Final Release of SP2 Discussion/FAQ's

[anime_layer]

Many people get this wrong about the new limit in SP2. It's not a limit on the total TCP/IP connections opened but on the incomplete connections. As soon as a connection is established (this is usually quite quick), it's not an incomplete connection anymore.
So the only diffrence will be, that BT won't be able to connect to as many peers at the same time. It is, however, still able to connect to as many peers as you want it to. You'll only notice a slowdown at the beginning of the download (if any).

You can take a look at the event log to see how much this affects you. I have three torrents opened and well over 100 bt connections and judging by my log, the limit got hit only five times.

[AOforever1]

Well, I just got the update to SP2 from Automatic Updates, and I don't see any problems yet

And Style XP 2.13 proves to work with SP2! I didn't waste $20

[Forse]

First of all SP2 is just desprate try for microsoft to show that they care about security. Yeah it might block ActivX but microsoft was the one to invent something so horrible! Anyway I will spare you from my "MS sucks" talk, but here are so facts:

-SP2 Limits connections (was pointed out before)
-SP2 conflicts with many applications: http://support.microsoft.com/default...t=windowsxpsp2
-SP2 includes a lot of useless stuff

Here is something you should read up before even thinking of installing it:
http://www.eweek.com/article2/0,1759,1635083,00.asp
http://isc.sans.org/xpsp2.php?startmsg=687

Anyway I refuse to install SP2 as I have hardware firewall and I use windows only for 3-4 apps + games (win connected only to intranet) so I am pretty safe

[cabbit]

I've been using SP2 for awhile and it seems compatable with most everything I had. A few exceptions were Nero 6, which I've updated to the latest version now, and something else, which I've also updated, but forgot what it was. I've heard there's divx compability but I use xvid so it doesn't matter to me.

I've tested it at work with a backup system and it seems to work with our accounting and other business software. Seems like everything should be fine. We had to do updates to MS Office (yes, microsoft) and after the updates, everything worked well.

Also, the firewall is really easily disabled. If ZoneAlarm's installation can turn it off, what makes you think viruses and spyware won't be able to do the same?

Anyways, their security center thing is a good idea but not well excuted. Of course, I still use ZoneAlarm Pro and the hardware firewall built into my router.

No matter, I still think it's a good attempt, but it may not be good enough. Power users should not need the new security center thing as they already should be up to date with their security.

[AnimeOni]

I have over 100 apps installed and saw some minor compatibility issues but once I updated all to the latest version, I only have three apps that have "broken." Some of these apps deal mostly with TCP connections as stated earlier.

On another machine, about 10 apps broke. This machine contained a lot of network probes and such. This was to be expected since 5 of the apps did port scanning which SP2 protects against. '

Oh, as to the statement for ActiveX being terrible, you are most wrong. If you ever had to deal with databases, you will see the benefits of ActiveX over the other legacy applications. Writing COM applications is much easier and quicker to deploy. It's also very easy to connect to IBM DB2 and Oracle databases.

Overall, it's a good update and worth the update given the "limited" incompatiblity issues. Companies had plenty of time to update their software to be SP2 compatible - especially with the two month delay! Even my company was able to patch our software and get it to our clients last week. (Our programmers took advanatages of XP's security holes to get our apps to work so we had to program right to get it to work with SP2).
________
Buy silver surfer

[AOforever1]

Oh god, I'm overwhelmed @_@

I can't seem to resolve between "good update" or "bad update" in my mind.
I guess it's different for all everybody, depending on what your needs are, then you can weigh off the advantages and disadvantages.

[anime_layer]

Quote:

Originally Posted by Forse

-SP2 Limits connections (was pointed out before)

SP2 limits incomplete connections. This is not the same as limiting open connections and has much less impact - if you notice any.

Quote:

-SP2 conflicts with many applications:

The SP2 betas and RCs have been around for a long time and almost all developpers had time to update their software to work with SP2. I personally only had to update Nero.

Quote:

-SP2 includes a lot of useless stuff

Windows includes lots of useless stuff. SP2 adresses some important security considerations and even if they might be half-hearted, it's better than nothing.

[AnimeOni]

After re-reading all the posts in this thread (and various treads that are 'anti'-Microsoft), I would like to say, are most of you are 'supporting' Microsoft with your complaints?

Cases in point:

Complaint: Useless stuff - e.g. Anti-Pop-up, disable Active-X
A: Well, with SP2, it pretty much killed many small anti-popup compaines by providing a free pop-up killer and anti-scripting tools. People will say,why should I buy pop-up killers when one is free and now I get it with SP2 which EVERYONE says is needed to protect my security. Why should I get applications from Panicware which does almost the same thing but charges me?

Complaint: Microsoft does not provide a Firewall
A: It does and now is enabled by default in SP2. Why should I look at Mcafee or Norton which charges me $50/year? Can I do without the extra protection? Zonelabs (aka Checkpoint) may be too feature rich for my needs.

Complaint: It does not warn you of illegal activities and backdoors
A: It does with Firewall enabled.

Complaint: SP2 limits TCP connections
A: It only limits incomplete TCP connections. Incomplete TCP connections are typical for mal-form packet exploits and DDos attacks. It should have very little impact if any on your activites. If you get a whole lot of the errors, you should see what you have installed on your system since it can be an indicator of a trojan or other problems.

Complaint: Firewall is not complete.
A: It's free. If you are getting something for 'free' why complain about it?

Complaint: Microsoft does not include an anti-virus
A: It's coming ...

I can go on and on but what I'm wondering is, is it worth complaining about? The saying "the squeaky wheel gets the grease." If more people complain about 'tools' shortcomings, Microsoft may decide to include it for free in Longhorn and crush more competition.

What people complained in the past
- Internet Browser - IE (licensed from Spyglass and now the dominant browser)
- Search toolbars - MSN toolbar (available). Possible inclusion in IE 7?
- Search Engine - MSN search (available)
- Share Internet connection (available)
- Firewall - XP limited functionailtiy

Future...
- Anti-Virus - MSN Anti-virus (soon...). and may be incl for free!

I'm not advocating for Microsoft (I'm a UNIX guy myself) but are the complainers here acting more as supporters? We should be moving forward to the next set of hacks instead of dwelling on the past.
________
Plymouth Pronto Spyder Specifications

[Forse]

First of all firewall is not complete and yeah it's free (there are better products which are also free) but it doesn't for example stop OUTGOING traffic and by default it has only mail and http ports open. Yeah it's good for old grandparents who are afraid of "breaking" their computer. I hate how MS enables all useless shit by default. What if I am not 50 year old and I know how to use my computer? Many programs that conflic with SP2 are microsoft made which already tells you a lot. Second of all old drivers really hate SP2 and not everyone has top of the line components.

I myself hate the whole integration idea...it's same as it was with IE, MS is monopolizing the market. I never paid for any ms product and I never will. Their strategy is wrong.

Anyway if SP2 works for you then great, but I will not install such useless stuff on my PC. Did sp2 bring anything REALLY useful to windows users? Most of windows users already have firewall installed...and most of users have Anti-Virus installed, why should they change? But yeah maybe MS should ship with anti-virus builtin coz so far most viruses in the world are made for Windows.

Let's take example...linux. It was build with security in mind and many years have passed and still they're less then 10 viruses for *nix. I don't need to even remind you of ammount of viruses for windows.

So lesson here: build with security in mind so there won't be a need to release a 250mb "patch" to cover up the holes!

P.S. But on the other side look how much buisness ms created for antivirus/firewall/popup blocker companies Also note I am not all anti-ms...but somethings just make me wonder.

[AnimeOni]

In addition, how many ex-Microsoft people started their own companies supporting microsoft technology or shortcomings. :P

I think MSFT should get back to the basics of Windows (stripped of all the junk) and build up from there. Most of the holes are from the value-added features that are included.

When I first used Redhat, it was very secure. When Redhat included Apache, it introduced the Apache flaws (circa 1999). Now Redhat had to deal with more than one front.

This goes to show, as more companies begin to bundle 3rd party apps, no matter who you, are, you will get bitten. In Microsoft's case, they are in critical-care.

IMHO, SP2 is a first step to bring this XP patient back to stable condition but it's a long recovery process that will take years. Some people are going to hate the recovery process and some people are going to get rich off it. It's just a fact of life and we have to move on.

BTW, it's a 288MB patch that includes all XP platforms. You made it seem 'small'
________
HEALTH SHOP

[AOforever1]

Quote:

Originally Posted by Forse

Yeah it's good for old grandparents who are afraid of "breaking" their computer. I hate how MS enables all useless shit by default. What if I am not 50 year old and I know how to use my computer?

OKAY, granted microsoft may be a money greeding monoply as well, but keep in mind Forse that not everyone that uses a computer is like you or any other computer expert. MS designs things like this intentionally for those people that don't understand much and will take what's simple and given to them on the screen by a big name company. Remember, the user can always change and adjust things to their liking.

Also, as you add more and more things on to programs, there will be more bugs, holes, etc. Where as *nix isn't doing anything significant.

I'm going to say this again, this may be a patch that is beneficial to you / troublesome / or it may mean nothing. It all depends on what kind of user you are.

[anime_layer]

Quote:

Originally Posted by Forse

Let's take example...linux. It was build with security in mind and many years have passed and still they're less then 10 viruses for *nix. I don't need to even remind you of ammount of viruses for windows.

I do favor linux but that example just doesn't work. You can't compare an operating system with 95% market share that's used by virtually all kind of people (from the skilled developer to old grannies) to a high-maintenance niche system like linux.
If the world were upside down and linux had 95% market share, linux's security wouldn't be as good. There security holes are regularly discovered in linux and if would take weeks for half of all system to get patched, viruses could spread quickly. Incidents like the debian source code injection show that OS systems have their own security problems to face.
I don't say it would be the same as windows. Security holes not being ignored until the first viruses exploit them would help a lot. But it's not like there would be only nine viruses for...

[AnimeOni]

I agree with Anime_Layer. If you are on top, they (hackers/virus writers) will come after you. It all comes down to hacker's egos. They get off by gaining attention and what better way than taking on the big boys and getting away with it. As Linux gains acceptance, the # of viruses will increase.

A good example is the P2P networks. As P2P took off, the number of P2P borne viruses increases.
________
Mercedes-benz t2 history

[AOforever1]

That's the same thing i was implying in my previous post. I hope that's the end of the OS wars in this thread.

Over all though, this must of been one of MS's craziest patches. 288 meg dl *_*
And the SP2 admin install package is a whopper sized 400 something almost 500 megs x_X

[Cruzz]

Quote:

Originally Posted by Forse

First of all firewall is not complete and yeah it's free (there are better products which are also free) but it doesn't for example stop OUTGOING traffic and by default it has only mail and http ports open. Yeah it's good for old grandparents who are afraid of "breaking" their computer. I hate how MS enables all useless shit by default. What if I am not 50 year old and I know how to use my computer? Many programs that conflic with SP2 are microsoft made which already tells you a lot. Second of all old drivers really hate SP2 and not everyone has top of the line components.

To be honest, blocking outgoing connections is both somewhat useless as well as exceedingly difficult in a Windows environment . It is somewhat useful for stopping normal programs from calling home but it won't do any good against a program that *really* wants to connect to the net as it isn't exactly difficult to make your program connect through other programs like your web browser. Also, because the vast majority of people using Windows have administrator rights all the time, any malicious program can disable the firewall if it wants to.

[AnimeOni]

The way that Microsoft has 'blocked' outgoing connection is weak but it does provide the non-techie and those who do not want to spend money a mini-firewall. Something is better than nothing IMHO. It does provide some protection but, I agree, it is difficult.


There are new viruses that disables firewalls like ZoneAlarm, Norton and others. This is the new breed of trojans. Hackers are getting smarter and they now have a financial gain in writing new and effective code. If you take a look at this article on ZDNET (http://zdnet.com.com/2100-1105_2-531...=zdfd.newsfeed), ignore the usual flamewars at the bottom, you will see that SPAMMERS and virus writers are teaming up to use 'your' system more effectively.

On another note, my coworker (self proclaimed Linux Blackbelt) said that Linux users should start to also worry. With all the 'boasting' that Linux admins say that they can handle more connections than Windows users, that means that SPAMMERS may soon target Linux to exploit the more efficient systems. e.g. Windows server at our location craps out at 10,000 e-mails a sec while a Linux server craps out at 20,000 e-mails. So WHEN (it's not an IF anymore) a trojan gets hold of a Linux box, that means that the problem is 2X multiplied. After that discussion, I disabled unused ports my test Linux server at home just to be on the safe side. :P
________
FERRARI 575M MARANELLO HISTORY

[Forse]

Quote:

Originally Posted by AnimeOni

The way that Microsoft has 'blocked' outgoing connection is weak but it does provide the non-techie and those who do not want to spend money a mini-firewall. Something is better than nothing IMHO. It does provide some protection but, I agree, it is difficult.


There are new viruses that disables firewalls like ZoneAlarm, Norton and others. This is the new breed of trojans. Hackers are getting smarter and they now have a financial gain in writing new and effective code. If you take a look at this article on ZDNET (http://zdnet.com.com/2100-1105_2-531...=zdfd.newsfeed), ignore the usual flamewars at the bottom, you will see that SPAMMERS and virus writers are teaming up to use 'your' system more effectively.

On another note, my coworker (self proclaimed Linux Blackbelt) said that Linux users should start to also worry. With all the 'boasting' that Linux admins say that they can handle more connections than Windows users, that means that SPAMMERS may soon target Linux to exploit the more efficient systems. e.g. Windows server at our location craps out at 10,000 e-mails a sec while a Linux server craps out at 20,000 e-mails. So WHEN (it's not an IF anymore) a trojan gets hold of a Linux box, that means that the problem is 2X multiplied. After that discussion, I disabled unused ports my test Linux server at home just to be on the safe side. :P

Hmm....First of all linux is most likely used by person who knows what he is doing. Windows on the other hand is different. I think maybe only 30% of ppl use windows and know what they're doing (think how many ppl use it in office etc). When it comes to servers (unix ones) I am paranoid. I am running SeLinux kernel and I don't do any local logging etc...even if they get a hold of my root they still will just have a normal user account

But anyway SP2 in my mind tries to raise the bar of windows security...for those who don't know much about it.

Quote:

Originally Posted by Cruzz

To be honest, blocking outgoing connections is both somewhat useless as well as exceedingly difficult in a Windows environment . It is somewhat useful for stopping normal programs from calling home but it won't do any good against a program that *really* wants to connect to the net as it isn't exactly difficult to make your program connect through other programs like your web browser. Also, because the vast majority of people using Windows have administrator rights all the time, any malicious program can disable the firewall if it wants to.

First of all it's not useless! Many viruses are used to DDoS something and by blocking outgoing connection from but a few needed programs u can make sure u don't become one of the zombie army. Also many viruses try to send itself to everyone in your mail box. And third you can stop programs for calling home and verifying serials etc

Yeah viruses can disable software firewall and thats why I rely on hardware firewall myself. New nvidia mobo chipsets come with builtin firewall that u can control via browser...I think it's great idea, coz software firewall just isn't good enough not matter if it's made by MS or any other company.

-EDIT- SP2 was delayed due to testing and such...but looks like they didn't do a good job once again: http://www.heise.de/security/artikel/50051

[Green²]

I got the SP2 from the Windows Update webside today for one of my computers. (About 80MB) Though, the install did go smooth on my end. But for anyone who plans on installing it, do expect the install process to take at least an half hour. Yet of course the download time will vary depending on the net connection speed, though adding additional time to the near half hour install time.


Ok,.. for what many of you really want to know:

EventID 4226 TCP/IP - I haven't seen one instance of this while running the Azureus bittorrent program.

Download & Upload speeds on Azureus are about no different than on SP1.

Should something go wrong with the SP2 install, the installer appears to setup a recovery point during the install should something go fubar. Though no idea if it works as I haven't ran into any SP2 install problems. Just make sure that you close out of all programs before the install to help prevent any install issues.

If you use any custom visual styles, any previously patched uxtheme.dll will be replaced during the SP2 install. Thus you will need to get a updated version here ONLY if you intend to use custom visual styles. I recommend switching to the default Luna theme before the SP2 install to prevent any quirks during and after the SP2 install.

[Cichlisuite]

Ive installed SP2 with no difficulties or software conflicts. The new features are convienient though, give microsoft a plus for that.
Now only if they get their asses in gear and release XP 64......

[AnimeOni]

Quote:

Originally Posted by Green?

Should something go wrong with the SP2 install, the installer appears to setup a recovery point during the install should something go fubar. Though no idea if it works as I haven't ran into any SP2 install problems. Just make sure that you close out of all programs before the install to help prevent any install issues.

How to make a computer go fubar. Please try this on someone else's computer and do not do it at work. :P

1. Begin installation on laptop plugged in. Battery should be around 20-40% charged when beginning.
2. Remove A/C adapter when installer begins.
3. Run away.
4. Wait for screams.
________
WOW