When Windows XP was released in late 2001, one of the new features that everyone thought was outstanding was the workstation firewall. This feature was going to save us all, blocking attacks and malware on known and easily exploitable ports such as those used by AD - surely we could quantify our own domains and block any and all traffic from non-domain stations? Or block attack traffic from our AD neighbours?
Article Link: https://isc.sans.edu/diary/rss/24706