I knew he'd get one of these. Firewalls are not for everyone! Firewalls protect PCs by interfering with alot more than just hackers. Pretty much any Internet application can run into trouble. Connection issues with P2P networks, Remote Desktop (Which is what he 's using), games, you name it. It's alot more trouble than it's worth for a PC that's going to be used for SOMETHING ELSE than troubleshooting network issues and connection problems. Just think about how many times you've just had to give up on something just because you didn't want to screw around with the router or find & open up ports and port ranges.
DMZ is supposed to fix that, but in a multiple PC gaming household like ours, it adds even more problems. What about when all of us want to play ZSNES over ZBATTLE.net but the command line front-end matchmaking application is not smart enough to use anything but the IP address connected to the ZBATTLE server? Because all PCs are connected from behind the same router, the front-end application passes the same IP address to the command line and ZSNES unsuccessfully tries to connect to itself. To make matters worse, some ISPs FORCE their customers behind NAT and firewalls. As a result, I can't play my friend from the other side of town without manually changing (forcing) the horrible-performing UDP option, something THOUSANDS of ZSNES players never figured out and even then doesn't help in some cases.
If the PC is intended to be visible and accessible to the Internet as a server, then what good does it do to "hide" behind a firewall? If the necessary ports are open, it will be "found" anyway, especially if it's running something like a webserver. Blocking/closing the unused ports may prevent certain exploits (Like my brother's case above) but if the PC is fully updated and doesn't contain anything you don't mind loosing (He restores an image every week) it's not worth the trouble as it will certainly cause more headaches. Besides, how else might we have discovered the exploit to know it needs fixin' Any intrusion changes, backdoors, DoS zombie applications etc will be wiped over with the HDD image.
He's not worried about what a hacker may do to him, but worried that it apparantly hasn't been detected/fixed by Microsoft.
Oops, you asked what the setup was like
Cable ISP with unlimited (?!) IP address assignments (Assigns randomly to differnt subnets. Bleh)
Linksys Wireless-G Router w/ DHCP disabled (Just using it as an access point / hub)
Cable modem and PCs all connected to auto-crossover local port (Instead of Cable-to-WAN port. This lets my ISP assign IPs)
Wireless-G card for the laptop, 3com & Intel NICs for the desktops + 802.11b PCI cards (we move them around alot)
No software firewalls except on the fileserver, all other unprotected gaming PCs
All password protected renamed Administrator accounts with no network shares.
Restricted Guest account recently enabled with no password on hacked PC to keep guests from requesting the password