I've just been reminded that Microsoft has actually built in an API so an application running under administrative accounts can programmatically configure and/or shut-down the Windows Firewall. Er... DOH!!!!
Hold on, does every user using Windows XP Home run their computer under an administrative account? Again... DOH!!!! Oh well. Can't win them all. At 16:03 08/09/2004, Alan Watchorn wrote: >Myron, > >What you say bears merit for 'the poor un-educated user' as you term him. >I had assumed the reader of this list had a fair amount of computer savvy >and was teaching his users to use their heads (I know I certainly have >done that and about 30% of my users report ANYTHING suspicious to me - >keeps me busy!) With one exception, all my users, even remote, operate >behind a router which provides a fair measure of protection. It is hard, >nay almost impossible, to protect against a user who opens e-mail >attachments or clicks through ads on the Internet (and I have educated my >users that that is high risk behavior). > >I think you advice is good. I will try to temper my advice and only quote >my experience with the caveat that what I recommend is only for the >sophisticated user. > >Alan. > > >Alan Watchorn >Eshelman Appraisals, Inc. >[EMAIL PROTECTED] >Phone (760) 692-4302 >Fax (760) 692-4303 > >[EMAIL PROTECTED] said: >> So far I'm quietly watching the progress of topics like this in this >> discussion list as well as several other discussion forums and what I read >> is frightening, which to me states that Microsoft is right regarding >> automatically turning on the firewall on XP's service pack 2. What I >> don't agree with is turning off the messenger and alerted services, but at >> least this is documented and can be turned back on again, but this is >> going off-topic regarding this list. >> >> John, Windows XP has always had a firewall built in, all be it a simple >> firewall, but it's there. For convenience the default configuration was >> that it was not turned on. >> >> Another frightening situation is that many ISP auto-installation scripts >> that branded Outlook Express, Internet Explorer and auto-installed the >> connectiod omitted to turn the firewall on! So the poor un-educated user >> would then connect with their modem to the Internet and expose the entire >> operating system to the world. >> >> Now that this mechanism has been changed everyone is complaining because >> it's taking more effort to host servers and services on Windows XP with >> SP-2 installed. >> >> It is not a good idea for any application program to control the port >> forwarding rules on ANY firewall. If this was the case then a virus could >> land on the computer and configure the firewall itself to allow hackers to >> communicate with it. >> >> Like UPnP on routers is bad news. I have this facility turned off and >> take time to turn ports and forwarding rules on and off manually. >> >> What everyone really needs to do, regardless of the program being used, >> find out what inbound ports a legitimate service/server requires and >> manually configure the firewall and/or router. >> >> >> At 01:14 08/09/2004, Wall, John wrote: >>>Hi Alan, >>> >>>I have not installed SP2 on XP platform although I did once install the >>> beta >>>version and immediately uninstalled it because nothing worked afterwards. >>> >>>My understanding of SP2 XP is that is closes off all ports thus VNC I >>> assume >>>is stumped. I have not reinstalled SP2 XP but our employer is eager to >>> start >>>the procedure and I am concerned about VNC with this installation. >>> >>>As yet haven't read up on what to do but I have read that SP2 XP installs >>> a >>>firewall with all ports closed off. >>> >>>So it is possible you need to look at the need to open port 5900 VNC and >>>5800 Javascript VNC via a browser. >>> >>>Just a thought but I would be interested from fellow users of VNC as I >>>myself will need to know how to open these ports once SP2 XP has been >>>installed. >>> >>>Regards. >>> >>>John >>> >>>> ---------- >>>> From: Alan Watchorn[SMTP:[EMAIL PROTECTED] >>>> Sent: Wednesday, 8 September 2004 12:39 AM >>>> To: VNC List >>>> Subject: RE: server closed connection unexpectedly >>>> >>>> I use VNC 4.0 on WinXP, Win2000 and Win98 and I have not had any >>>> problems. >>>> I installed for the first time using VNC 4.0 and have not had any >>>> experience >>>> with earlier versions or upgrades. Have you tried uninstalling the old >>>> version and installing the new version from scratch? >>>> >>>> Alan Watchorn >>>> [EMAIL PROTECTED] >>>> (760) 692-4300 >>>> >>>> -----Original Message----- >>>> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] >>>> Behalf Of [EMAIL PROTECTED] >>>> Sent: Tuesday, September 07, 2004 12:40 AM >>>> To: [EMAIL PROTECTED] >>>> Subject: server closed connection unexpectedly >>>> >>>> >>>> Today i updated form vnc 3.3 to 4.0... since i'm "using" 4.0, on XP >>>> (pro >>>> and home whith SP2), i always get the message: >>>> "server closed connection unexpectedly" if i try to connect to the >>>> server. >>>> At the application log i found many errors: "SocketManager: unknown >>>> network event for listener". >>>> There is no firewall on this machines, also the XP firewall is >>>> inactive. >>>> >>>> Im really frustrated about this... all previous versions worked fine >>>> whithout of problems! >>>> _______________________________________________ >>>> VNC-List mailing list >>>> [EMAIL PROTECTED] >>>> To remove yourself from the list visit: >>>> http://www.realvnc.com/mailman/listinfo/vnc-list >>>> _______________________________________________ >>>> VNC-List mailing list >>>> [EMAIL PROTECTED] >>>> To remove yourself from the list visit: >>>> http://www.realvnc.com/mailman/listinfo/vnc-list >>>_______________________________________________ >>>VNC-List mailing list >>>[EMAIL PROTECTED] >>>To remove yourself from the list visit: >>>http://www.realvnc.com/mailman/listinfo/vnc-list >> _______________________________________________ >> VNC-List mailing list >> [EMAIL PROTECTED] >> To remove yourself from the list visit: >> http://www.realvnc.com/mailman/listinfo/vnc-list >_______________________________________________ >VNC-List mailing list >[EMAIL PROTECTED] >To remove yourself from the list visit: >http://www.realvnc.com/mailman/listinfo/vnc-list _______________________________________________ VNC-List mailing list [EMAIL PROTECTED] To remove yourself from the list visit: http://www.realvnc.com/mailman/listinfo/vnc-list
