Welcome, Guest. Please login or register.

Author Topic: Win2000 Paranoia  (Read 2711 times)

Description:

0 Members and 1 Guest are viewing this topic.

Offline that_punk_guyTopic starter

  • Hero Member
  • *****
  • Join Date: Aug 2002
  • Posts: 4526
    • Show only replies by that_punk_guy
Re: Win2000 Paranoia
« Reply #14 on: May 16, 2003, 10:01:07 AM »
Quote

carls wrote:
What exactly does this Service send? What ports is it using? Turns out I'm running SP3...


ZoneAlarm says:
"Services and Controller app: Listening to port(s): UDP: 1027"

And this is from the ZoneAlarm log after I blocked outgoing connections:
"Services and Controller app was unable to obtain permission for connecting to the Internet (194.168.8.100:DNS); access was denied.,N/A"

 

Offline Jaruzel

  • Sr. Member
  • ****
  • Join Date: May 2002
  • Posts: 327
    • Show only replies by Jaruzel
    • http://www.Jaruzel.com
Re: Win2000 Paranoia
« Reply #15 on: May 16, 2003, 10:34:39 AM »
Oh c'mon people. I know you all like Windows bashing, but this is silly.

Almost ALL of the Windows 2000/XP 'phone home' services can be disabled,  if you are  bothered to learn the OS a little bit. Pasting URLs to utilities that don't do anything extra other than save you a few mouse clicks, is counter productive and just fuels the FUD.

Any of the network packets still being released by Windows 2000/XP are just standard network management stuff, like IP allocation (netbios) browser identification, etc. Windows is a NETWORK Operating System, it's not supposed to sit on a LAN and be totally quiet.  Because some of the packets are 'broadcast' packets by design, your router will just forward them blindly onto the internet, and in fact probably don't get any further than your ISPs routers as those will have more sophisticated packet filtering mechanisms.

So stop panicing.  MS are not allowed by law (certainly in Europe, I can't speak for the US) to hold personal information on you without your express permission, and the  waffle in the EULA doesn't actually grant that.

Anyhow... UDP Port 1027 is used for RPC (Remote Procdure Calls) and is fired up by several apps, one of which is Messenger.  RPC is a necessary function of XP or 2000 in a network environment, and doesn't expose you to anything (providing you are patched, and behind a firewall).

If you really are that paranoid, just de-install all network and modem drivers. That will make you nice and secure, and I hope you enjoy your isolation.  ;-)

-Jar.
(MCSA, MVP, 8 Years Professional Windows Exp. )
Enlightened Gurus Always Meditate.
Custom MUD Server | See My A1200D(Sparc)
[A1200D(Sparc) / 68040-33Mhz]
 

Offline that_punk_guyTopic starter

  • Hero Member
  • *****
  • Join Date: Aug 2002
  • Posts: 4526
    • Show only replies by that_punk_guy
Re: Win2000 Paranoia
« Reply #16 on: May 16, 2003, 02:22:49 PM »
Quote
MS are not allowed by law (certainly in Europe, I can't speak for the US) to hold personal information on you without your express permission


Microsoft is above the law!!!  ;-)
 

Offline mikeymike

  • Hero Member
  • *****
  • Join Date: Nov 2002
  • Posts: 3413
  • Country: 00
    • Show only replies by mikeymike
Re: Win2000 Paranoia
« Reply #17 on: May 16, 2003, 02:33:00 PM »
@ that_punk_guy
Quote
Microsoft is above the law!!! ;-)


As much as the tobacco companies are, I guess... or at least "justice".
 

Offline amigamad

  • Hero Member
  • *****
  • Join Date: Mar 2002
  • Posts: 2159
    • Show only replies by amigamad
Re: Win2000 Paranoia
« Reply #18 on: May 16, 2003, 03:02:55 PM »
ihave these all not allowed to connect to the net nt kernel and system, services and controler lsa exacutable ,generic host, task scheduling and my net and computer are working fine .ntl cable modem connected to ethernet which does not slow my computer down like usb seems to.only allow something if it stops something working and only install sp2 avoid sp3 :-)
I once had an amigaone xe but sold it .

http://www.tamiyaclub.com
 

Offline carls

  • Hero Member
  • *****
  • Join Date: Mar 2002
  • Posts: 1047
    • Show only replies by carls
Re: Win2000 Paranoia
« Reply #19 on: May 16, 2003, 03:09:08 PM »
Quote

that_punk_guy wrote:
Quote

carls wrote:
What exactly does this Service send? What ports is it using? Turns out I'm running SP3...


ZoneAlarm says:
"Services and Controller app: Listening to port(s): UDP: 1027"

And this is from the ZoneAlarm log after I blocked outgoing connections:
"Services and Controller app was unable to obtain permission for connecting to the Internet (194.168.8.100:DNS); access was denied.,N/A"




Right... Off to block that in my D-Link then!
Amiga: Too weird to live, too rare to die.
 

  • Guest
Re: Win2000 Paranoia
« Reply #20 on: May 16, 2003, 03:48:52 PM »
Quote
. Yahoo Messenger (I couldn't for the life of me get the Linux version installed)


apt-get install gaim

problem solved. :-D
 

Offline zudobug

  • Hero Member
  • *****
  • Join Date: Apr 2002
  • Posts: 914
    • Show only replies by zudobug
Re: Win2000 Paranoia
« Reply #21 on: May 16, 2003, 03:52:09 PM »
Running a M$ OS and feeling paranoid?

Yoooouu should be!
Realtime amiga.org chatting on irc.synirc.net - #amiga.org and #coffeehouse
 


Offline Tesral

  • Full Member
  • ***
  • Join Date: Nov 2002
  • Posts: 136
    • Show only replies by Tesral
    • http://phoenixinn.iwarp.com
Re: Win2000 Paranoia
« Reply #23 on: May 16, 2003, 05:43:29 PM »
Quote

So stop panicing.  MS are not allowed by law (certainly in Europe, I can't speak for the US) to hold personal information on you without your express permission, and the  waffle in the EULA doesn't actually grant that.


And since when has Evil Bill lost any sleep over something a silly as the law?  He bought the right politicans and all his anti-trust worries vanished.  

So if he doesn't respect that, what does a little thing like privacy matter?
Garry   AKA   -Phoenix-   Rising Above the Flames

No More Secrets, No More Lies.
Si hoc legere scis nimium eruditionis habes
Olde Phoenix Inn  http://phoenixinn.iwarp.com
 

  • Guest
Re: Win2000 Paranoia
« Reply #24 on: May 16, 2003, 07:34:41 PM »
Quote
And since when has Evil Bill lost any sleep over something a silly as the law? He bought the right politicans and all his anti-trust worries vanished.

So if he doesn't respect that, what does a little thing like privacy matter?


Money talks in America!
 

Offline cecilia

  • Amiga Snob
  • Hero Member
  • *****
  • Join Date: Mar 2002
  • Posts: 4875
  • Country: 00
    • Show only replies by cecilia
    • http://cecilia.sawneybean.com/
Re: Win2000 Paranoia
« Reply #25 on: May 16, 2003, 09:05:12 PM »
i've been using ZoneAlarm for a couple of months and it works great. the only program really allowed to GET stuff in from the internet is Norton anti-virus.

i even turned off explorer from being allowed to go out. i only use Opera to browse.

no problems, no virus'. but then i don't use Outlook or any of that windows crap.

firewall, good! :-D
the no CARB diet- no Cheney, Ashcroft, Rumsfeld or Bush.
IFX CD Tutorial
 

  • Guest
Re: Win2000 Paranoia
« Reply #26 on: May 16, 2003, 09:19:19 PM »
Quote

cecilia wrote:
i've been using ZoneAlarm for a couple of months and it works great. the only program really allowed to GET stuff in from the internet is Norton anti-virus.

i even turned off explorer from being allowed to go out. i only use Opera to browse.

no problems, no virus'. but then i don't use Outlook or any of that windows crap.

firewall, good! :-D



But have you got access to the Firewall source code?  ;-) How do you know that it isn't 'phoning home' itself?  :-o

-edit-
An old hd-less 486 with 16Mb and a cdrom drive running a linux or *bsd based firewall is your best protection, and run bastille hardening scripts to secure your main *nix workstation and to learn something about security too. No Windows is the way to go!
 

Offline Ilwrath

Re: Win2000 Paranoia
« Reply #27 on: May 17, 2003, 12:59:45 AM »
@Jaruzel

Quote
Almost ALL of the Windows 2000/XP 'phone home' services can be disabled, if you are bothered to learn the OS a little bit.


True... But they re-enable themselves after every service pack, several of the stand-alone critical updates (TechNet), all Internet Explorer point updates (5.0 -> 5.5 -> 6.0) and who knows when else...

Plus, having things disabled in Windows doesn't mean a whole hell of a lot.  I have a set of snapshots and logfiles of a Windows 2k server that I admin attempting to open an outgoing SMB connection on a network card SMB wasn't even bound to!!  

Back in the Windows 3.1 days, I used to hate Microsoft for putting out poor product.  Since then, the Windows 9x series was quite improved.  I stopped hating them.  The Windows NT series (I used to be NT4 server, workstation certified) was excellent.  Now the mainstream OS of Windows XP and Windows 2000 Pro/Server are technologically excellent, but I just can't live with the politics of Microsoft.  

I'm sick and tired of having to wonder what services got turned back on while I wasn't looking.  I'm sick and tired of them releasing patches to "Windows Update" while not allowing them to be downloaded elsewhere.  (Try to patch/fix the CRITICAL SECURITY FLAWS in the Microsoft VM without using Windows Update??  Guess what...  You can't, anymore, because they deleted the update patch files from their support areas, and claimed it was because of the court order, yet you can get the file from Windows Update!)  

In short, if I have to spend my time battling a computer, I'd rather be fighting over technical glitches, rather than fighting to disable the "features" certain companies feel I can't live without.

Quote
If you really are that paranoid, just de-install all network and modem drivers. That will make you nice and secure, and I hope you enjoy your isolation.


Don't even trust this...  See my comments above.  Honestly, I think the only way left to secure Windows is to pull the network (or phone) plug before booting it.
 

Offline Karlos

  • Sockologist
  • Global Moderator
  • Hero Member
  • *****
  • Join Date: Nov 2002
  • Posts: 16867
  • Country: gb
  • Thanked: 4 times
    • Show only replies by Karlos
Re: Win2000 Paranoia
« Reply #28 on: May 17, 2003, 01:18:07 AM »
Chill guys.

Use a decent firewall and thats it. I used to use zone alarm but some IM spam still got through, so I changed to Sygate Personal Firewall 5 (free for personal use) and it's the dogs doodads.
Nothing can even look at your modem without permission :-)

It has backtrace facilities and other features you won't find in ZA.

I never had Win2K sp 3 attempting to connect to the internet by itself in the first place. I dunno what your settings are like but turn off automatic updates and other nonsense.

Disable a few services that auto start (set them to manual) and thats that. You can get info for each one individually. Plus disablinmg some of the unneeded crap that otherwise auto starts saves some ram too.
int p; // A
 

Offline Ilwrath

Re: Win2000 Paranoia
« Reply #29 from previous page: May 17, 2003, 01:43:43 AM »
Quote
Use a decent firewall and thats it. I used to use zone alarm but some IM spam still got through


Hmm... Yep.  Sounds pretty secure.  Of course, you realize that if the IM spam is getting through, it basically means you have no security at all at that moment....

Yes, a GOOD firewall, with GOOD rules set will make for a reasonably secure system.  The thing is, setting those rules is a real pain in the arse.  It's a never-ending job.  Do you want to see the rule-list for my firewall?  It has more blackholed ports than I can count.  As Karl Sagan would say "Billions and Billions"...  (Ok, maybe not that many, but still... it's more than 20 insecure ports I have to block in both directions!)  

Quote
I never had Win2K sp 3 attempting to connect to the internet by itself in the first place. I dunno what your settings are like but turn off automatic updates and other nonsense.


Would you even know?  Do you examine what packets are leaving your machine?  Do you run a firewall on a seperate machine?  Do you want to see my firewall logs for what kind of crap a Win2k machine with all non-essential services set to Disabled still spews out?  Hope you have a large e-mail account.  There's megs of it... From each 24x7 server, and that's for this month, alone.

In conclusion, though, yes, it is possible to secure yourself against most (>99%) of all threats to Windows.  My argument is that it has grown to be more trouble than it's worth. Therefore, in newer jobs I am using Linux more and more.  It's free from the BSA audits, it's free from many of the Windows annoyance virus/worms, and it's free from
auto-update features that turn themselves back on when I'm not looking.

What's best for you?  I don't know.  There's no doubt that a poorly configured Linux box is less secure than a well secured Windows box.  A little knowledge and prevention goes a long way...  

My only thought is that at this point, I'd rather spend my time fighting technical issues than political ones.  Probably a lot of it is that I'm just burned out on Microsoft, too, though.  There's only so many times you can go through the checklist of re-locking down a box before you just get so tired of looking at it that you'd rather chuck it out to the curb.  

At least with Linux, I'm running into NEW bugs, problems, and issues.  ;-)