Amiga.org
The "Not Quite Amiga but still computer related category" => Alternative Operating Systems => Topic started by: that_punk_guy on May 15, 2003, 10:09:14 PM
-
Does anyone know what the "Services and Controller app" in Windows 2000 Pro is for and why it needs to access the internet so frequently? ;-)
-
that_punk_guy wrote:
Does anyone know what the "Services and Controller app" in Windows 2000 Pro is for and why it needs to access the internet so frequently? ;-)
It is Paranoia when they reall ARE out to control your life?
-
Tesral wrote:
that_punk_guy wrote:
Does anyone know what the "Services and Controller app" in Windows 2000 Pro is for and why it needs to access the internet so frequently? ;-)
It is Paranoia when they reall ARE out to control your life?
...not sure if I should "lol" or not :-D
-
IIRC it's needed for your internet connection... If I'm not mistaken it allows your PC to use the DNS servers
.edit. I do think you need it to connect to the Internet, but it may not need to accept incomming connections. Anyway, try a search in groups at google.
-
Block the outgoing connections using a firewall. Then you won't need to be paranoid anymore. Until you hear the screech of tires outside your house, that is...
-
Welll.. depends alot of what service packs you have installed to it.. WIn2k SP3 has a majoritely same Spywares included as windows XP.. So if you have that installed, it's definitely no longer only imagination.. :-o
-
WIn2k SP3 has........
ditto to that
Am I EVER glad I took the time to read that EXTENDED EULA crap attatched to W2KSP3
whew
not that it matter when I only use W2K for games only and never for internet
of course this may change depending upon the SCO lawsuit
die SCO die
-
thanks guys :-)
well with outgoing connections blocked I get no web access, although i havent noticed any problems with blocking incoming connections yet... P2P's working okay...
Said Service Pack has been removed ;-) heres hoping my installation is not still tainted 'cause I'm *so* not installing the damn thing again :-P
nighty night everyone he he :-D
Zzzzzzzzzzzzzzzzzzzzzzzzz......
-
Man... I tell you what.... I finally got sick of the daily battle against spyware and went with RedHat 9 on my main PC. I can't say it's been totally painless, but with a few annoyances, I haven't booted into Windows in 2 weeks for anything other than a few games. I'm thinking of blocking the Windows side of the PC at the firewall -- no access, at all.
It really seems to be the only way to secure it, anymore. It's hard enough setting firewall rules and patches to keep the 5kr1p7 kiddies out, but then you add in having to keep it from phoning home all the damn time... It just isn't worth it... ;-) I'll put up with technical glitches, but when I have to fight my OS over politics, I draw the line. Make mine "Free as in speech," please. I've had enough financial and moral bankruptcy for a while.
-
@KennyR
Block the outgoing connections using a firewall. Then you won't need to be paranoid anymore. Until you hear the screech of tires outside your house, that is...
-------------------
There was one server at work that did exactly that. Win2k wanted to update itself by connecting to internet, causing over 1000 hits to firewall per second.
Lermme tell you, the firewall's log was very booooooring to read :-)
Would never accept 2k here at home.. I almost compare it to Millennium. Yach.
-
Ilwrath wrote:
Man... I tell you what.... I finally got sick of the daily battle against spyware and went with RedHat 9 on my main PC. I can't say it's been totally painless but then you add in having to keep it from phoning home all the damn time... It just isn't worth it... ;-) I'll put up with technical glitches, but when I have to fight my OS over politics, I draw the line. Make mine "Free as in speech," please. I've had enough financial and moral bankruptcy for a while.
I have a new server on the desk. Well half a server, I'm still building the thing. I fought with windows long enough I tossed it and installed SuES Linux 8.2. Yes, I have a steep learning curve ahead of me, but I feel cleaner and freer about a computer than I have since I hammered Amigastine back into existence. Free as speech sounds like music to my ears.
I *will not* pay the Microsoft tax ever again.
I *will not* buy from any dealer that forces me to pay for an OS I do not want and do not need.
-
What exactly does this Service send? What ports is it using? Turns out I'm running SP3...
-
I use AntiSpy XP 3.71 to modify the registry.
Works nice with Win2000 SP3 or Windows XP.
But the best choice is don't use Windows :-)
-
Currently just a few things tie me to Windows:
1. Nero Cover Designer
2. Yahoo Messenger (I couldn't for the life of me get the Linux version installed)
3. Cakewalk Home Studio
Other than that, a few games and video codecs....
I never could get Neutrino or BeOS working, and I can't use Unix 'cause I only have an IQ of 111 :-D
I found xp-AntiSpy (http://www.xp-antispy.de/), but it's not really making me feel much better about the state of the world :-)
ta!
-
carls wrote:
What exactly does this Service send? What ports is it using? Turns out I'm running SP3...
ZoneAlarm says:
"Services and Controller app: Listening to port(s): UDP: 1027"
And this is from the ZoneAlarm log after I blocked outgoing connections:
"Services and Controller app was unable to obtain permission for connecting to the Internet (194.168.8.100:DNS); access was denied.,N/A"
-
Oh c'mon people. I know you all like Windows bashing, but this is silly.
Almost ALL of the Windows 2000/XP 'phone home' services can be disabled, if you are bothered to learn the OS a little bit. Pasting URLs to utilities that don't do anything extra other than save you a few mouse clicks, is counter productive and just fuels the FUD.
Any of the network packets still being released by Windows 2000/XP are just standard network management stuff, like IP allocation (netbios) browser identification, etc. Windows is a NETWORK Operating System, it's not supposed to sit on a LAN and be totally quiet. Because some of the packets are 'broadcast' packets by design, your router will just forward them blindly onto the internet, and in fact probably don't get any further than your ISPs routers as those will have more sophisticated packet filtering mechanisms.
So stop panicing. MS are not allowed by law (certainly in Europe, I can't speak for the US) to hold personal information on you without your express permission, and the waffle in the EULA doesn't actually grant that.
Anyhow... UDP Port 1027 is used for RPC (Remote Procdure Calls) and is fired up by several apps, one of which is Messenger. RPC is a necessary function of XP or 2000 in a network environment, and doesn't expose you to anything (providing you are patched, and behind a firewall).
If you really are that paranoid, just de-install all network and modem drivers. That will make you nice and secure, and I hope you enjoy your isolation. ;-)
-Jar.
(MCSA, MVP, 8 Years Professional Windows Exp. )
-
MS are not allowed by law (certainly in Europe, I can't speak for the US) to hold personal information on you without your express permission
Microsoft is above the law!!! ;-)
-
@ that_punk_guy
Microsoft is above the law!!! ;-)
As much as the tobacco companies are, I guess... or at least "justice".
-
ihave these all not allowed to connect to the net nt kernel and system, services and controler lsa exacutable ,generic host, task scheduling and my net and computer are working fine .ntl cable modem connected to ethernet which does not slow my computer down like usb seems to.only allow something if it stops something working and only install sp2 avoid sp3 :-)
-
that_punk_guy wrote:
carls wrote:
What exactly does this Service send? What ports is it using? Turns out I'm running SP3...
ZoneAlarm says:
"Services and Controller app: Listening to port(s): UDP: 1027"
And this is from the ZoneAlarm log after I blocked outgoing connections:
"Services and Controller app was unable to obtain permission for connecting to the Internet (194.168.8.100:DNS); access was denied.,N/A"
Right... Off to block that in my D-Link then!
-
. Yahoo Messenger (I couldn't for the life of me get the Linux version installed)
apt-get install gaim
problem solved. :-D
-
Running a M$ OS and feeling paranoid?
Yoooouu should be!
-
Download this to solve all your M$ paranoia troubles, and if you PM me I'll point you in the dierection of a full WineX debian package to play your windows games with. ;-) (http://heanet.dl.sourceforge.net/sourceforge/morphix/MorphixCombined-HeavyGUI-0.3-5.iso)
-
So stop panicing. MS are not allowed by law (certainly in Europe, I can't speak for the US) to hold personal information on you without your express permission, and the waffle in the EULA doesn't actually grant that.
And since when has Evil Bill lost any sleep over something a silly as the law? He bought the right politicans and all his anti-trust worries vanished.
So if he doesn't respect that, what does a little thing like privacy matter?
-
And since when has Evil Bill lost any sleep over something a silly as the law? He bought the right politicans and all his anti-trust worries vanished.
So if he doesn't respect that, what does a little thing like privacy matter?
Money talks in America!
-
i've been using ZoneAlarm for a couple of months and it works great. the only program really allowed to GET stuff in from the internet is Norton anti-virus.
i even turned off explorer from being allowed to go out. i only use Opera to browse.
no problems, no virus'. but then i don't use Outlook or any of that windows crap.
firewall, good! :-D
-
cecilia wrote:
i've been using ZoneAlarm for a couple of months and it works great. the only program really allowed to GET stuff in from the internet is Norton anti-virus.
i even turned off explorer from being allowed to go out. i only use Opera to browse.
no problems, no virus'. but then i don't use Outlook or any of that windows crap.
firewall, good! :-D
But have you got access to the Firewall source code? ;-) How do you know that it isn't 'phoning home' itself? :-o
-edit-
An old hd-less 486 with 16Mb and a cdrom drive running a linux or *bsd based firewall is your best protection, and run bastille hardening scripts to secure your main *nix workstation and to learn something about security too. No Windows is the way to go!
-
@Jaruzel
Almost ALL of the Windows 2000/XP 'phone home' services can be disabled, if you are bothered to learn the OS a little bit.
True... But they re-enable themselves after every service pack, several of the stand-alone critical updates (TechNet), all Internet Explorer point updates (5.0 -> 5.5 -> 6.0) and who knows when else...
Plus, having things disabled in Windows doesn't mean a whole hell of a lot. I have a set of snapshots and logfiles of a Windows 2k server that I admin attempting to open an outgoing SMB connection on a network card SMB wasn't even bound to!!
Back in the Windows 3.1 days, I used to hate Microsoft for putting out poor product. Since then, the Windows 9x series was quite improved. I stopped hating them. The Windows NT series (I used to be NT4 server, workstation certified) was excellent. Now the mainstream OS of Windows XP and Windows 2000 Pro/Server are technologically excellent, but I just can't live with the politics of Microsoft.
I'm sick and tired of having to wonder what services got turned back on while I wasn't looking. I'm sick and tired of them releasing patches to "Windows Update" while not allowing them to be downloaded elsewhere. (Try to patch/fix the CRITICAL SECURITY FLAWS in the Microsoft VM without using Windows Update?? Guess what... You can't, anymore, because they deleted the update patch files from their support areas, and claimed it was because of the court order, yet you can get the file from Windows Update!)
In short, if I have to spend my time battling a computer, I'd rather be fighting over technical glitches, rather than fighting to disable the "features" certain companies feel I can't live without.
If you really are that paranoid, just de-install all network and modem drivers. That will make you nice and secure, and I hope you enjoy your isolation.
Don't even trust this... See my comments above. Honestly, I think the only way left to secure Windows is to pull the network (or phone) plug before booting it.
-
Chill guys.
Use a decent firewall and thats it. I used to use zone alarm but some IM spam still got through, so I changed to Sygate Personal Firewall 5 (free for personal use) and it's the dogs doodads.
Nothing can even look at your modem without permission :-)
It has backtrace facilities and other features you won't find in ZA.
I never had Win2K sp 3 attempting to connect to the internet by itself in the first place. I dunno what your settings are like but turn off automatic updates and other nonsense.
Disable a few services that auto start (set them to manual) and thats that. You can get info for each one individually. Plus disablinmg some of the unneeded crap that otherwise auto starts saves some ram too.
-
Use a decent firewall and thats it. I used to use zone alarm but some IM spam still got through
Hmm... Yep. Sounds pretty secure. Of course, you realize that if the IM spam is getting through, it basically means you have no security at all at that moment....
Yes, a GOOD firewall, with GOOD rules set will make for a reasonably secure system. The thing is, setting those rules is a real pain in the arse. It's a never-ending job. Do you want to see the rule-list for my firewall? It has more blackholed ports than I can count. As Karl Sagan would say "Billions and Billions"... (Ok, maybe not that many, but still... it's more than 20 insecure ports I have to block in both directions!)
I never had Win2K sp 3 attempting to connect to the internet by itself in the first place. I dunno what your settings are like but turn off automatic updates and other nonsense.
Would you even know? Do you examine what packets are leaving your machine? Do you run a firewall on a seperate machine? Do you want to see my firewall logs for what kind of crap a Win2k machine with all non-essential services set to Disabled still spews out? Hope you have a large e-mail account. There's megs of it... From each 24x7 server, and that's for this month, alone.
In conclusion, though, yes, it is possible to secure yourself against most (>99%) of all threats to Windows. My argument is that it has grown to be more trouble than it's worth. Therefore, in newer jobs I am using Linux more and more. It's free from the BSA audits, it's free from many of the Windows annoyance virus/worms, and it's free from
auto-update features that turn themselves back on when I'm not looking.
What's best for you? I don't know. There's no doubt that a poorly configured Linux box is less secure than a well secured Windows box. A little knowledge and prevention goes a long way...
My only thought is that at this point, I'd rather spend my time fighting technical issues than political ones. Probably a lot of it is that I'm just burned out on Microsoft, too, though. There's only so many times you can go through the checklist of re-locking down a box before you just get so tired of looking at it that you'd rather chuck it out to the curb.
At least with Linux, I'm running into NEW bugs, problems, and issues. ;-)