Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > NZ Computing > Microsoft new policy, XP to ship with firewall switched on

Reply
Thread Tools

Microsoft new policy, XP to ship with firewall switched on

 
 
Howard Johnson
Guest
Posts: n/a
 
      08-16-2003
http://news.bbc.co.uk/2/hi/technology/3153229.stm

<quote>
The news that Microsoft is going to start shipping Windows XP with its
various security features enabled by default should be welcomed, even if it
is does not solve the bigger problem.

After all, it still leaves tens of millions of users with an operating
system that was set up to make it easy for them to play online games and use
e-commerce websites, and at the same time giving virus and worm writers lots
of ways to attack their computers.

And that is to say nothing of the Windows 98, NT and 2000 installed base,
where security is more a matter of hoping and installing third-party
software than using anything provided by Microsoft.

But it is a start.

The decision to change the standard installation of XP is a result of this
week's fuss about the MSBlast worm, which has infected hundreds of thousands
of internet-connected computers and continues to cause problems on the net.

This could get significantly worse on Saturday when infected computers are
programmed to send fake requests to the Microsoft website and try to make it
inaccessible.

Firewall trouble

MSBlast is another embarrassment for Microsoft, but it could mark a turning
point in how we think about online security.

At last ordinary Windows users will have to do something - actually turn off
their firewall - if they want to expose themselves to risk.

So far everyone has been so focused on ease of use and not getting in the
way that they have designed and built systems which are intrinsically
insecure.

Then it is been left to untrained, unskilled and unaware users to make the
changes which limit risks. Few of us, even the technically skilled among us,
bother to do this. And few of us do it all the time.

</quote>



 
Reply With Quote
 
 
 
 
anon
Guest
Posts: n/a
 
      08-16-2003
Who would want to use XP ICF anyway? It lacks many features a normal free
software firewall has.


"Howard Johnson" <(E-Mail Removed)> wrote in message
news:A_x%a.11878$(E-Mail Removed)...
> http://news.bbc.co.uk/2/hi/technology/3153229.stm
>
> <quote>
> The news that Microsoft is going to start shipping Windows XP with its
> various security features enabled by default should be welcomed, even if

it
> is does not solve the bigger problem.
>
> After all, it still leaves tens of millions of users with an operating
> system that was set up to make it easy for them to play online games and

use
> e-commerce websites, and at the same time giving virus and worm writers

lots
> of ways to attack their computers.
>
> And that is to say nothing of the Windows 98, NT and 2000 installed base,
> where security is more a matter of hoping and installing third-party
> software than using anything provided by Microsoft.
>
> But it is a start.
>
> The decision to change the standard installation of XP is a result of this
> week's fuss about the MSBlast worm, which has infected hundreds of

thousands
> of internet-connected computers and continues to cause problems on the

net.
>
> This could get significantly worse on Saturday when infected computers are
> programmed to send fake requests to the Microsoft website and try to make

it
> inaccessible.
>
> Firewall trouble
>
> MSBlast is another embarrassment for Microsoft, but it could mark a

turning
> point in how we think about online security.
>
> At last ordinary Windows users will have to do something - actually turn

off
> their firewall - if they want to expose themselves to risk.
>
> So far everyone has been so focused on ease of use and not getting in the
> way that they have designed and built systems which are intrinsically
> insecure.
>
> Then it is been left to untrained, unskilled and unaware users to make the
> changes which limit risks. Few of us, even the technically skilled among

us,
> bother to do this. And few of us do it all the time.
>
> </quote>
>
>
>



 
Reply With Quote
 
 
 
 
T.N.O
Guest
Posts: n/a
 
      08-17-2003
"anon" wrote
> Who would want to use XP ICF anyway? It lacks many features a normal free
> software firewall has.


My mom... she doesn't need the advanced features, and just needs a simple
Firewall, nothing too hard.


 
Reply With Quote
 
Enkidu
Guest
Posts: n/a
 
      08-17-2003
On Sun, 17 Aug 2003 10:11:33 +1200, "Howard Johnson" <(E-Mail Removed)>
wrote:

>http://news.bbc.co.uk/2/hi/technology/3153229.stm
>
><quote>
>The news that Microsoft is going to start shipping Windows XP with its
>various security features enabled by default should be welcomed, even if it
>is does not solve the bigger problem.
>

<snip />
</quote>

This is silly. All the naive Windows XP users are now going to think
that they are protected. What a shock for them when a) they receive a
virus in email b) they can't f'rinstance run ftp or use kazaa or
netmeeting, or MSN Messenger.....

Of course, the first thing any future email virus is going to do is to
switch off the ICF.

Cheers,

Cliff
--

Signed and sealed with Great Seal of the Executive
Council of the Internet, by The Master of The Net.
 
Reply With Quote
 
Howard Johnson
Guest
Posts: n/a
 
      08-17-2003

"Enkidu" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> On Sun, 17 Aug 2003 10:11:33 +1200, "Howard Johnson" <(E-Mail Removed)>
> wrote:
>
> >http://news.bbc.co.uk/2/hi/technology/3153229.stm
> >
> ><quote>
> >The news that Microsoft is going to start shipping Windows XP with its
> >various security features enabled by default should be welcomed, even if

it
> >is does not solve the bigger problem.
> >

> <snip />
> </quote>
>
> This is silly. All the naive Windows XP users are now going to think
> that they are protected.


They already did.


 
Reply With Quote
 
Howard Johnson
Guest
Posts: n/a
 
      08-17-2003

"anon" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> Who would want to use XP ICF anyway? It lacks many features a normal free
> software firewall has.


Between 300,000 and 1.5 million infected victims of the DCOM exploit.


 
Reply With Quote
 
Richard Malcolm-Smith
Guest
Posts: n/a
 
      08-17-2003
> This is silly. All the naive Windows XP users are now going to think
> that they are protected. What a shock for them when a) they receive a
> virus in email b) they can't f'rinstance run ftp or use kazaa or
> netmeeting, or MSN Messenger.....


Messenger should still work, as it uses upnp calls to get a port opened, so that
it works behind ICS, from what someone at microsoft was telling me some time
ago, upnp is the only way to get ports past the firewall, he lead me to believe
that there was no way to open them manually.

 
Reply With Quote
 
Robert Mathews
Guest
Posts: n/a
 
      08-17-2003
On Sun, 17 Aug 2003 17:58:55 +1200, Richard Malcolm-Smith <(E-Mail Removed)>
wrote:

>> This is silly. All the naive Windows XP users are now going to think
>> that they are protected. What a shock for them when a) they receive a
>> virus in email b) they can't f'rinstance run ftp or use kazaa or
>> netmeeting, or MSN Messenger.....

>
>Messenger should still work, as it uses upnp calls to get a port opened, so that
>it works behind ICS, from what someone at microsoft was telling me some time
>ago, upnp is the only way to get ports past the firewall, he lead me to believe
>that there was no way to open them manually.




Please tell my Why these people did not bother to get the XP Updates, as that
is on by default..?




 
Reply With Quote
 
Enkidu
Guest
Posts: n/a
 
      08-17-2003
On Sun, 17 Aug 2003 17:58:55 +1200, Richard Malcolm-Smith
<(E-Mail Removed)> wrote:

>> This is silly. All the naive Windows XP users are now going to think
>> that they are protected. What a shock for them when a) they receive a
>> virus in email b) they can't f'rinstance run ftp or use kazaa or
>> netmeeting, or MSN Messenger.....

>
>Messenger should still work, as it uses upnp calls to get a port opened, so that
>it works behind ICS, from what someone at microsoft was telling me some time
>ago, upnp is the only way to get ports past the firewall, he lead me to believe
>that there was no way to open them manually.
>

Urgh! I disabled uPnP when the first exploit arrived and haven't
restarted it since. I haven't checked whether there have been any
exploits recently.

You can get *any* port past the firewall. All you have to do is open
it. What is a little more trouble is if the internal addresses are
NATted to an external one.

This is the URL for uPnP.

http://www.upnp.org/

"The UPnP Forum is an industry initiative designed to enable simple
and robust connectivity among stand-alone devices and PCs from many
different vendors. As a group, we are leading the way to an
interconnected lifestyle".

I *think* what they are saying later in the page, is that if you are
connected to the Internet and uPnP and the discovery service are
activated, someone could, in theory, easily use your printer, your
hard disk, your CD....

Cheers,

Cliff
--

Signed and sealed with Great Seal of the Executive
Council of the Internet, by The Master of The Net.
 
Reply With Quote
 
Enkidu
Guest
Posts: n/a
 
      08-17-2003
On Sun, 17 Aug 2003 18:27:27 +1200, Robert Mathews
<(E-Mail Removed)> wrote:

>On Sun, 17 Aug 2003 17:58:55 +1200, Richard Malcolm-Smith <(E-Mail Removed)>
>wrote:
>
>>> This is silly. All the naive Windows XP users are now going to think
>>> that they are protected. What a shock for them when a) they receive a
>>> virus in email b) they can't f'rinstance run ftp or use kazaa or
>>> netmeeting, or MSN Messenger.....

>>
>>Messenger should still work, as it uses upnp calls to get a port opened, so that
>>it works behind ICS, from what someone at microsoft was telling me some time
>>ago, upnp is the only way to get ports past the firewall, he lead me to believe
>>that there was no way to open them manually.

>
>Please tell my Why these people did not bother to get the XP Updates, as that
>is on by default..?
>

....and many vendors switch it off. As I suspect they will do for the
ICF.

Cheers,

Cliff
--

Signed and sealed with Great Seal of the Executive
Council of the Internet, by The Master of The Net.
 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Circuit-Switched vs Packet-Switched Lawrence D'Oliveiro NZ Computing 7 01-19-2009 12:40 AM
microsoft.public.certification, microsoft.public.cert.exam.mcsa, microsoft.public.cert.exam.mcad, microsoft.public.cert.exam.mcse, microsoft.public.cert.exam.mcsd realexxams@yahoo.com Microsoft Certification 0 05-10-2006 02:35 PM
SWIG/IDLE/Python: F5 SHIP.py works but "import SHIP" gives "ImportError: dynamic module does not define init function (initSHIP)" Bill Davy Python 0 05-12-2005 08:48 AM
microsoft.public.dotnet.faqs,microsoft.public.dotnet.framework,microsoft.public.dotnet.framework.windowsforms,microsoft.public.dotnet.general,microsoft.public.dotnet.languages.vb Charles A. Lackman ASP .Net 1 12-08-2004 07:08 PM
Percentage of switched vs. non-switched Ethernet Networks ??? Chris Cisco 8 04-15-2004 09:56 PM



Advertisments