Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations gkittelson on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Some Security Implications for XP SP2 (now out)

Status
Not open for further replies.
vop

vop

Technical User
Mar 30, 2001
360
CA

Service Pack 2: It's Out There (now)

Quoted Excerpts:

Code: 
… Lots of you had no problems at all, but others weren't so lucky. Following are some of the most common [b]complaints and kudos[/b] we're hearing. 


… Others are having problems with peer-to-peer software. The latter is based on the fact that SP2 limits connections per port to 10 (this is to help slow the spread of [COLOR=red]viruses and worms[/color] such as Sasser), so programs such as eMule, that open connections to a lot of different destinations, are slowed down, too. 

… We've also heard about [COLOR=red]conflicts with ZoneAlarm[/color]. This is probably because SP2 turns on the Windows Firewall by default. If you use a third party firewall product, you need to turn off the Windows Firewall. 

… On the other hand, the [COLOR=red]pop-up blocker[/color] that SP2 adds to Internet Explorer is getting a big thumbs up. 

… Another new feature that users like is the Add-ons manager. This option is added to the Tools menu and it shows you what has been added to IE and lets you disable them. This is great for turning off those [COLOR=red]spyware toolbars[/color] that get installed "accidentally."



Vince
 
Sort by date Sort by votes
I thought the limitation of 10 connections per port went back to Windows 2000? Keeps you from using 2K or XP Pro as a poor persons server.

 
Upvote 0 Downvote
Someone has already pointed out some vulnerabilites in SP2 on BugTraq forums. These mainly deal with Zone Identifier (ZoneID) and running programs from the command line. It appears that CMD does not check for the Zone ID before running a program. It remains to be seen how much of a problem this is.


James P. Cottingham
-----------------------------------------
To determine how long it will take to write and debug a program, take your best estimate, multiply that by two, add one, and convert to the next higher units.
 
Upvote 0 Downvote
bfralia:

I believe that the 'limitation of 10 connections per port' is a client based limitation on local running processes. It has nothing to do with connecting to a server.

Vince
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

SaltyTheFrog
  • Locked
  • Question
Nearby Share security exposure
Replies
3
Views
448
goombawaho
goombawaho
DrB0b
  • Locked
  • Question
DKIM for Exchange 2019
Replies
1
Views
289
DrB0b
DrB0b
CDIV
  • Locked
  • Question
port 8080 monitoring -Trend micro deep security agent
Replies
0
Views
212
CDIV
CDIV
Macola10
  • Locked
  • Question
Kapersky Small Office Security
Replies
0
Views
123
Macola10
Macola10
LonnieJohnson
  • Locked
  • Question
Apps/Tools for seeing potential threats
Replies
1
Views
127
ChrisHirst
ChrisHirst

Part and Inventory Search

Sponsor

Back
Top