Take Control of Upgrading to El Capitan

Take Control of iCloud

iOS 10: A Take Control Crash Course

Take Control of Parallels Desktop 12

More Articles by © Anthony Lawrence

Printer Friendly Version

Have you tried Searching this site?

This is a Unix/Linux resource website. It contains technical articles about Unix, Linux and general computing related subjects, opinion, news, help files, how-to's, tutorials and more.

Contact us

Printer Friendly Version

I am fascinated by religion. (That's a completely different thing from believing in it!) (Douglas Adams)

Linux posts

Troubleshooting posts

This post tagged:



Unix/Linux Consultants

Skills Tests

Unix/Linux Book Reviews

My Unix/Linux Troubleshooting Book

This site runs on Linode