<< Problems with Firefox 1.0SR Plugins | Home | News about IIS7 >>

Someone could say me that I'm having a bad dream? :(

If this story has something true, it's really one of the biggest flaws on a Microsoft product.

On Warp2Search has appeared a security alert, that in summary said this: your new Windows XP SP2 save your pc agains trojan horses, hackers, viruses and other intruders but it opens the door for everyone if you share files for your local area network. If you have an internal file sharing for your local LAN activated, your File and Printer sharing function is worldwide visible despite the active firewall functions.

I've no words... I can only say that it's really terrible if it's confirmed. Where is the XP SP2 security?

However, for my personal choice, during my XP SP2 installation I've chosen not to enable the built-in firewall, but continue to use my ZoneAlarm Firewall... I can monitor not only my incoming traffic, but also the outgoing traffic and this is really important.

I'm waiting to see what happens after this segnalation...

UPDATE September 18, 2004: news about this bug can be found HERE.

Print | posted on Friday, September 17, 2004 5:58 AM

Comments on this post

# Ditemi che

Requesting Gravatar...
Left by Stefano Demiliani WeBlog @ UgiDo on Sep 16, 2004 7:58 PM

# re: Someone could say me that I'm having a bad dream? :(

Requesting Gravatar...
Maybe this is the right time to switch to a _real_ operating system, leaving this toy for brain-smashed lamers.
Left by Witko on Sep 17, 2004 3:09 AM

# re: Someone could say me that I'm having a bad dream? :(

Requesting Gravatar...
An update from the bug discoverer:

Due to the bug carried over from SP1 as well as a new bug, the firewall configuration with SP2 has a catastrophic effect. The SP2 installation simply uses the previous configuration of the firewall: If it was active for the dial-up connection, now it also has been activated for the network adapter.
At the same time, an exception is determined for file and printer sharing: For the internal network card - and astonishingly also for all adapters.
With the first use of the dial-up connection after installing SP2, all of your shared data are available on the Internet. Now, other users can start guessing your passwords for administrator and guest and you basically are no more secure than the first Windows 95 users with an Internet connection - thanks to Service Pack 2.

How to correct the problem:
It is not advisable to keep this defective default configuration. However, the previous environment cannot be restored: The configuration for the firewall was changed, which does not allow the setting of active or inactive conditions or exceptions for each network adapter anymore. Now this only works for network areas.
Choose "Windows Firewall" in the in the Windows Control Panel and the there the tab "Exceptions". Select "File and Print Services" and click on "Edit". Now you can see four ports which are used by the file and print sharing service.
To lock the service to the outside and keep it open for the internal LAN, you have to individually select and change its area with the respective button. Our reader Yves Jerschov notified us of another bug: The value for the area set by default "Only for own network (Subnet)" only works, if the Internet Connection Sharing is activated. If this is not the case, your shared data are visible worldwide. This error can be corrected by choosing "User defined List" and entering the IP addresses that are supposed to have access - the IP addresses of your LAN. A whole range of an IP area can be entered as "192.168.x.0/255.255.255.0", if the respective addresses start with 192.168.x.

After these measures, you can be sure to be as safe as you were with SP1. Great, don't you think?
Left by Stefano Demiliani on Sep 18, 2004 3:51 AM

Your comment:

 (will show your gravatar)
 
Please add 3 and 2 and type the answer here: