just simple facts

From: V4 (dontmailme@overyonderblueyonder.co.uk)
Date: 05/05/02 

From: "V4" <dontmailme@overyonderblueyonder.co.uk>
Date: Sat, 04 May 2002 23:46:33 GMT

I'm tired, I've been reading too much. I admit I'm a security novice but I
am willing to learn. Unfortunately, after following some web-based
recommendations I find someone else attacking me for my new found beliefs.
So, I read some more [their adivce] and that is 'trashed' by another
know-it-all, and so it goes on.

I'm very busy studying Windows 2000 Server [among other things] so I hate
wasting my time.
Simply, I want to know what enabling 'Client for Microsoft Networks'
does/allow.

It all stems from Win2K Server DUN 'deleting' the saved dialup password when
encountering an ISP Authentication error - i.e. My ISP, for whatever reason
may refuse my credentials (which are correct and have been successfully
accepted previously) and the connection is refused. DUN will then redial
but, as I have discovered, it now has no password to pass on (confirmed by
opening DUN settings where the password had mysteriously disappeared) and
will loop in this failed authentication/redial process until limits are
reached or human interaction occurs.

My ISP recommended I re-enabled 'Client for Microsoft Networks' to cure this
fault, stating this process is required to "cache" my password. This caused
me some concern as I'd just followed several security articles claiming
Client for Microsoft Networks and File and Print Sharing are not required
for Internet access and should be disabled/uninstalled.

In my endeavour to question the wisdom of my ISP I was "told" by others that
I was [insert derogatory phrases] and pointed to many links that were, IMO,
personal attacks of GRC aka Steve Gibson. With patience, I read through
article after article of how "although I generally agree and cannot fault
his reasoning...but I cannot agree xxxxxx-statement is entirely true or
proved..." and came up with nothing concrete. They really do generally
agree. Most of this appears to stem from the Linux vs Windows gangs - I
don't want to go there at all - I'm forced to use Windows and I'm stuck with
it, end of.

Please, I just want facts.
What are the vulnerabilities of Client for Microsoft Networks [NOT File &
Print Sharing]?
How does it work?
Is it required to remember DUN passwords?
Why would an ISP 'recommend' it be installed for Internet access?

All input welcome and thank you for reading [listening to] this.

Relevant Pages

  • Re: just simple facts
    ... Client for MS Networks should have nothing to do with caching DUN. ... your ISP is probably not responsible for or competent at ...
    (microsoft.public.win2000.security)
  • Re: Webspace too small
    ... I know, I know, I'm looking for recommendations. ... You aren't giving sufficient detail of what you require. ... massive amounts of webspace. ... I would prefer it to be the same isp that I use for my mail, ...
    (uk.misc)
  • Re: REVERSE DNS Failing
    ... Thank you very much for your analysis - I have forwarded this to my ISP and ... hopefully he will reconfigure his DNS server per your recommendations. ...
    (microsoft.public.windows.server.dns)
  • Re: Disabled Firewall
    ... the ISP? ... get rid of it and use WinXP's DUN. ... Bruce Chambers ...
    (microsoft.public.windowsxp.security_admin)
  • Re: Linux-friendly ISPs
    ... I'm getting fed-up with my current ISP. ... Any recommendations for UK-based linux-friendly ISP's? ... I'm thinking about Pipex (since it's cheap and has relatively good ...
    (uk.comp.os.linux)