You CAN block some of the information transmitted on TCP ports by using = application proxy based firewalls. What I mean by this is, there is the ability to tunnel attacks through = any open TCP port (A classic one is port 80). This is where stateful = inspection firewalls like ISA and PIX are vulnerable. This was how NIMDA = and the likes was able to attack supposedly secure networks. Effectively when a session establishes a connection to a firewall on say = tcp port 80, you can basicly encapsulate and send anything you want down = this, so all sorts of nasties can be transmitted. With stateful = inspection firewalls like ISA etc you cant stop this as they basically = pass through an incomming TCP session straight to the destination. BIG = security problem. With application proxy based firewalls, the incomming session connect to = the firewall only. The firewall inspects each packet, and if you have = filters and http filters etc on the firewall it will check the contents = of each packet for these filters. Then proxy the connection to the = destination. The incomming machine never actually connects to the = destination. Very secure. A good firewall to use like this is Borderware = firewall server (my personal choice of firewalls for any form of decent = security.) Netscreen firewalls also perform Application proxying as = well. Tony. -----Original Message----- From: Sullivan, Glenn To: 'windows2000@xxxxxxxxxxxxx' Sent: 9/05/03 07:03 Subject: [windows2000] Re: Question about firewalls No way. If you block outgoing access at the firewall, you block outgoing access at the firewall. That's that. The problem is, you have to be able to get onto the internet somehow, right? Is that through a Proxy Server, or through exception rules? Once you've made an outbound connection, there is nothing stopping another application from using that established connection. As to his problems with Media Player, they are well founded. The EULA for MP9 contained some scary "we can do this if we want to" language. Independent testing (and my own testing) has shown that they are not yet using it, but I check again every time MP9 is patched by my SUS server, just in case... Glenn Sullivan, MCSE+I MCDBA David Clark Company Inc. -----Original Message----- From: Beaney, Derek [mailto:Derek.Beaney@xxxxxxxxxxxxx] Sent: Thursday, May 08, 2003 1:55 PM To: 'windows2000@xxxxxxxxxxxxx' Subject: [windows2000] Question about firewalls I know that there are firewalls out there that block programs from accessing the web. I got into a debate with a friend.. (who is a Linux freak... suse to be exact) about Microsoft and having programs like windows media player reporting back to Microsoft on what stuff you watch and what u listen to..=20 anyhow the question I have is if u have a firewall that blocks all outgoing packets ( prohibits specified programs from accessing the net) is there stuff imbedded in the os that would report back that wouldn't be stopped by the firewall =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D To Unsubscribe, set digest or vacation mode or view archives use the below link. http://thethin.net/win2000list.cfm =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D To Unsubscribe, set digest or vacation mode or view archives use the below link. http://thethin.net/win2000list.cfm ================================== To Unsubscribe, set digest or vacation mode or view archives use the below link. http://thethin.net/win2000list.cfm