Tim Mullen, 2004-08-11
Service Pack 2 for XP represents a sea change in Microsoft's security posture. Here's why you should ignore the naysayers and start planning your upgrade.
Colapse all |
Post comment
Redmond's Salvation? What?
2004-08-11
Dave (2 replies)
Dave (2 replies)
Redmonds Salvation? What? Think.
2004-08-14
FL Jim (1 replies)
FL Jim (1 replies)
I wonder why I always post to your questions? Dave, it is actually quite easy for anyone to be the judge of the difference between the Win2000 code and the XP code. You just have to reverse engineer the different platform patches for the same vulnerability. It is pretty easy if you know what you ar...
[ more ] [ reply ]
[ more ] [ reply ]
Redmond's Salvation
2004-08-11
Anonymous (1 replies)
Anonymous (1 replies)
If the upgrade from 2000 to XP didn't have the *whole* XP cost associated with it... Ok. But it does. Saying "2000 is old and XP is new, so if you're using 2000 you're out of the game, spend MORE money" is... well, saying "spend more and more money, and next year we'll ask for more". Thanks....
[ more ] [ reply ]
[ more ] [ reply ]
Redmond's Salvation
2004-08-12
Anonymous (1 replies)
Anonymous (1 replies)
That's why corporations are encouraged to use the Software Assurance plan - which lets them upgrade to the newest versions of the operating system....
[ more ] [ reply ]
[ more ] [ reply ]
Redmond's Salvation
2004-08-13
Rob Hughes (1 replies)
Rob Hughes (1 replies)
That's a non-answer, if ever I heard one. It also manages to reinforce the previous posters argument that it'll just be more money every year, whether you want/need to upgrade or not....
[ more ] [ reply ]
[ more ] [ reply ]
Redmond's Salvation
2004-08-15
Anonymous (1 replies)
Anonymous (1 replies)
I know, lets get a bunch of open source monkeys to write the next service pack for XP. So that when things go wrong with it, as they do, people will go mad waiting in vain for some sort of "support" from the generous and overwhelmingly supportive Open source community.
Stop whining all of you. If ...
[ more ] [ reply ]
Stop whining all of you. If ...
[ more ] [ reply ]
Redmond's Salvation
2004-08-18
Hytham
Hytham
"I know, lets get a bunch of open source monkeys to write the next service pack for XP. So that when things go wrong with it, as they do, people will go mad waiting in vain for some sort of "support" from the generous and overwhelmingly supportive Open source community."
Those who follow or spew ...
[ more ] [ reply ]
Those who follow or spew ...
[ more ] [ reply ]
Redmond's Salvation
2004-08-11
Anonymous (2 replies)
Anonymous (2 replies)
What a bunch of whiners you people are. My car was 10 yrs old and failing so I just traded it in and got a new one, cost me over $20,000 but it was necessary. Your OS is over 10 yrs old, it costs $200 for a new one but it's necessary. Your company makes tens of thousands of dollars off the work p...
[ more ] [ reply ]
[ more ] [ reply ]
Redmond's Salvation
2004-08-12
Anonymous (1 replies)
Anonymous (1 replies)
There is more than a 200 dollar cost associated with that upgrade. It organizations have to maintain and manage sizable fotprints of applications that will require migration to XP. You also might have some small retraining cost - or lost productivity due to re-orientation. ...
[ more ] [ reply ]
[ more ] [ reply ]
Redmond's Salvation
2004-08-11
Texas Opinion (2 replies)
Texas Opinion (2 replies)
It might be reasonable to state that XP/2003 is where we would all like to be. It is much better than 2000 on security, there is no doubt about that.
Then comes the real world. There are home users and small businesses out there that have invested a lot of money in their 2000 desktops and/or ser...
[ more ] [ reply ]
Then comes the real world. There are home users and small businesses out there that have invested a lot of money in their 2000 desktops and/or ser...
[ more ] [ reply ]
Redmonds Salvation
2004-08-14
FL Jim
FL Jim
I really need to clean my yard but I had to reply. It was clear to me what mullen said. "If you care about security --- upgrade" and you say for people to upgrade because of security is ridiculous. Why are you even here? If you had to "invest" in Win2000, then you'd better get a new job that pay...
[ more ] [ reply ]
[ more ] [ reply ]
Redmond's Salvation
2004-08-15
Anonymous
Anonymous
That is a fair call. I think Microsoft needs to more to address that, like provide some serious discounts to companies that want to upgrade to XP. It's refreshing to see a normal response instead of the usual microsoft are a bunch of seal cubbers that is normally bandied around these things. ...
[ more ] [ reply ]
[ more ] [ reply ]
Redmond's Salvation
2004-08-11
Anonymous (1 replies)
Anonymous (1 replies)
Unfortunately, 'XP2' is coming into the game late while the world has been watching serious security efforts being made for a considerably longer time on other operating systems. While it is a good thing that Microsoft is now coming to the table with serious security enhancements, it's unfortunate ...
[ more ] [ reply ]
[ more ] [ reply ]
Redmond's Salvation
2004-08-11
Harsem
Harsem
I congratulate Microsoft on this SP, it is a major relief for quite a few people. It will create a few problems in the short term, but it will help in the long run. Lets go forth from this point and ensure that this becomes the stadnard.
As for 2000, I would like to see a SP5 with some of the impro...
[ more ] [ reply ]
As for 2000, I would like to see a SP5 with some of the impro...
[ more ] [ reply ]
4 words for you!
2004-08-12
Anonymous (2 replies)
Anonymous (2 replies)
No more raw sockets!
Not a problem for the average user, but death for those writing and implementing most security software....
[ more ] [ reply ]
Not a problem for the average user, but death for those writing and implementing most security software....
[ more ] [ reply ]
NMAP?
2004-08-12
Anonymous (2 replies)
Anonymous (2 replies)
Secure ? well ok but why they removed support for TCP sends over RAW sockets in SP2 hmm..... http://seclists.org/lists/nmap-hackers/2004/Jul-Sep/0002.htm
l =>
...
[ more ] [ reply ]
l =>
...
[ more ] [ reply ]
NMAP?
2004-08-16
Anonymous
Anonymous
my sentiments EXACTLY the fact that they're breaking security software such as NMAP in the guise of "it is only used to write attack software" is a load of crap and I've little doubt will drive more of at least the security testing community over to FOS OS's like linuces and *BSD....
[ more ] [ reply ]
[ more ] [ reply ]
NMAP?
2004-08-17
Hytham
Hytham
"Secure ? well ok but why they removed support for TCP sends over RAW sockets in SP2 hmm..... http://seclists.org/lists/nmap-hackers/2004/Jul-Sep/0002.htm
l"
Actually that may be true for the default XP SP2 installation, but simply disabling the firewall service restores funcationality perfectly :...
[ more ] [ reply ]
l"
Actually that may be true for the default XP SP2 installation, but simply disabling the firewall service restores funcationality perfectly :...
[ more ] [ reply ]
Be careful, SP2 opens ports
2004-08-12
Anonymous (1 replies)
Anonymous (1 replies)
If WF was configured to block all (as by default, no any ports open) then SP2 opens file sharing regardless domain or workgroup configuration. So SP2 would silently open a nice hole for some who tried hardening it before. Good luck :-)...
[ more ] [ reply ]
[ more ] [ reply ]
Be careful, SP2 opens ports
2004-08-12
Anonymous
Anonymous
actually the ports that scare me are the ports opened by the ssdp discovery service. Since this applies to all XP releases I don't understand why anyone would "upgrade" a business environment to XP. Sure I can firewall this with egress rules, but the fact that I even have to filter a vendors traff...
[ more ] [ reply ]
[ more ] [ reply ]
Redmond's Salvation
2004-08-12
Anonymous (1 replies)
Anonymous (1 replies)
Why nobody is talking about this changes ?
With this hardcorded stuff it's not possible to use the system at full capacity.
Quote :
Two significant changes in Windows XP Service Pack 2 render the system
unusable by Windows network admins.
1) Outbound conection throttling. Windows XP Serv...
[ more ] [ reply ]
With this hardcorded stuff it's not possible to use the system at full capacity.
Quote :
Two significant changes in Windows XP Service Pack 2 render the system
unusable by Windows network admins.
1) Outbound conection throttling. Windows XP Serv...
[ more ] [ reply ]
Redmond's Salvation
2004-08-13
Anonymous
Anonymous
"At the same time, Windows XP SP 2 remains utterly useless for remote
vulnerability scanning and remote assessments by admins."
So basicly what you'd like is XP vulnerable over the network?
Wow ? that?s really secure!
Why not mbsacli from the clients through scripts? It can even be deployed ...
[ more ] [ reply ]
vulnerability scanning and remote assessments by admins."
So basicly what you'd like is XP vulnerable over the network?
Wow ? that?s really secure!
Why not mbsacli from the clients through scripts? It can even be deployed ...
[ more ] [ reply ]
Redmond's Salvation
2004-08-12
Peter
Peter
"... if you make the choice (or your company does for you) to maintain older, less secure software when you know something far better is out there, then you must take responsibility for your security posture." ... beter security ? Were you talking about Linux ?
"Even if you still consider Windo...
[ more ] [ reply ]
"Even if you still consider Windo...
[ more ] [ reply ]
A better idea
2004-08-12
Aenox (1 replies)
Aenox (1 replies)
How about, instead of downgrading to SP2, we convert to typewriters. They have been around since 1870 and still no security issues have been found. In fact, if we really want security as a major priority over functionality, we could just go back to pencil and paper.
XP SP2 reduces our freedoms, s...
[ more ] [ reply ]
XP SP2 reduces our freedoms, s...
[ more ] [ reply ]
Typewriters are vulnerable too!
2004-08-12
Anonymous (1 replies)
Anonymous (1 replies)
Typewriters are vulnerable to information disclosure, all I need to do is steal your ribbon to see everything you've typed! ;-)...
[ more ] [ reply ]
[ more ] [ reply ]
Redmond's Salvation - Pa'leez
2004-08-12
si
si
SP2 has a firewall? Mind blowing stuff for a "current" operating system...anyone who cares about security would have long ago installed one.
-=> The truth here is that if an application
-=> breaks, it really did need fixing anyway.
It's nice that this columnist thinks ISV's and the programm...
[ more ] [ reply ]
-=> The truth here is that if an application
-=> breaks, it really did need fixing anyway.
It's nice that this columnist thinks ISV's and the programm...
[ more ] [ reply ]
Redmond's Salvation
2004-08-12
Frizzle
Frizzle
Mullen called it alright. As evident from the two posts above me, no matter what MS does, there will always be somebody left to bitch and moan.
I still can't believe there is anyone reading Security Focus who is shocked and disappointed when they're OS becomes obsolete and dangerous by the relea...
[ more ] [ reply ]
I still can't believe there is anyone reading Security Focus who is shocked and disappointed when they're OS becomes obsolete and dangerous by the relea...
[ more ] [ reply ]
Redmond's Salvation
2004-08-12
Anonymous
Anonymous
Sorry but i disagree with your statement that these types of security changes should not be released for win2k. Win2k is far more widely used in the business area and MS should do the right thing and fix their lousy OS. Its not like they don't have the resources. They have $50B in the bank for chris...
[ more ] [ reply ]
[ more ] [ reply ]
Big Improvements..... yeah right
2004-08-12
Bug Me Not <sf@dodgeit.com> (1 replies)
Bug Me Not <sf@dodgeit.com> (1 replies)
Ok so there are some supposed improvements that will make XP nice. Sure with all these improvements we can expect that some things will not work. However what we should not accept, or tolerate is the fact that around 1 of every 2 computers that installs sp2 doesn't come back up! ...
[ more ] [ reply ]
[ more ] [ reply ]
Big Improvements..... yeah right
2004-08-12
Anonymous (2 replies)
Anonymous (2 replies)
"the fact that around 1 of every 2 computers that installs sp2 doesn't come back up!
"
would love to know where you got those stats from.....
[ more ] [ reply ]
"
would love to know where you got those stats from.....
[ more ] [ reply ]
Well and good, but...
2004-08-12
Penguinisto (1 replies)
Penguinisto (1 replies)
...how much bloat is this gonna add? Perhaps I should re-phrase that; how many resources are gonna get lost in this? The FW prolly won't be a big deal, but other parts of the SP will be.
Also, when you said:
"In an earlier column I identified old software as a contributing factor to security ...
[ more ] [ reply ]
Also, when you said:
"In an earlier column I identified old software as a contributing factor to security ...
[ more ] [ reply ]
Redmond's Salvation
2004-08-12
Anonymous (1 replies)
Anonymous (1 replies)
Windows 2000 is just fine, and runs on hardware that XP will not. It has all the same update features(ie. Automatic Updates). It doesn't have a built in firewall, but you don't need if you have a secure internal network.
We would move to Linux before upgrading to a resource hog like Windows X...
[ more ] [ reply ]
We would move to Linux before upgrading to a resource hog like Windows X...
[ more ] [ reply ]
Redmond's Salvation
2004-08-12
LinuxFire (1 replies)
LinuxFire (1 replies)
Moving to Linux would be a wise choice. I myself have been using Slackware Linux for many years. I do not have any problems with functionality and further more have never had to worry about waiting till the next service pack to come out so that my os is secure or not. The fact of the matter is that ...
[ more ] [ reply ]
[ more ] [ reply ]
Redmond&#39;s Salvation
2004-08-19
Reynaldo Ruiz
Reynaldo Ruiz
Good Luck Guys. Linux is "FREE" there are many communities and resources available. Personally I´m going to learn and work in both plataforms. I like to give recomendations (Consulting) with a inmersion of my counterparts in a real open mind. Not married to a platform. I always give the same advice...
[ more ] [ reply ]
[ more ] [ reply ]
Redmond's Salvation - hee hee hee hee hee
2004-08-14
Anonymous
Anonymous
I find all this angst so amusing. I moved my company to Linux and Unix about 4 years ago. The Linux security updates have never broken a thing here and my business is doing fine sans Microsoft. This is almost as fun as watching mud wrestling ... 'cept most of you dudes are too hairy and not female. ...
[ more ] [ reply ]
[ more ] [ reply ]
Redmond's Salvation
2004-08-16
Anonymous
Anonymous
Comming from a small business with about 50 windows 2k machines in place, the migration towards windcws XP just does not cut it, if only for security reasons.
Why should I force a change to my IT enviroment if I have maintain my vigilance in keeping my machines as "safe" as possible. These machines...
[ more ] [ reply ]
Why should I force a change to my IT enviroment if I have maintain my vigilance in keeping my machines as "safe" as possible. These machines...
[ more ] [ reply ]
Redmond's Salvation
2004-08-16
m0rpheus
m0rpheus
Dear Tim,
I assume that you are very well informed guy, but let me say TWO VERY IMPORTANT THINGS that I haven't seen anywhere in your column:
1. Windows Firewall does NOT inspect OUTGOING traffic. It does tremendous job protecting machine from incoming threats, but does NOTHING in opposite dir...
[ more ] [ reply ]
I assume that you are very well informed guy, but let me say TWO VERY IMPORTANT THINGS that I haven't seen anywhere in your column:
1. Windows Firewall does NOT inspect OUTGOING traffic. It does tremendous job protecting machine from incoming threats, but does NOTHING in opposite dir...
[ more ] [ reply ]
Redmond's Salvation - Event ID 4226
2004-08-16
Lunchy
Lunchy
I applaud them for trying, however, in one case that affects me personally, they've shown that they'd rather go around a problem, then tackle it. In the case of...
"Limited number of simultaneous incomplete outbound TCP connection attempts"
This can be found here...
http://www.microsoft.co...
[ more ] [ reply ]
"Limited number of simultaneous incomplete outbound TCP connection attempts"
This can be found here...
http://www.microsoft.co...
[ more ] [ reply ]
Redmond's Salvation
2004-08-19
Reynaldo Ruiz
Reynaldo Ruiz
Hard with them! A Service Pack is a extensively proved piece of software. Not a fruit or vegetable that needs to be mature and then eat it. Personaly I tried the Beta, RC1 and RC2 and works beautifully. I agree Microsoft is commited to improve his security in all line of products in money and time. ...
[ more ] [ reply ]
[ more ] [ reply ]
Redmond's Salvation
2004-08-21
Anonymous
Anonymous
The writer is obviously a microsoft consultant, of course he will brag about the joys of sp2. True it breaks extensions and different applications, and sp2 will still have security holes like any other Microsoft product. A true developers computer is the mac osx proprietary though but secure....
[ more ] [ reply ]
[ more ] [ reply ]
[ more ] [ reply ]