nanog mailing list archives

Re: Microsoft XP SP2 (was Re: Lazy network operators - NOT)


From: "Jeff Shultz, WIllamette Valley Internet" <jeffshultz () wvi com>
Date: Mon, 19 Apr 2004 11:27:14 -0700


** Reply to message from "Jonathan M. Slivko"
<jonathan.slivko () earthlink net> on Mon, 19 Apr 2004 13:57:43 -0400
(GMT-04:00)

-----Original Message-----
From: "Jeff Shultz, WIllamette Valley Internet" <jeffshultz () wvi com>
Sent: Apr 19, 2004 1:39 PM
To: "'nanog () merit edu'" <nanog () merit edu>
Subject: Re: Microsoft XP SP2 (was Re: Lazy network operators - NOT)

I can burn a CD from ISO in about 5 minutes - how about you? 
I'm talking about XP users who haven't even updated as far as SP1.
Win98 users who have never run an update in their life...  
Win2k users are usually the most patched up that I've seen - because
that went into mostly business environments. 

This would at least get them up to the level of the playing field,
where the routine updates are not as much of a hassle.  Sure, you'll
get the little old ladies and gentlemen who will drop by every month
for their service pack fix, but that's just customer service. 

Doesn't Windows XP automatically do this by default currently?

No, but it will ask you if you want to configure automatic updates.
That's still not going to do much for the dialup user who has to
download SP1.  And we're also talking about the majority of customers
who don't have WinXP - and won't be getting it. 

If not,
it's something that Microsoft should consider setting to "ON"
automatically to help defend the users from hackers, and in the same
turn, help defend the ISP's network from being maliciously attacked or
used for illegitimate purposes. 

Then you come up against the "I don't want MS messing with my machine
without my permission!" bunch. Who, incidentally, have a valid point. 
Turning the firewall on by default in SP2 is going to have...
interesting results I imagine. Esp. in company environments that  use
Netbios over TCP/IP.  I assume it will firewall 137-140/445 by default. 

However - I do think that Windows needs
some more improvements in the area of security (which UNIX/Linux
already has). However - to Microsoft's credit, they seem to be doing a
rather nice  job of actually beefing up their security practices. Now,
if only they could figure out how to make Outlook/Outlook Express more
security-concious because as of the time of this writing, the Outlook
Express/Outlook defaults are extremely unsafe.

Does anyone have/care to post a URL that explains how to set Outlook
Express/Outlook to be more secure?


That's easy. In Outlook Express: Tools-->Options-->Read. Check the box
"Read all messages in plain text" 

You've just massively improved OE's security. Outlook.... doesn't do
this yet, does it? I haven't dug through Office 2003 much yet.
-- 
Jeff Shultz
Network Technician
Willamette Valley Internet


Current thread: