win xp sp1 changes ICF settings/rules and/or default behavior for snmp packet processing on udp 162?
From: Ken.Williams@ey.comDate: 09/18/02
- Previous message: Greene Paul: "Restricting access to a CD-WR drive on a Win2K Server"
- Next in thread: Rick Frankel: "RE: win xp sp1 changes ICF settings/rules and/or default behavior for snmp packet processing on udp 162?"
- Reply: Rick Frankel: "RE: win xp sp1 changes ICF settings/rules and/or default behavior for snmp packet processing on udp 162?"
- Reply: Jerry: "Re: win xp sp1 changes ICF settings/rules and/or default behavior for snmp packet processing on udp 162?"
- Reply: webbi@sapc.edu: "RE: win xp sp1 changes ICF settings/rules and/or default behavior for snmp packet processing on udp 162?"
- Reply: webbi@sapc.edu: "RE: win xp sp1 changes ICF settings/rules and/or default behavior for snmp packet processing on udp 162?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: focus-ms@securityfocus.com From: Ken.Williams@ey.com Date: Wed, 18 Sep 2002 12:22:42 -0500
i have a box running win xp pro, on a lan connected to a linksys
router. i use linklogger to snag the logs being broadcast by
the linksys to udp 162. before installing xp sp1, i had no
problems with this setup, and i didn't have to make any changes
to ICF, which was enabled on the xp box. after installing xp
sp1, all snmp packets broadcasted to udp 162 were dropped by the
xp box. i don't have time to investigate further, but i suspect
that sp1 changes ICF settings or defaults, or some other facet
of SNMP. the solution was to add a new "service" [read: rule]
to ICF called "snmp" that permitted network to access "snmp" via
udp port 162 (internally and externally). anybody else noticed
this, or had the time to get to the bottom of the situation and
determine exactly what changes xp sp1 makes to ICF and/or SNMP?
thanks,
ken
Ken Williams, CISSP
________________________________________________________________________
The information contained in this message may be privileged and confidential and protected from disclosure. If the reader of this message is not the intended recipient, or an employee or agent responsible for delivering this message to the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please notify us immediately by replying to the message and deleting it from your computer. Thank you. Ernst & Young LLP
- Previous message: Greene Paul: "Restricting access to a CD-WR drive on a Win2K Server"
- Next in thread: Rick Frankel: "RE: win xp sp1 changes ICF settings/rules and/or default behavior for snmp packet processing on udp 162?"
- Reply: Rick Frankel: "RE: win xp sp1 changes ICF settings/rules and/or default behavior for snmp packet processing on udp 162?"
- Reply: Jerry: "Re: win xp sp1 changes ICF settings/rules and/or default behavior for snmp packet processing on udp 162?"
- Reply: webbi@sapc.edu: "RE: win xp sp1 changes ICF settings/rules and/or default behavior for snmp packet processing on udp 162?"
- Reply: webbi@sapc.edu: "RE: win xp sp1 changes ICF settings/rules and/or default behavior for snmp packet processing on udp 162?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
