Live Trend » Company executive kidnapped in Ghaziabad, rescued (Lead)

Can Windows Filtering Platform (WFP) be depended upon?

Published on : Saturday 21 Nov 2009 0:39 - by Sunil Vyas


There is hardly any doubt that Microsoft's programmers simply despise the fact that Firewall utilities are required to hook into Windows 7 at a very low level. However, it is also true that a number of Microsoft technologies like PatchGuard, found in 64-bit editions of Windows (64-bit Windows 7 has some security advantages over 32-bit Windows 7), obstruct both malefactors and budding protectors from admittance to the kernel.

But what is most striking, in spite of this, Microsoft itself hasn't been able to render the level of security yet that third-party security software [link to security landing page] proffers normally. What can be done then?

Windows 7, Windows Filtering PlatformWell, lots of analysts have cropped up and stated the Windows Filtering Platform (WFP) is a perfect solution to this problem. Is this true? Well, it’s the time for us to delve into Microsoft's Windows 7 At-a-Glance document. It states, "Third-party firewall products can build on the core capabilities of Windows Firewall to add custom features, and can selectively turn parts of the Windows Firewall on or off, enabling you to choose which software firewall you want to use and have it coexist with Windows Firewall."

Can this be depended upon? Is Windows Filtering Platform (WFP) trustworthy? This is not only your query but ours also.

However, Ahmed Sallam, Chief Software Architect, Software Architecture & Strategy is supportive of Windows Filtering Platform (WFP) and considers it as a more potent and flexible network filtering interface than the preceding NDIS-based interface. As per Mr. Ahmed Sallam, McAfee is committed towards making use of the Windows Filtering Platform in its security products. It is officially documented by Microsoft and an improved network compared to the 'undocumented' methods for hooking into the TDI drivers. Security vendors, including McAfee, were not involved in the development of the interface definitions and primitives.

He also states, while the Windows Filtering Platform has positive features, it can also be taken advantage of by cybercriminals. The platform could enable malware to hook earlier into the Windows kernel-mode networking stack. Windows 64-bit kernel mode drivers have to be digitally signed which prevents malware from loading into the kernel, but a digital signature is not obligatory on the 32-bit versions. Digital signature is a rational mechanism in theory, but in actual fact, malware authors can still obtain a digital certificate to sign their malware binaries.

Share This

  
Leave Your Comments

Get Feed Updates

All Stories
Business
Environment
Entertainment
General
Games
Health
India
Science
Sports
Technology

Poll

Do you think the concept of unique identities (UIDs) for Indian citizens will really work in India?
Yes
No
Dont know

Total votes: 23 View results

Buzz

Apple iPad
John Terry
Oscar
Roger Federer
Tiger Woods
UFO

Category

All Stories
Business
Environment
Entertainment
General
Games
Health
India
Science
Sports
Technology

Next Story

Delhi hosts Kazakhstan-India Travel and Tourism Fair

Previous Story

Microsoft is drawn against class-action suit

Also Read

Mahindra to launch passenger cars on Gio platform
NASAs Mars Explorer Spirit now a stationary science platform
Mutual funds body not to launch transaction platform
Almost all good news: 100 days of Windows 7
BJP woos parties against government on price rise platform
Tags : , , , , ,

Leave Your Comments







Please try NOT to share your evil thoughts with us.
Comment Submission process is something we take extremely serious. Each comment, before it is approved by editors, goes through process of validation.

Comments on Can Windows Filtering Platform (WFP) be depended upon?

Be the first to comment!