Sign in with
Sign up | Sign in
Your question

If you have XP and Windows Update set to 'automatic'...

Last response: in Computer Brands
Share
Anonymous
August 11, 2004 3:49:11 PM

Archived from groups: alt.sys.pc-clone.dell (More info?)

.....look for XP SP2 to be coming down very soon.

In sheer size, it's pretty much a beast even 'downloading in the
background'.


Stew
August 11, 2004 3:50:35 PM

Archived from groups: alt.sys.pc-clone.dell (More info?)

How sooon is "very soon?"


"S.Lewis" <stew1960@cover.bellsouth.net> wrote in message
news:n5sSc.10112$5i4.9479@bignews3.bellsouth.net...
> ....look for XP SP2 to be coming down very soon.
>
> In sheer size, it's pretty much a beast even 'downloading in the
> background'.
>
>
> Stew
>
>
Anonymous
August 11, 2004 5:18:21 PM

Archived from groups: alt.sys.pc-clone.dell (More info?)

"John" <ndirish@csinet.net> wrote in message
news:cfdios$nir$1@mozo.cc.purdue.edu...
> How sooon is "very soon?"
>
>

<snip>

http://support.microsoft.com/default.aspx?kbid=322389

At least for the moment, it appears MS wants to 'cascade' the downloads via
'automatic updates', as the download doesn't appear via "Windows Update"
scan this morning (at least for me).

I've been running SP RC1 and then RC2 for the last 90 days or so, and my
update grabbed the final release this morning. I backed everything up
before installing it.. The install while slow, was uneventful.

You can choose to turn off the XP firewall and auto updates if desired
during the install. It's just that the user is forced to interact/choose
the status of those, as well as the status of any AV program installed on
the machine.

You can download the "RTM/'released to manufacturing" version now at
http://www.softpedia.com/public/cat/13/9/13-9-177.shtml for anyone who's
feeling froggy. It's only 266mb.....


Stew
Related resources
Anonymous
August 11, 2004 5:29:12 PM

Archived from groups: alt.sys.pc-clone.dell (More info?)

My inner geek wants SP 2 *now*...but my rational self says "wait until
September."
--
Ted Zieglar
formerly "Rocket J. Squirrel"


"S.Lewis" <stew1960@cover.bellsouth.net> wrote in message
news:n5sSc.10112$5i4.9479@bignews3.bellsouth.net...
> ....look for XP SP2 to be coming down very soon.
>
> In sheer size, it's pretty much a beast even 'downloading in the
> background'.
>
>
> Stew
>
>
Anonymous
August 11, 2004 5:57:36 PM

Archived from groups: alt.sys.pc-clone.dell (More info?)

"Ted Zieglar aka "Rocky"" <teddyz@notmail.com> wrote in message
news:iDsSc.80777$V96.40845@cyclops.nntpserver.com...
> My inner geek wants SP 2 *now*...but my rational self says "wait until
> September."


I'm running the released version of XPSP2 and its been fine so far. It
turns on the Firewall by default and it turns off Windows Messenger. Both
good things for the average home user but useless for those of us who deal
with corporate nets with perimeter firewalls and the need to broadcast
network events via Net Send. Although I haven't read the administrative
deployment help files yet I'm sure there are ways to install SP2 with things
like the Firewall disabled. Short of that I've found nothing abnormal. We
use primarily business apps and software dev tools on our desktops.

I haven't been running it long enough to comment on stability or
performance. I can say that I haven't noticed any decline.

I can tell you that the wireless changes are great. My laptop constantly
thought it was offline before the update. Now it's never offline so there's
no need for constant synchronizations. There are other wireless
enhancements but I still don't see a paraphrase feature for WEP keys.

--

Rob


>
Anonymous
August 11, 2004 6:28:56 PM

Archived from groups: alt.sys.pc-clone.dell (More info?)

On Wed, 11 Aug 2004 13:18:21 -0500, S.Lewis wrote:

> You can download the "RTM/'released to manufacturing" version now at
> http://www.softpedia.com/public/cat/13/9/13-9-177.shtml for anyone who's
> feeling froggy. It's only 266mb.....

I downloaded and installed this yesterday and so far everything is running
fine. I like the newer firewall, too. I might get rid of my Norton's
firewall.

Dave
--
We are the US military. Your asses will be kicked. Resistance is futile.

US Army Signal Corps!
www.geocities.com/davidcasey98

Remove IH8SPAM to reply by email!
Anonymous
August 11, 2004 6:29:29 PM

Archived from groups: alt.sys.pc-clone.dell (More info?)

"S.Lewis" <stew1960@cover.bellsouth.net> wrote in message
news:ZotSc.10327$5i4.10188@bignews3.bellsouth.net...
>
> "John" <ndirish@csinet.net> wrote in message
> news:cfdios$nir$1@mozo.cc.purdue.edu...
>> How sooon is "very soon?"
>>
>>
>
> <snip>
>

> You can choose to turn off the XP firewall and auto updates if desired
> during the install. It's just that the user is forced to interact/choose
> the status of those, as well as the status of any AV program installed on
> the machine.
>


This is true but when you have 100 or so desktops to do you certainly don't
want that sit if front of each and tell it to disable the firewall. ;-)

Well I'm off to read the deployment help files and find the new Group Policy
settings.

--

Rob
Anonymous
August 11, 2004 6:29:30 PM

Archived from groups: alt.sys.pc-clone.dell (More info?)

"Robert R Kircher, Jr." <rrkircher@hotmail.com> wrote in message
news:8eedneDgLfX0-IfcRVn-tA@giganews.com...
> "S.Lewis" <stew1960@cover.bellsouth.net> wrote in message
> news:ZotSc.10327$5i4.10188@bignews3.bellsouth.net...
>>
>> "John" <ndirish@csinet.net> wrote in message
>> news:cfdios$nir$1@mozo.cc.purdue.edu...
>>> How sooon is "very soon?"
>>>
>>>
>>
>> <snip>
>>
>
>> You can choose to turn off the XP firewall and auto updates if desired
>> during the install. It's just that the user is forced to interact/choose
>> the status of those, as well as the status of any AV program installed on
>> the machine.
>>
>
>
> This is true but when you have 100 or so desktops to do you certainly
> don't want that sit if front of each and tell it to disable the firewall.
> ;-)
>
> Well I'm off to read the deployment help files and find the new Group
> Policy settings.
>
> --
>
> Rob
>
>
>

Rob,

Stop showing off, man. Remote management is completely over-rated:) 


Stew
Anonymous
August 11, 2004 6:53:47 PM

Archived from groups: alt.sys.pc-clone.dell (More info?)

"S.Lewis" <stew1960@cover.bellsouth.net> wrote in message
news:fJtSc.10374$5i4.1799@bignews3.bellsouth.net...
>
> "Robert R Kircher, Jr." <rrkircher@hotmail.com> wrote in message
> news:8eedneDgLfX0-IfcRVn-tA@giganews.com...
>> "S.Lewis" <stew1960@cover.bellsouth.net> wrote in message
>> news:ZotSc.10327$5i4.10188@bignews3.bellsouth.net...
>>>
>>> "John" <ndirish@csinet.net> wrote in message
>>> news:cfdios$nir$1@mozo.cc.purdue.edu...
>>>> How sooon is "very soon?"
>>>>
>>>>
>>>
>>> <snip>
>>>
>>
>>> You can choose to turn off the XP firewall and auto updates if desired
>>> during the install. It's just that the user is forced to
>>> interact/choose the status of those, as well as the status of any AV
>>> program installed on the machine.
>>>
>>
>>
>> This is true but when you have 100 or so desktops to do you certainly
>> don't want that sit if front of each and tell it to disable the firewall.
>> ;-)
>>
>> Well I'm off to read the deployment help files and find the new Group
>> Policy settings.
>>
>> --
>>
>> Rob
>>
>>
>>
>
> Rob,
>
> Stop showing off, man. Remote management is completely over-rated:) 
>

Remote management is a god send and XPSP2 deployment just so happens to be
what I'm working on today other wise I most likely wouldn't even mention it.
;-)

--

Rob
Anonymous
August 11, 2004 11:25:29 PM

Archived from groups: alt.sys.pc-clone.dell (More info?)

It won't show up in Windows update until Aug 16th. The full download is
available now.

"S.Lewis" <stew1960@cover.bellsouth.net> wrote in message
news:ZotSc.10327$5i4.10188@bignews3.bellsouth.net...
>
> "John" <ndirish@csinet.net> wrote in message
> news:cfdios$nir$1@mozo.cc.purdue.edu...
>> How sooon is "very soon?"
>>
>>
>
> <snip>
>
> http://support.microsoft.com/default.aspx?kbid=322389
>
> At least for the moment, it appears MS wants to 'cascade' the downloads
> via 'automatic updates', as the download doesn't appear via "Windows
> Update" scan this morning (at least for me).
>
> I've been running SP RC1 and then RC2 for the last 90 days or so, and my
> update grabbed the final release this morning. I backed everything up
> before installing it.. The install while slow, was uneventful.
>
> You can choose to turn off the XP firewall and auto updates if desired
> during the install. It's just that the user is forced to interact/choose
> the status of those, as well as the status of any AV program installed on
> the machine.
>
> You can download the "RTM/'released to manufacturing" version now at
> http://www.softpedia.com/public/cat/13/9/13-9-177.shtml for anyone who's
> feeling froggy. It's only 266mb.....
>
>
> Stew
>
>
>
Anonymous
August 11, 2004 11:25:30 PM

Archived from groups: alt.sys.pc-clone.dell (More info?)

"WSZsr" <nospam@hotmail.com> wrote in message
news:JouSc.1702$gp2.1306@newssvr22.news.prodigy.com...
> It won't show up in Windows update until Aug 16th. The full download is
> available now.
>

<snip>


FWIW, the linked RTM download above is identical to the one I pulled down
from "WUpdate" this AM, according to start/run/ 'winver'.


Stew
Anonymous
August 12, 2004 12:13:54 AM

Archived from groups: alt.sys.pc-clone.dell (More info?)

http://www.microsoft.com/downloads/details.aspx?FamilyI...

"S.Lewis" <stew1960@cover.bellsouth.net> wrote in message
news:rOuSc.10415$5i4.3804@bignews3.bellsouth.net...
>
> "WSZsr" <nospam@hotmail.com> wrote in message
> news:JouSc.1702$gp2.1306@newssvr22.news.prodigy.com...
>> It won't show up in Windows update until Aug 16th. The full download is
>> available now.
>>
>
> <snip>
>
>
> FWIW, the linked RTM download above is identical to the one I pulled down
> from "WUpdate" this AM, according to start/run/ 'winver'.
>
>
> Stew
>
August 12, 2004 12:25:55 AM

Archived from groups: alt.sys.pc-clone.dell (More info?)

Folks:

I use Zone Alarm (free edition) and it seems to work just fine. So, should I
just disable the SP2 firewall when I install it? Or is there a reason not
to?? If I don't disable it, does this mean I should eliminate Zone Alarm??

Mel
"Robert R Kircher, Jr." <rrkircher@hotmail.com> wrote in message
news:6cKdnTUukoFtwIfcRVn-oQ@giganews.com...
> "Ted Zieglar aka "Rocky"" <teddyz@notmail.com> wrote in message
> news:iDsSc.80777$V96.40845@cyclops.nntpserver.com...
> > My inner geek wants SP 2 *now*...but my rational self says "wait until
> > September."
>
>
> I'm running the released version of XPSP2 and its been fine so far. It
> turns on the Firewall by default and it turns off Windows Messenger. Both
> good things for the average home user but useless for those of us who deal
> with corporate nets with perimeter firewalls and the need to broadcast
> network events via Net Send. Although I haven't read the administrative
> deployment help files yet I'm sure there are ways to install SP2 with
things
> like the Firewall disabled. Short of that I've found nothing abnormal.
We
> use primarily business apps and software dev tools on our desktops.
>
> I haven't been running it long enough to comment on stability or
> performance. I can say that I haven't noticed any decline.
>
> I can tell you that the wireless changes are great. My laptop constantly
> thought it was offline before the update. Now it's never offline so
there's
> no need for constant synchronizations. There are other wireless
> enhancements but I still don't see a paraphrase feature for WEP keys.
>
> --
>
> Rob
>
>
> >
>
>
August 12, 2004 1:03:15 AM

Archived from groups: alt.sys.pc-clone.dell (More info?)

Keep using your Zone Alarm! It warns you about stuff trying to leave your
computer as well as stuff trying to get in. Win XP firewall only stops stuff
trying to get in so won't help you if you've got a trojan keystroke logger
trying to send personal info to lord knows where...

BT


"MB" <mel@prodigy.invalid.net> wrote in message
news:10hle8l37s5i16e@corp.supernews.com...
> Folks:
>
> I use Zone Alarm (free edition) and it seems to work just fine. So, should I
> just disable the SP2 firewall when I install it? Or is there a reason not
> to?? If I don't disable it, does this mean I should eliminate Zone Alarm??
>
> Mel
> "Robert R Kircher, Jr." <rrkircher@hotmail.com> wrote in message
> news:6cKdnTUukoFtwIfcRVn-oQ@giganews.com...
> > "Ted Zieglar aka "Rocky"" <teddyz@notmail.com> wrote in message
> > news:iDsSc.80777$V96.40845@cyclops.nntpserver.com...
> > > My inner geek wants SP 2 *now*...but my rational self says "wait until
> > > September."
> >
> >
> > I'm running the released version of XPSP2 and its been fine so far. It
> > turns on the Firewall by default and it turns off Windows Messenger. Both
> > good things for the average home user but useless for those of us who deal
> > with corporate nets with perimeter firewalls and the need to broadcast
> > network events via Net Send. Although I haven't read the administrative
> > deployment help files yet I'm sure there are ways to install SP2 with
> things
> > like the Firewall disabled. Short of that I've found nothing abnormal.
> We
> > use primarily business apps and software dev tools on our desktops.
> >
> > I haven't been running it long enough to comment on stability or
> > performance. I can say that I haven't noticed any decline.
> >
> > I can tell you that the wireless changes are great. My laptop constantly
> > thought it was offline before the update. Now it's never offline so
> there's
> > no need for constant synchronizations. There are other wireless
> > enhancements but I still don't see a paraphrase feature for WEP keys.
> >
> > --
> >
> > Rob
> >
> >
> > >
> >
> >
>
>
August 12, 2004 5:44:11 AM

Archived from groups: alt.sys.pc-clone.dell (More info?)

John wrote:

> How sooon is "very soon?"

How big is "big"?

220 MB
August 12, 2004 5:47:47 AM

Archived from groups: alt.sys.pc-clone.dell (More info?)

Ted Zieglar aka "Rocky" wrote:

> My inner geek wants SP 2 *now*...but my rational self says "wait until
> September."

Stifle your geek. :) 
August 12, 2004 5:50:16 AM

Archived from groups: alt.sys.pc-clone.dell (More info?)

MB wrote:

> Folks:
>
> I use Zone Alarm (free edition) and it seems to work just fine. So, should I
> just disable the SP2 firewall when I install it?

I would.

> Or is there a reason not
> to?? If I don't disable it, does this mean I should eliminate Zone Alarm??

I wouldn't - ZA protects against malware connecting to the 'Net from
your computer (e.g., a Trojan) as well as bad boys coming from the 'Net.
MS's filewall only protects against incoming threats.

As always, YMMV
August 12, 2004 8:03:08 AM

Archived from groups: alt.sys.pc-clone.dell (More info?)

On Thu, 12 Aug 2004 01:50:16 GMT, Sparky <nemo@moon.sun.edu> wrote:

>MB wrote:
>
>> Folks:
>>
>> I use Zone Alarm (free edition) and it seems to work just fine. So, should I
>> just disable the SP2 firewall when I install it?
>
>I would.
>
>> Or is there a reason not
>> to?? If I don't disable it, does this mean I should eliminate Zone Alarm??
>
>I wouldn't - ZA protects against malware connecting to the 'Net from
>your computer (e.g., a Trojan) as well as bad boys coming from the 'Net.
>MS's filewall only protects against incoming threats.
>
>As always, YMMV

SP2's firewall does a little more than that. It also flags apps that
want server status, allowing you to either block it or allow it. Not
quite all that ZA does, but close.

Personally, I think the free ZA is a nice little firewall. Their paid
prgorams have become too darn bloated as they attempt to become the
cure-all for every internet nastie.

Dave
August 12, 2004 8:43:52 AM

Archived from groups: alt.sys.pc-clone.dell (More info?)

On Wed, 11 Aug 2004 13:29:12 -0400, in alt.sys.pc-clone.dell, "Ted Zieglar
aka \"Rocky\"" <teddyz@notmail.com> wrote:

>My inner geek wants SP 2 *now*...but my rational self says "wait until
>September."

Me too! :) 

But I'm fighting temptation; I think I'll let the impatient ones help
Microsoft finish beta testing SP2 before I give it a try. From what I've
heard so far, it doesn't sound like I have any kind of urgent need for
anything in SP2.

So I'll try to wait a week or two before jumping in.

--
Nick <mailto:tanstaafl@pobox.com>
Anonymous
August 12, 2004 9:41:28 AM

Archived from groups: alt.sys.pc-clone.dell (More info?)

Another nice software firewall that is less invasive:
http://smb.sygate.com/products/spf_standard.htm


Stew




"Dave" <dmjohn29@REMOVE.hotmail.com> wrote in message
news:ciqlh0l5mna3gbrbct84k1io947t8t73jq@4ax.com...
> On Thu, 12 Aug 2004 01:50:16 GMT, Sparky <nemo@moon.sun.edu> wrote:
>
>>MB wrote:
>>
>>> Folks:
>>>
>>> I use Zone Alarm (free edition) and it seems to work just fine. So,
>>> should I
>>> just disable the SP2 firewall when I install it?
>>
>>I would.
>>
>>> Or is there a reason not
>>> to?? If I don't disable it, does this mean I should eliminate Zone
>>> Alarm??
>>
>>I wouldn't - ZA protects against malware connecting to the 'Net from
>>your computer (e.g., a Trojan) as well as bad boys coming from the 'Net.
>>MS's filewall only protects against incoming threats.
>>
>>As always, YMMV
>
> SP2's firewall does a little more than that. It also flags apps that
> want server status, allowing you to either block it or allow it. Not
> quite all that ZA does, but close.
>
> Personally, I think the free ZA is a nice little firewall. Their paid
> prgorams have become too darn bloated as they attempt to become the
> cure-all for every internet nastie.
>
> Dave
Anonymous
August 12, 2004 4:59:14 PM

Archived from groups: alt.sys.pc-clone.dell (More info?)

"S.Lewis" <stew1960@cover.bellsouth.net> writes:

>At least for the moment, it appears MS wants to 'cascade' the downloads via
>'automatic updates', as the download doesn't appear via "Windows Update"
>scan this morning (at least for me).

The guidance I've seen says that the sequence will be

* automatic update for systems with beta/RC versions of SP2 (already done?)
* automatic update for other users (16 August)
* Windows Update (later in the month)

And for corporate users there is a download available that includes
both a new .ADM (policy) file and a command script, both of which
temporarily (120 days) disable the ability of either automatic update
or Windows update to pick up SP2, which will cause all sorts of
mischief in enterprise environments.

>I've been running SP RC1 and then RC2 for the last 90 days or so, and my
>update grabbed the final release this morning. I backed everything up
>before installing it.. The install while slow, was uneventful.

Single-data-point: on a 700 MHz laptop (OmniBook 500) the install takes
approximately one hour.

Problems I've seen so far are system hangs (both on the OB500 each time
I've reimaged it and installed SP2, perhaps ten minutes after the
reboot -- another tester on a different computer had the system hang
during the reboot) and bogus "power spike in the USB interface" warnings
when the laptop is redocked.

>You can choose to turn off the XP firewall and auto updates if desired
>during the install. It's just that the user is forced to interact/choose
>the status of those, as well as the status of any AV program installed on
>the machine.

The problem now is that many/most of the existing third-party AV and
firewall products aren't yet SP2-aware and thus are not recognized by
the "security center" introduced by the service pack.

Joe Morris
Anonymous
August 12, 2004 4:59:15 PM

Archived from groups: alt.sys.pc-clone.dell (More info?)

"Joe Morris" <jcmorris@mitre.org> wrote in message
news:cffpj2$l4a$1@newslocal.mitre.org...
> "S.Lewis" <stew1960@cover.bellsouth.net> writes:
>
>>At least for the moment, it appears MS wants to 'cascade' the downloads
>>via
>>'automatic updates', as the download doesn't appear via "Windows Update"
>>scan this morning (at least for me).
>
> The guidance I've seen says that the sequence will be
>
> * automatic update for systems with beta/RC versions of SP2 (already
> done?)
> * automatic update for other users (16 August)
> * Windows Update (later in the month)
>
> And for corporate users there is a download available that includes
> both a new .ADM (policy) file and a command script, both of which
> temporarily (120 days) disable the ability of either automatic update
> or Windows update to pick up SP2, which will cause all sorts of
> mischief in enterprise environments.
>
>>I've been running SP RC1 and then RC2 for the last 90 days or so, and my
>>update grabbed the final release this morning. I backed everything up
>>before installing it.. The install while slow, was uneventful.
>
> Single-data-point: on a 700 MHz laptop (OmniBook 500) the install takes
> approximately one hour.
>
> Problems I've seen so far are system hangs (both on the OB500 each time
> I've reimaged it and installed SP2, perhaps ten minutes after the
> reboot -- another tester on a different computer had the system hang
> during the reboot) and bogus "power spike in the USB interface" warnings
> when the laptop is redocked.
>
>>You can choose to turn off the XP firewall and auto updates if desired
>>during the install. It's just that the user is forced to interact/choose
>>the status of those, as well as the status of any AV program installed on
>>the machine.
>
> The problem now is that many/most of the existing third-party AV and
> firewall products aren't yet SP2-aware and thus are not recognized by
> the "security center" introduced by the service pack.
>
> Joe Morris


Joe,

Informative post. The worst side-effects I've seen to this point: 1)
having to re-enable HTML and attachment (security) settings in OE, as both
are prevented/disabled by default after the SP2 'upgrade'. (I use a mail
filter that allows viewing on the server prior to bringing messages down).

I also noticed (on my P4 2.0 homebuild with XP Pro) a temporary
slowdown/hang at shutdown during the 'windows is shutting down' splash,
though that seems to have cleared up.

Also, the default "automatic update" settings attempt to bring *all updates*
down (including non-criticals) if the preferences aren't altered, which is
going to stink up some devices (particularly video cards) in all likelihood.

I had noticed as well the MS announcement that
arrangements/patches/workarounds were being made for those administering
networks to delay bringing SP2 down until those folks could estimate any
negative impact on a controlled basis.


Stew
Anonymous
August 12, 2004 5:01:39 PM

Archived from groups: alt.sys.pc-clone.dell (More info?)

"Robert R Kircher, Jr." <rrkircher@hotmail.com> writes:

>This is true but when you have 100 or so desktops to do you certainly don't
>want that sit if front of each and tell it to disable the firewall. ;-)

>Well I'm off to read the deployment help files and find the new Group Policy
>settings.

The Microsoft guidance for deploying SP2 includes a document which
by its title (I've not had a chance to read it) says that you can
use an INF file to preconfigure Windows Firewall (the new name for
ICF). I'm hoping that you can use this file to disable it entirely
in environments where a third-party firewall is used.

Joe Morris
Anonymous
August 12, 2004 5:03:40 PM

Archived from groups: alt.sys.pc-clone.dell (More info?)

"S.Lewis" <stew1960@cover.bellsouth.net> writes:
>"WSZsr" <nospam@hotmail.com> wrote:

>> It won't show up in Windows update until Aug 16th. The full download is
>> available now.

>FWIW, the linked RTM download above is identical to the one I pulled down
>from "WUpdate" this AM, according to start/run/ 'winver'.

Does your system have one of the beta or RC builds of SP2 installed? If
so you get the patch before people who didn't install one.

Joe Morris
Anonymous
August 12, 2004 5:03:41 PM

Archived from groups: alt.sys.pc-clone.dell (More info?)

"Joe Morris" <jcmorris@mitre.org> wrote in message
news:cffprc$l4a$3@newslocal.mitre.org...
> "S.Lewis" <stew1960@cover.bellsouth.net> writes:
>>"WSZsr" <nospam@hotmail.com> wrote:
>
>>> It won't show up in Windows update until Aug 16th. The full download is
>>> available now.
>
>>FWIW, the linked RTM download above is identical to the one I pulled down
>>from "WUpdate" this AM, according to start/run/ 'winver'.
>
> Does your system have one of the beta or RC builds of SP2 installed? If
> so you get the patch before people who didn't install one.
>
> Joe Morris


Yep. On my homebuild I was running XP Pro SP2 RC2, which pulled down the RTM
via WinUpdate yesterday am. On the other machine running XP Home SP1, I
brought down the SP2 file manually from the link (listed above in this
thread).

Winver shows both with an RTM ID of 080304 / 2158 .


Stew
Anonymous
August 12, 2004 6:48:04 PM

Archived from groups: alt.sys.pc-clone.dell (More info?)

"Joe Morris" <jcmorris@mitre.org> wrote in message
news:cffpj2$l4a$1@newslocal.mitre.org...
> "S.Lewis" <stew1960@cover.bellsouth.net> writes:
>
>>You can choose to turn off the XP firewall and auto updates if desired
>>during the install. It's just that the user is forced to interact/choose
>>the status of those, as well as the status of any AV program installed on
>>the machine.
>
> The problem now is that many/most of the existing third-party AV and
> firewall products aren't yet SP2-aware and thus are not recognized by
> the "security center" introduced by the service pack.
>

I can tell you that McAfee 7.1 was picked up by SP2. I just deployed a
desktop by hand today and now I have to go over my notes to see what I need
to change in my policies. Surprisingly SP2 hasn't added to many changes to
my policies. Of course disable the FW is top on the list.

One thing that is disabled, that I use internally, is Windows Messenger. I
haven't found any documentation on that yet so that makes me worried about
what other undocumented things I may find disabled. Anyway nothing that
can't be fixed with a GPO.

--

Rob
Anonymous
August 13, 2004 2:35:12 PM

Archived from groups: alt.sys.pc-clone.dell (More info?)

On Fri, 13 Aug 2004 12:55:14 +0000 (UTC), Joe Morris wrote:

> By any chance have you seen anything that can be used to reliably suppress
> the red warning icon that appears in the system tray if you either turn
> off the firewall, don't have a (recognized) antivirus program, *or*
> disable automatic updating? My operations have perhaps ~100+ DMZ
> machines, a few of which are running XP; they *are* configured properly
> (and each is behind a customized firewall) and run an AV program, and
> it would be stupid to allow Microsoft to drive an update to a system
> where the configuration is tightly controlled for security purposes.
>
> I don't want the sysadmins responsible for Windows systems to be looking
> at an icon that falsely claims that the box is vulnerable and getting
> into the habit of ignoring it...this is a good (?) example of a "boy
> crying wolf" situation.

In my experience with SP2 so far (all 3 days of it), you can tell Windows
that you have your own firewall or anti-virus program and you will do the
monitoring yourself. It stops giving you alerts then and the system tray
icon goes away.

Dave
--
We are the US military. Your asses will be kicked. Resistance is futile.

US Army Signal Corps!
www.geocities.com/davidcasey98

Remove IH8SPAM to reply by email!
Anonymous
August 13, 2004 4:12:42 PM

Archived from groups: alt.sys.pc-clone.dell (More info?)

On Fri, 13 Aug 2004 12:55:14 +0000 (UTC), Joe Morris wrote:

> By any chance have you seen anything that can be used to reliably suppress
> the red warning icon that appears in the system tray if you either turn
> off the firewall, don't have a (recognized) antivirus program, *or*
> disable automatic updating?

In the Security Center, under Resources, click on "Change the way Security
Center alerts me". You can configure the alerts there.

-Jeff B.
yeff at erols dot com
Anonymous
August 13, 2004 5:05:13 PM

Archived from groups: alt.sys.pc-clone.dell (More info?)

"Robert R Kircher, Jr." <rrkircher@hotmail.com> writes:

>"Joe Morris" <jcmorris@mitre.org> wrote:

>> The problem now is that many/most of the existing third-party AV and
>> firewall products aren't yet SP2-aware and thus are not recognized by
>> the "security center" introduced by the service pack.

>I can tell you that McAfee 7.1 was picked up by SP2. I just deployed a
>desktop by hand today and now I have to go over my notes to see what I need
>to change in my policies. Surprisingly SP2 hasn't added to many changes to
>my policies. Of course disable the FW is top on the list.

SAV version 8 isn't completely recognized by SP2. Our AV people have
tested SAV 9 (which we'll be rolling out later this year) and it does
have (apparently) whatever magic blue smoke that allows SP2 to recognize
it as an antivirus program.

I can't use a policy to suppress the Windows Firewall feechur because
some systems in my shop have a legitimate need to use it for testing.
What I'll be doing is wrapping the SP2 installation in a script that
presets the registry entry that disables the firewall.

>One thing that is disabled, that I use internally, is Windows Messenger. I
>haven't found any documentation on that yet so that makes me worried about
>what other undocumented things I may find disabled. Anyway nothing that
>can't be fixed with a GPO.

One new gotcha that surfaced yesterday is that among the other changes
introduced by SP2 is that transmitting packets via the raw socket
interface to a NIC is now blocked. This in turn breaks NMAP (per a
comment from the author of NMAP, and which I confirmed by testing).
Steve Gibson has for some time been railing (with some justification)
about the vulnerabilities of raw sockets, but it's curious that Microsoft's
explanation for the change is the (incorrect) statement that "the only
users of raw sockets are virus writers" -- while Microsoft's web site
includes a link to the NMAP pages in a list of suggested security tools.

I did verify that at least some network *monitoring* tools such as
Etherpeek work quite happily on an interface from which all protocol
and related components have been removed.

Joe Morris
Anonymous
August 14, 2004 6:58:27 PM

Archived from groups: alt.sys.pc-clone.dell (More info?)

"Robert R Kircher, Jr." <rrkircher@hotmail.com> writes:

>From what I've read you need to turn off Security Center Services however, I
>haven't run across the policies yet. I hope they exists because writing
>ADMs isn't as simple as it looks. :-/ It is a Service so you most likely
>can disable it in your GPO. I've noticed that it isn't running on my PCs
>belonging to a domain. I haven't tested it enough to guarantee that
>however.

Turns out that there is a policy to block the entire Security Center,
and there's also a trio of registry settings which can be used to
prevent alerts on no firewall/no antivirus/no auto-update. They're
documented (along with the policy which allows the suppression of
the entire Security Center) in the "what's changed" documents available
from the MS web site. It's a *long* document and I got my first
opportunity to read the final version only last night.

Links to the document (which in its final form looks to be useful) can
be found at

http://go.microsoft.com/fwlist/?LinkId=28022

See in particular chapter 6 ("Maintenance"), p. 27.

Joe Morris
Anonymous
August 14, 2004 7:01:27 PM

Archived from groups: alt.sys.pc-clone.dell (More info?)

Yeff <zoomie@fastmail.fm> writes:

>On Fri, 13 Aug 2004 12:55:14 +0000 (UTC), Joe Morris wrote:

>> By any chance have you seen anything that can be used to reliably suppress
>> the red warning icon that appears in the system tray if you either turn
>> off the firewall, don't have a (recognized) antivirus program, *or*
>> disable automatic updating?

>In the Security Center, under Resources, click on "Change the way Security
>Center alerts me". You can configure the alerts there.

What I was looking for was some way to *preconfigure* the settings for
a massive rollout so that each of my users worldwide don't have to manually
go in and change the settings. I found the Registry settings; see another
of my postings today in this thread for the links to the appropriate
MS document.

Thanks anyway; with all of the irritation about "mother Microsoft telling
us what to do" I suspect that the info you posted will be useful to lots
of people.

Joe Morris
Anonymous
August 18, 2004 1:36:14 PM

Archived from groups: alt.sys.pc-clone.dell (More info?)

Hmmm. The link you supplied for the "what's changed" document for Windows
XP SP2 doesn't work for me. Can you say where the document is located?

"Joe Morris" <jcmorris@mitre.org> wrote in message
news:cfl9aj$i8b$1@newslocal.mitre.org...
> "Robert R Kircher, Jr." <rrkircher@hotmail.com> writes:
>
> >From what I've read you need to turn off Security Center Services
however, I
> >haven't run across the policies yet. I hope they exists because writing
> >ADMs isn't as simple as it looks. :-/ It is a Service so you most
likely
> >can disable it in your GPO. I've noticed that it isn't running on my PCs
> >belonging to a domain. I haven't tested it enough to guarantee that
> >however.
>
> Turns out that there is a policy to block the entire Security Center,
> and there's also a trio of registry settings which can be used to
> prevent alerts on no firewall/no antivirus/no auto-update. They're
> documented (along with the policy which allows the suppression of
> the entire Security Center) in the "what's changed" documents available
> from the MS web site. It's a *long* document and I got my first
> opportunity to read the final version only last night.
>
> Links to the document (which in its final form looks to be useful) can
> be found at
>
> http://go.microsoft.com/fwlist/?LinkId=28022
>
> See in particular chapter 6 ("Maintenance"), p. 27.
>
> Joe Morris
!