Might be a good idea to open a commmand window first? Start, Programs, Accesoires, Command Prompt. How did you ever got along without the shell?
Might be a good idea to read the fine manual and running the install program (install.cmd) instead of the userland configuration tool with no parameters whatsoever?
Sure, you'd need head.exe and tail.exe from GnuWin32, Win32-Bintools or WSFU, as they're bintools and no ZShell commands.
Nonsense. A NAT Router won't be able to stop it either. And when a simple program can kill a system service you're running with Admin rights, and that's a much bigger problem. Anyway, ZA is easily bypassed.
Better take a look at
formatting link
Beside one little, hard-to-exploit vulnerability in the TCP/IP stack, you can simply shut down any unneeded vulnerable service. And guess what? It works!
Sebastian wrote on Wed, 22 Mar 2006 11:23:24 +0100:
But it's better than nothing whatsoever to prevent incoming connections, or a software firewall panacea.
The router will stop inbound connections. Preventing outbound connections is the wrong way to look at things - if you need to do that, it's already too late.
And how many people who "count our breaths" while installing XP would even think to do that? You need to remember that in this case, and pretty much involving people who rely on software firewalls, that they are not technical users.
A so-called TCP/IP stack prevents incoming connections very well and even in a RFC-conformant manner.
Some, and only as a side effect.
About the same mass that has been convinced to use Personal Network Discos?
That's why they cannot rely on software firewalls because that requires technical understanding. Shutting down unneeded services once and forever is a one-time-action, reliable and with good documentation a pretty easy thing.
Sebastian wrote on Wed, 22 Mar 2006 11:29:41 +0100:
It also allows incoming connections to any listening ports - after all, that's what it's for. Until MS and OEM suppliers lock down the OS so that out of the box nothing is listening, there will be some configuration required. It's a shame that you seem unable to grasp that this is the case, as some of your advice is actually worth reading.
99% of NAT routers will stop all inbound connections. Some stupidly allow connections to admin ports on the WAN interface. Most NAT routers on the market also have enough SPI capability to keep track of outbound connections. Allowing packets in response to established outbound connections is not the same as blindly allowing incoming connections - if responses aren't allowed either, you might as well just take a pair of pliers to the internet connection and cut it. Are you know going to claim that my Cisco PIX 515-UR isn't a firewall (and I know it's more than just a NAT router - but it's an example of taking your response to the extreme) simply because out of the box it denies all inbound connections and allows all packets responding to established outgoing connections? Strange how it can be certified as a firewall if that's the case.
And how do you suppose they get documentation? MS and OEM suppliers certainly don't supply it - so they get it from the web. And how do you think they connect to the web? They hook up their shiny new PC and ... oh, too late, they're hooked up to the internet and open to abuse. Do you ever stop to think about how to apply your suggestions in the real world?
Unfortenately, I fear that you're wrong here. Just test what your router is doing, if a packet seems to come from a (spoofed) internal address from the Internet.
You're a *clown* to no end -- begging all the way for help you can't understand. You should get on your big-wheel and go make some noise in street traffic, maybe the freeway. Maybe, you can control that traffic with ZA so that you won't get hit. Do make sure you boot the computer on the big-wheel first before you hit the road.
And as I said to Sebastian, for consumers to get to that info they already have be on the net - and by then it's too late in many cases. Do you really think those 2 sites have any influence over what MS or large OEMs like Dell do?
My Netgear DG834 at home ignores it. This is considered a simple NAT router by many. It's SPI is only basic. Yet out of the box with no configuration it ignores those packets.
Which is my point exactly. The people who build their own PC and install the OS can use this info. The people who are the ones who really need it are the non-techies who buy a PC without SP2 on it in a clearance sale, or get an older PC off a friend. Those are the ones who end up getting infected and cause trouble for the rest of us.
Good luck to you. I work for an MS partner - and we have trouble getting anything done just for our small relationship with Microsoft Press!
As I previously mentioned to V, back in '97 or '98 I wrote an article and placed it on the 'net on how to accomplish the task of 'hardening' Windows NT4 in preparation for installing a firewall product I was responsible for. I was happy to know the article was extremely popular and well received amongst the customer base not only for the implementation of the firewall product, but for general use of their systems.
Several years later I discovered a book entitled 'Securing Windows NT/2000 Servers' published by O'Reilly. Naturally I picked up a copy and read it with interest. I swear the section on building a bastion NT host was lifted from my article. Of course I know it wasn't, but everything it referred to I did as well, but three or four years earlier. One thing the book provided that I never touched upon in my article was hacking up certain registry keys.
In summary it's a great book and well worth the price, assuming you have Windows NT4 and 2000 systems still in use.
I'm pretty sure I have that on my shelf, along with a bunch of other O'Reilly security and admin books. I work for, and run the IT systems for, a number of UK online bookstores, so I get access to free copies of any IT book I should happen to want to add to my shelf :)
Sebastian wrote on Wed, 22 Mar 2006 17:53:01 +0100:
Saying that the TCP/IP stack prevents incoming connections is like saying that a car can be stopped with it's brakes - they're not on by default, and you have to know how to use them. The fact is that out of the box pre-SP2 XP and earlier MS OS's have a number of services running by default that can be connected to if nothing is there to prevent it - and the majority of PC owners are clueless people who have no idea that these are running.
I know they don't - I spend many days fielding phone calls for Microsoft Press UK trying to explain to people that MS don't supply *any* manuals. You get some crappy online help, and that's it.
Try telling the PC stores to put a sticker saying that on their boxes - they'll just laugh at you. Not everybody who buys a PC knows someone who can help them out - there's plenty of proof of that already.
So you have the addresses of every PC owner on the planet and you're sending that documentation out? I'll keep my eyes on the post.
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here.
All logos and trade names are the property of their respective owners.