lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <5.1.0.14.2.20040817165748.03035de8@mail.geeksamazing.com>
From: list at geeksamazing.com (Al Reust)
Subject: lame bitching about xpsp2

Craig et al...

As I had stopped reading this thread decided to give it one last chance.

I loaded SP2 into my first platform (a year old XP "original" install with 
various installed/un-installed software and hardware (not it is not a clean 
XP). This was after a defrag, a specific System Restore Point and Backing 
up critical files. Started the upgrade and watched, about 40 minutes later 
it was running XP SP2. I looked at the firewall and saw things I liked, I 
went Windowsupdate and it Warned me about ActiveX as expected.

What surprised me was that unless you had some really flaky drivers for 
some arcane piece of hardware/software it was extremely simple (yes signed 
drivers would probably make it easier). I would feel safe letting my mother 
do it (but then I built her computer). I still have other hardware to test, 
but it was one of the most painless Service Packs I have seen. One of the 
first things noticed was that Firewall blocked NetBIOS from the Internet 
but still allowed connection to a "share" Internally. The Firewall appeared 
flexible, Logging still has to be explored. No, my mother would not 
understand the Firewall but could right click on a reg file that I send her.

Next is to hit some of the more suspect sites/exploits to see what happens.

Obviously if you have software that uses RAW Sockets, you are in trouble... 
If you have security testing to do you want to wait until a few people have 
worked through some of the problems. I do have to do a clean test machine 
for my sniffer, snort etc... But then that type of information would be 
productive conversation rather than "I can't get things to work." Esp... 
when no one gives real details about what did not work.

On to the next configuration and more testing.

R/

At 03:05 PM 8/16/2004 +0200, Soderland, Craig wrote:


> > >
>
><Much stuff deleted.>
>
> > > m$ have actually got this one right!
> >
> > It's great that it works for your one configuration, but there are
> > thousands of other configurations out there. For some, it is not
> > working, even when they read the documentation. The world is not just
> > you and your PC.
> >
>
>350 installs now and nary a problem, comprised of 3 different laptop 
>platforms, IBM, HP and Compaq and the odd Dell, 6 Different workstation 
>platforms, and even loaded it on a server or two just as a hoot. Works 
>well, I would submit that those experiencing problems have something 
>cocked up to begin with.
>
>_______________________________________________
>Full-Disclosure - We believe in it.
>Charter: http://lists.netsys.com/full-disclosure-charter.html



Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ