WinXP's built-in firewall reconfigures self
From: John Hornbuckle (John.Hornbuckle@TAYLOR.K12.FL.US)Date: 12/21/01
- Previous message: @stake advisories: "@stake advisory: Multiple overflow and format string vulnerabilities in Microsoft SQL Server"
- In reply to: @stake advisories: "@stake advisory: Multiple overflow and format string vulnerabilities in Microsoft SQL Server"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 21 Dec 2001 08:14:44 -0500 From: John Hornbuckle <John.Hornbuckle@TAYLOR.K12.FL.US> To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
This bug doesn't appear to create a security risk, so I'm not sure if
it's appropriate for the list. One concern, though, is that if the
firewall can automatically STOP allowing certain types of connections,
can it automatically START allowing others?
I've not had the chance to extensively test this and determine the
precise cause, but I'm seeing a problem where WinXP's built-in firewall
stops allowing Remote Desktop ("RD") connections into a machine. If
you've played around with the firewall, you know that there's an option
you check to allow RD connections (and to open various other standard or
custom TCP/UDP ports). What's happening is that this option is being
unselected on its own. I've seen this happen on more than one machine;
the machine suddenly stops accepting RD connections, and I have to go
back into the FW config screen and re-check the box to allow RD
connections.
The pattern I've seen is that this seems to happen after using WinXP's
Remote Assistance ("RA") feature. Specifically, the machine that has
been the "host" to an RA session (i.e., the one that has allowed the
"expert" to connect to it) is the one that loses the ability to accept
RD connection until the firewall is reconfigured. It doesn't appear to
happen every single time you use RA, but it does happen regularly enough
that I've seen it multiple times and with multiple machines.
Can anyone duplicate this problem?
________________
John Hornbuckle
Network Manager
Taylor County School District
Perry, FL
============================================================================
Delivery co-sponsored by VeriSign - The Internet Trust Company
============================================================================
Protect your servers with 128-bit SSL encryption!
Get VeriSign's FREE guide, "Securing Your Web Site for Business." You will
learn everything you need to know about using SSL to encrypt your e-commerce
transactions for serious online security. Click here!
http://www.verisign.com/cgi-bin/go.cgi?a=n016065650057000
============================================================================
- Previous message: @stake advisories: "@stake advisory: Multiple overflow and format string vulnerabilities in Microsoft SQL Server"
- In reply to: @stake advisories: "@stake advisory: Multiple overflow and format string vulnerabilities in Microsoft SQL Server"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
