[Sussex] Windows XP SP2 firewall nightmare
Mark Harrison
Mark at ascentium.co.uk
Tue Mar 30 10:46:04 UTC 2004
Actually, when I was at Kingfisher, I went to some VERY bizarre
presentations in which Sun tried to blame all sorts of things for what
turned out to be problems in their hardware :-)
The best one was when a Sun engineer stood up and gave a presentation about
how a cosmic ray, travelling at the wrong angle, could upset two registers
on a SPARC chip... and that was almost certainly the cause of our problems,
oh yes.
Let us not forget that the original "Internet Worm" infected Unix
workstations/servers, and exploited a buffer overrun in a commonly used
MTA...
M.
----- Original Message -----
From: "Andrew Guard" <agua at coinford.co.uk>
To: "'LUG email list for the Sussex Counties'" <sussex at mailman.lug.org.uk>
Sent: Tuesday, March 30, 2004 11:40 AM
Subject: RE: [Sussex] Windows XP SP2 firewall nightmare
Nope, it is made from Microsoft source code.
Now what is worring me most is whitin section called Memory protection.
That they software has problem but that is only because of CPU. Now that
new one on me, I hear Sun, Linux Kernals all blaming CPU's for securty
problems all the time, NOT!
http://www.microsoft.com/technet/prodtechnol/winxppro/maintain/winxpsp2.mspx
[quote]
* Memory protection. Some attacks by malicious software leverage software
security vulnerabilities that allow too much data to be copied into areas of
the computer's memory. These vulnerabilities are typically referred to as
buffer overruns. Although no single technique can completely eliminate this
type of vulnerability, Microsoft is employing a number of security
technologies to mitigate these attacks from different angles.
[good idea]First, core Windows components have been recompiled with the most
recent version of our compiler technology.[/good idea]
[better idea, blame some else]Additionally, Microsoft is working with
microprocessor companies to help Windows support hardware-enforced execution
protection (also known as NX, or no execute) on microprocessors that contain
the feature. Execution protection uses the CPU to mark all memory locations
in an application as non-executable unless the location explicitly contains
executable code.[/better idea, blame some else]
This way, when an attacking worm or virus inserts program code into a
portion of memory marked for data only, an application or Windows component
will not run it.
[/quote]
> -----Original Message-----
> From: Mark Harrison [mailto:Mark at ascentium.co.uk]
> Sent: 30 March 2004 11:23
> To: LUG email list for the Sussex Counties
> Subject: Re: [Sussex] Windows XP SP2 firewall nightmare
>
>
> The purpose of the Firewall in XP is to lull people into a
> false sense of
> security and drum up more business for disaster-recovery consultants.
>
> Really, don't trust your business to it, please?
>
> Mark
>
>
> ----- Original Message -----
> From: "Andrew Guard" <agua at coinford.co.uk>
> To: "SussexLinux (E-mail)" <sussex at mailman.lug.org.uk>
> Sent: Tuesday, March 30, 2004 10:55 AM
> Subject: [Sussex] Windows XP SP2 firewall nightmare
>
>
> Gosh just started test Microsoft XP SP2 and it firewall and
> it drivning me
> mad. As it askes you to allow something then ask's you are
> you shore. What
> I see happing is people will just turn firewall of as it to
> much hassle.
>
>
>
> http://www.microsoft.com/technet/prodtechnol/winxppro/sp2preview.mspx
>
>
> _____________________________________
> Andrew Guard
>
> IT Support
>
>
>
> Direct:(01342) 840840
> Office:(01342) 840800
> Fax:(01342) 840888
> Email:agua at coinford.co.uk
>
> ____________________________________________
> Coinford Ltd
> Redeham Hall
> 137 Redehall Road
> Burstow
> Surrey
> RH6 9RJ
>
>
> Java Script Flash e-mail. © My eyes are red partnership
> 2001-2003 All Rights
> Reserved. Used under licence
>
> _______________________________________________
> Sussex mailing list
> Sussex at mailman.lug.org.uk
> http://mailman.lug.org.uk/mailman/listinfo/sussex
>
>
>
> _______________________________________________
> Sussex mailing list
> Sussex at mailman.lug.org.uk
> http://mailman.lug.org.uk/mailman/listinfo/sussex
>
_______________________________________________
Sussex mailing list
Sussex at mailman.lug.org.uk
http://mailman.lug.org.uk/mailman/listinfo/sussex
More information about the Sussex
mailing list