You're the one who flat-out claimed that packet filters aren't firewalls

-f0dder (January 04, 2010, 08:02 PM)

Packet filters and "real" (hardware) firewalls work on the network layer, "software firewalls" mainly on the application layer. (With a driver-thingy on another layer, probably, but then we'll have a packet filter again.)

and that Windows' built-in firewall is useless

-f0dder (January 04, 2010, 08:02 PM)

... and potentially dangerous.

2) why would't I run an important server on a Windows box?

-f0dder (January 04, 2010, 08:02 PM)

Because Windows is not known for stability and security, both of them are the most important attributes of servers IMO.
(Oh, and Windows' cmd.exe without [at least] some *ix tools is, at best, a sick joke when it is about configuration and server maintenance. This refers explicitly to this special case. In other threads I'll stick with my opinion that cmd.exe is everything I need. Maybe because I don't have to control a server system with it. But we're drifting a bit OT here, aren't we?)

Ever checked this list?

-f0dder (January 04, 2010, 08:02 PM)

Uptime depends on various things. That Windows servers are on top of the list doesn't necessarily mean something. (edit: Missed a dot.)

My personal fileserver (which can hardly be thought of as a critical machine) runs linux - simply because it's free. Free as in beer.

-f0dder (January 04, 2010, 08:02 PM)

Now that's not actually a reason. If it was, no-one would use Windows anymore, as it is not free.  :D

one should think that a software firewall (if primarily focusing on packet filtering) isn't that hard a job to get right.

-f0dder (January 04, 2010, 07:04 PM)

Given that we only talk about a packet filter and nothing more: You'll need some kind of an A.I. to decide which traffic is "good" and which is "bad". A packet filter completely controlled by its users does not do what it is intended to.

If you've ever tried bringing an XP box pre-SP2 on the internet without 3rd party PF or a NAT'ing router, you'll see how fast this happens with internet traffic.

-f0dder (January 04, 2010, 06:38 PM)

Like that Sasser worm? I know it, yep ...  :-\
A well-configured machine is daily patched and does not run any services which just are not needed. Of course, there are always some (rare) exploits for needed services. But there are also exploits for common "firewall software", and I think there are more of them. So, actually, a LAN/WLAN system running a "personal firewall" and the default services is more probably vulnerable than a LAN/WLAN system running only the default services.