RE: Items within XP SP2 and Win2003

From: Dennis Bauer (dbauer_at_Mines.EDU)
Date: 09/28/04

  • Next message: Zack Schiel: "RE: Items within XP SP2 and Win2003"
    To: "'Eric McCarty'" <eric@lawmpd.com>, "'Depp, Dennis M.'" <deppdm@ornl.gov>, <kyle@inetconnection.com>, <focus-ms@securityfocus.com>
    Date: Tue, 28 Sep 2004 10:02:30 -0600
    
    

    I also have to say as a broad sweeping update SP2 has a lot to offer. Just
    the fact that there is any security (meaning the firewall) is a vast
    improvement over the existing one (meaning the firewall) at least now I do
    not have to stress as much about what my users are doing. I have way to
    many machines to walk around all the time and make sure that things are
    right for them.

    Dennis

    -----Original Message-----
    From: Eric McCarty [mailto:eric@lawmpd.com]
    Sent: Monday, September 27, 2004 11:39 AM
    To: Depp, Dennis M.; kyle@inetconnection.com; focus-ms@securityfocus.com
    Subject: RE: Items within XP SP2 and Win2003

    I think a lot has been said in this thread without much back being given
    to comments. I know of no SP2 specific vulnerabilities are not also
    effecting SP1, yet I know very many SP1 specific vuln's that SP2 doesn't
    fall prey to. Next, the firewall works as advertised, as far as FPS is
    concerned, if you are opening access to this services you are defeating
    much of the purpose of the firewall, sure the windows are locked but who
    cares because the front door is wide open.

    SP2 is a great upgrade from SP1, call this my personal opinion or fact
    but there are many strong arguments supporting this. Integrated IE
    Pop-Up blocker is enough for me, especially since the web apps I use are
    IE only so I'm forced to use it.

    Saying XP2 is far from secure is a very very broad statement and needs
    to be backed up by fact and examples or code. I will state that XP2
    properly configured is far more secure than XP SP1. Backing for this
    statement can be found here :

    http://www.us-cert.gov/cas/alerts/SA04-243A.html

    Eric McCarty

    -----Original Message-----
    From: Depp, Dennis M. [mailto:deppdm@ornl.gov]
    Sent: Monday, September 27, 2004 4:15 AM
    To: kyle@inetconnection.com; focus-ms@securityfocus.com
    Subject: RE: Items within XP SP2 and Win2003

    Interesting comment. The arbitrary code exploits you mentioned, are
    these unique to SP2 or does SP1 fall prey to them as well. I am not
    aware of any exploits that are unique to SP2. The firewall is not
    perfect I will admit, but it is a vast improvement over its
    predecdessor. The current firewall is great for a home machine.
    However, when you use the wizard to poke holes in the firewall, they
    seem to be much larger than needed. I think a better analogy for the
    firewall is a privacy fence, but when you use the wizard to open the
    firewall, often you are removing several boards when a knot hole would
    have worked just as well.

    Denny

    > -----Original Message-----
    > From: kyle [mailto:kyle@inetconnection.com]
    > Sent: Wednesday, September 22, 2004 9:53 PM
    > To: focus-ms@securityfocus.com
    > Subject: Re: Items within XP SP2 and Win2003
    >
    > Well, on the grand scheme of things, XP SP2 is far from secure. I know

    > of a good many arbitrary code exploits that are easily utilized by a
    > common webmaster. And the "firewall" is like a chain link fence for a
    > privacy fence.
    > IMO you were better off not "upgrading" to SP2 and sticking with SP1
    > until
    > SP2 was fixed (released, but far from done, and def. not an upgrade)
    > I'm sure M$ was better with 2003 considering it was supposed to be a
    > SERVER edition, but then again you never know with M$.
    >
    > On Sunday 19 September 2004 09:11 pm, James Bowman wrote:
    > > Is their a set of hotfixes needed for 2003 that make it comprable in

    > > features / overall security posture to XP SP2?
    > >
    > > Although there's probably a bevy of XP SP2 items embedded
    > in 2003, I would
    > > imagine there's a bunch that's not...
    > >
    > > Thanks
    > >
    > >
    > --------------------------------------------------------------
    > -------------
    > >
    > --------------------------------------------------------------
    > -------------
    >
    > --------------------------------------------------------------
    > -------------
    > --------------------------------------------------------------
    > -------------
    >
    >

    ------------------------------------------------------------------------

    ---
    ------------------------------------------------------------------------
    ---
    ---------------------------------------------------------------------------
    ---------------------------------------------------------------------------
    ---------------------------------------------------------------------------
    ---------------------------------------------------------------------------
    

  • Next message: Zack Schiel: "RE: Items within XP SP2 and Win2003"

    Relevant Pages

    • Re: question about clean install after SP2
      ... > After SP2 install my IE was seriously defective. ... You should periodically defragment your hard drives as well as check them ... using Windows XP "prettifications". ... You should at least turn on the built in firewall. ...
      (microsoft.public.windowsxp.help_and_support)
    • Re: Browser Adverts????????
      ... With everything in this list and SP2.. ... It contains advice ... using Windows XP "prettifications". ... You should at least turn on the built in firewall. ...
      (microsoft.public.windowsxp.help_and_support)
    • Re: Keine lesbaren Anhänge in Outlook Express 6
      ... Dringendst sollten die überfälligen Updates installiert werden. ... Er hat die OE-Version von WinXP mit SP1 ohne SP1 für IE/OE! ... SP2 alle im Hintergrund laufenden Programme, ... und Personal Firewall, ...
      (microsoft.public.de.german.inetexplorer.ie6.outlookexpress)
    • Re: Service Pack 2 destroyed my C: drive
      ... > I installed SP2 using the CDROM on an XP Pro system. ... It contains advice ... Windows XP, I suggest you clean up your system first. ... You should at least turn on the built in firewall. ...
      (microsoft.public.windowsxp.setup_deployment)
    • Re: What to do??
      ... Just install SP2 ... It contains advice ... > Windows XP, I suggest you clean up your system first. ... You should at least turn on the built in firewall. ...
      (microsoft.public.windowsxp.general)