MoocherChiken
11-10-2003, 05:02 PM
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnwxp/html/securityinxpsp2.asp
"Feature":
Boot time security. In earlier versions of Windows there is a window of time between when the network stack started and when ICF provided protection. Consequently, a packet could have been received and delivered to a service without ICF filtering it, potentially exposing the computer to vulnerabilities. In SP2, the firewall driver has a static rule called a boot-time policy to perform stateful filtering. This will allow the computer to perform basic networking tasks such as DNS and DHCP and communicate with a Domain Controller to obtain policy. Once the firewall service is running, it will load and apply the run-time ICF policy and remove the boot-time filters. This change should increase system security without affecting applications.
In other words, before Service Pack 2, the firewall is enabled AFTER the network starts.
I'm wondering if Microsoft has all these holes just so that they can take credit for paching them and calling them "Security Features". :clubbed: :bang:
"Feature":
Boot time security. In earlier versions of Windows there is a window of time between when the network stack started and when ICF provided protection. Consequently, a packet could have been received and delivered to a service without ICF filtering it, potentially exposing the computer to vulnerabilities. In SP2, the firewall driver has a static rule called a boot-time policy to perform stateful filtering. This will allow the computer to perform basic networking tasks such as DNS and DHCP and communicate with a Domain Controller to obtain policy. Once the firewall service is running, it will load and apply the run-time ICF policy and remove the boot-time filters. This change should increase system security without affecting applications.
In other words, before Service Pack 2, the firewall is enabled AFTER the network starts.
I'm wondering if Microsoft has all these holes just so that they can take credit for paching them and calling them "Security Features". :clubbed: :bang: