[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-Disclosure] Windows SP2 firewall: Famous for 3 seconds?

To: full-disclosure@lists.netsys.com
Subject: [Full-Disclosure] Windows SP2 firewall: Famous for 3 seconds?
From: Sebastian Niehaus <killedbythoughts@mindcrime.net>
Date: Wed, 25 Feb 2004 13:03:07 +0100

[...]

| What existing functionality is changing in Service Pack 2 for Windows
| XP?
| 
| 
| Enhanced multicast and broadcast support
| 
| Detailed description
| 
| Multicast and broadcast network traffic differ from unicast traffic
| because the response comes from an unknown host. As such, stateful
| filtering prevents the response from being accepted. This stops a
| number of scenarios from working, ranging from streaming media to
| discovery.
| 
| 
| To enable these scenarios, Windows Firewall will allow a unicast
| response for 3 seconds from any source address on the same port from
| which the multicast or broadcast traffic originated.

Sounds like a broken concept, as always. Eh?

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Follow-Ups:
- Re: [Full-Disclosure] Windows SP2 firewall: Famous for 3 seconds?
  - From: Darren Reed

Prev by Date: Re: [Full-Disclosure] RE: Windows XP explorer.exe heap overflow.
Next by Date: Re: [Full-Disclosure] Double copies
Previous by thread: RE: [Full-Disclosure] Windows XP explorer.exe heap overflow
Next by thread: Re: [Full-Disclosure] Windows SP2 firewall: Famous for 3 seconds?
Index(es):
- Date
- Thread