RE: Items within XP SP2 and Win2003

From: Depp, Dennis M. (deppdm_at_ornl.gov)
Date: 09/28/04

  • Next message: Thor: "Re: Fw: Serious Security Issue in Windows XP SP2's Firewall" 
    Date: Tue, 28 Sep 2004 07:18:22 -0400
To: Eric McCarty <eric@lawmpd.com>, larobins@bellatlantic.net, Joe Doyle <joe.doyle@promega.com>, focus-ms@securityfocus.com

    Eric,

    A firewall will not only block services, but it will also selectively
    allow services. For example, I might need to run a web server, but I
    only want users from a buisness partner to access this site. I can use
    the firewall to limit access to a specific IP address or subnet. In
    this case, a host based firewall can add another layer of security to a
    system. I do agree that you should not be browsing the internet from a
    server. However, some people will continue to browse the internet from
    servers. The enhancements to IE6 with W2K3 will not affect you or I,
    but they will affect many others.

    Dennis

    > -----Original Message-----
    > From: Eric McCarty [mailto:eric@lawmpd.com]
    > Sent: Monday, September 27, 2004 5:26 PM
    > To: Depp, Dennis M.; larobins@bellatlantic.net; Joe Doyle;
    > focus-ms@securityfocus.com
    > Subject: RE: Items within XP SP2 and Win2003
    >
    > I think this is a contradiction. On a server, you should turn off all
    > services you have no intention of having clients connect to,
    > not setup a
    > firewall to block them. Next you should not be browsing the internet
    > using your server, and if you noticed, the enhanced browser security
    > prevents this for the most part anyway.
    >
    > Eric
    >
    >
    >
    > -----Original Message-----
    > From: Depp, Dennis M. [mailto:deppdm@ornl.gov]
    > Sent: Monday, September 27, 2004 9:27 AM
    > To: larobins@bellatlantic.net; Joe Doyle; focus-ms@securityfocus.com
    > Subject: RE: Items within XP SP2 and Win2003
    >
    > WRT Windows firewall and IE updates.
    >
    > Dennis
    >
    > > -----Original Message-----
    > > From: Laura A. Robinson [mailto:larobins@bellatlantic.net]
    > > Sent: Sunday, September 26, 2004 2:38 AM
    > > To: 'Joe Doyle'; focus-ms@securityfocus.com
    > > Subject: RE: Items within XP SP2 and Win2003
    > >
    > > In what respects?
    > >
    > > Laura
    > >
    > > > -----Original Message-----
    > > > From: Joe Doyle [mailto:joe.doyle@promega.com]
    > > > Sent: Wednesday, September 22, 2004 5:38 PM
    > > > To: focus-ms@securityfocus.com
    > > > Subject: RE: Items within XP SP2 and Win2003
    > > >
    > > >
    > > > Not yet. Windows 2003 Service Pack 1 is supposed to
    > bring it up to
    > > > speed with Windows XP SP2.
    > > >
    > > > Joe
    > > >
    > > > -----Original Message-----
    > > > From: James Bowman [mailto:jim@drexel.edu]
    > > > Sent: Sunday, September 19, 2004 9:11 PM
    > > > To: focus-ms@securityfocus.com
    > > > Subject: Items within XP SP2 and Win2003
    > > >
    > > >
    > > >
    > > > Is their a set of hotfixes needed for 2003 that make it
    > comprable in
    >
    > > > features / overall security posture to XP SP2?
    > > >
    > > >
    > > >
    > > > Although there's probably a bevy of XP SP2 items embedded
    > in 2003, I
    >
    > > > would imagine there's a bunch that's not...
    > > >
    > > >
    > > >
    > > > Thanks
    > > >
    > > > --------------------------------------------------------------
    > > > ----------
    > > > ---
    > > > --------------------------------------------------------------
    > > > ----------
    > > > ---
    > > >
    > > >
    > > >
    > > >
    > > > --------------------------------------------------------------
    > > > -------------
    > > > --------------------------------------------------------------
    > > > -------------
    > > >
    > >
    > >
    > > --------------------------------------------------------------
    > > -------------
    > > --------------------------------------------------------------
    > > -------------
    > >
    > >
    >
    > --------------------------------------------------------------
    > ----------
    > ---
    > --------------------------------------------------------------
    > ----------
    > ---
    >
    >

    ---------------------------------------------------------------------------
    ---------------------------------------------------------------------------

  • Next message: Thor: "Re: Fw: Serious Security Issue in Windows XP SP2's Firewall"

    Relevant Pages

    • Re: Firewall on a single NIC SBS2003 Standard edition
      ... Frank McCallister SBS MVP ... > " Well, if you're wanting to run the firewall on a single NIC, you aren't ... Don't ask the server to do *everything*, ... > internet traffic from the workstations don't have to go through the SBS. ...
      (microsoft.public.windows.server.sbs)
    • Re: Internet on nodes
      ... I stopped the Firewall in SBS and could upload ... print' from both the server and a WS. ... Was not able to connect to the internet on the WS. ...
      (microsoft.public.windows.server.sbs)
    • Re: 2 NICs Configuration Problem
      ... the server as Paul envisaged it. ... gateway (to the Internet through the NIC connected to the Sonicwall DMZ ... NICs should not have default gateways configured for both. ... DMZ ports of any firewall, is an alternative path that cause great ...
      (microsoft.public.windows.server.networking)
    • Re: Collection of email
      ... server 2003), and FTP support, and a few other things as well. ... I think you are using ISA as your firewall. ... I don't think you have that option, though is your internet connection ...
      (microsoft.public.inetserver.iis.smtp_nntp)
    • Re: XP/SP2 Firewall über W2K GPO deaktivieren
      ... Weil es einen zentralen Zugangpunkt zum Internet gibt und dieser geschützt ... Dafür sorgt der Proxy Server für die Mitarbeiter. ... Meine Clients haben auch keine lokale Firewall installiert, ...
      (microsoft.public.de.german.win2000.gruppen_richtlinien)