Re: Fw: Serious Security Issue in Windows XP SP2's Firewall

From: Frank Knobbe (frank_at_knobbe.us)
Date: 09/24/04

Next message: Paul Aviles: "Change password shortcut"

Previous message: kyle: "Re: Items within XP SP2 and Win2003"
In reply to: Harlan Carvey: "Re: Fw: Serious Security Issue in Windows XP SP2's Firewall"
Next in thread: Laura A. Robinson: "RE: Serious Security Issue in Windows XP SP2's Firewall"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: Harlan Carvey <keydet89@yahoo.com>
Date: Fri, 24 Sep 2004 09:45:52 -0500

On Thu, 2004-09-23 at 06:00, Harlan Carvey wrote:
> I think you're right. I read through the first two
> lines of the SP2 "issue"...this "certain
> configuration" they're talking about is essentially
> allowing file and printer sharing, even with the f/w
> enabled. Uh...duh!

I think the contention is that when file/printer sharing is enabled, and
the firewalls is activated, SMB ports are open on the dial-up interface
without having been explicitly opened via the firewall policy (unlike
the network interface). So in a sense, yes, there is a bug. The implicit
allow is probably not a good thing, but the main issue seems to be that
while SMB ports are closed on exiting interfaces (like network cards),
the policy setting is not applied to inactive, dynamic interfaces -- the
RAS interface in essence. Once you dial-up, and thus activate the
interface, the ports are open even though that is not specified in the
firewall policy.

Someone should verify if this also applies to other inactive, dynamic
interfaces likes RAS & Routing interfaces and PPTP tunnels.

Seems indeed like a bug (just from reading, I have not verified it). But
I agree that this issue is blown way out of proportions. The main reason
is that there is no negative change. I mean, this issue has been there
all these years. The XP firewall may not close the ports due to a bug,
but it's not like new holes are opened.

Oh well, free advertising for PC Welt I guess...

Regards,
Frank

application/pgp-signature attachment: This is a digitally signed message part

Next message: Paul Aviles: "Change password shortcut"

Previous message: kyle: "Re: Items within XP SP2 and Win2003"
In reply to: Harlan Carvey: "Re: Fw: Serious Security Issue in Windows XP SP2's Firewall"
Next in thread: Laura A. Robinson: "RE: Serious Security Issue in Windows XP SP2's Firewall"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Re: Second Configuration Storage Server and member of array
... Just one point on the first article (http://www.isaserver.org/ ... array/CSS configuration? ... Is it in the Firewall Policy ander the ... or in the Enterprise part of the interface? ...
(microsoft.public.isa)
Re: Email clients
... presumably this isn't a bug in Mail after all. ... but filters not that good (why don't they just license dspam or some ... totally sufficient, and the interface to them is very, very good). ... plugins are basically hacks against a "private" ...
(uk.comp.sys.mac)
Re: Sockets stuck in SYN_RCVD (re(4), RELENG_7, i386)
... The I disabled RXCSUM,TXCSUM on the interface. ... So hardware checksumming isn't ... wouldn't have influence with TCP traffics by itself. ... So my current suspect is a bug in the syncache code. ...
(freebsd-current)
itools 0.14.2 released
... This release brings user interface improvements and many bug fixes. ... itools.csv -- The CSV parser has been separated from the CSV handler, ...
(comp.lang.python.announce)
Re: data with metadata
... features can be called from Fortran. ... databases have a C interface. ... before it considers STDCALL to be compatible with BIND, ... gfortran group can't seem to consider it to be a bug or at least ...
(comp.lang.fortran)