markwilson.it

Windows XP Service Pack 2 is ready

Posted on Wednesday 4 August 2004Wednesday 23 May 2007 By Mark Wilson

This content is 21 years old. I don't routinely update old blog posts as they are only intended to represent a view at a particular point in time. Please be warned that the information here may be out of date.

At last! Windows XP SP2 will be released this week!

Today I met with Microsoft UK’s Windows Client Product Manager who confirmed that SP2 release to manufacturing (RTM) was scheduled for yesterday (Microsoft had already publicly committed to this month). It has slipped slightly, but will definitely be released this week.

Even once RTM has passed, supply of SP2 will be limited until 25 August, which is the date for the launch of the new Windows Update 5 site. Until then, SP2 will be trickle-fed via the Windows XP Automatic Updates functionality, but business users will be able to download the service pack from the Microsoft Download Center.

Microsoft are aiming for 40% business uptake of SP2 within 12 months (and 60% for consumers), but are warning that this is not an upgrade to be taken lightly, requiring all the planning, and rigorous testing of a major operating system upgrade.

For more details on SP2, see the following posts:

Office 2003 SP1 and enhanced junk e-mail filtering for Outlook 2003 released

Posted on Monday 2 August 2004Wednesday 23 May 2007 By Mark Wilson

Last week, Microsoft released Office 2003 Service Pack 1. The service pack includes the many public updates and hotfixes that have been released since Office 2003 debuted in autumn 2003 and adds fixes to several other problems that Microsoft hadn’t previously documented. It also offers some new security functionality including the addition of several file types to the list of those that Outlook blocks (noteably: .asp; .tmp; .vsmacros; .vss; .vst; .vsw; and .ws).

Along with the main service pack, equivalent service packs for OneNote 2003, Project 2003 and Visio 2003 were released, as well as an update for Outlook 2003’s junk e-mail filter allowing it to automatically update the safe senders list with outgoing messages’ recipients. This update replaces the outlfltr.dat file that controls the behaviour of the filter and provides a more current definition of which messages should be considered junk, based on Microsoft’s most recent analysis of mail patterns from the massive volumes of spam that Hotmail servers receive.

What you should know about spyware

Posted on Monday 2 August 2004Wednesday 23 May 2007 By Mark Wilson

Microsoft have published an interesting article to give a heads up on spyware. Simple it may be, but practical advice nonetheless.

Even experienced administrators need to beware – whilst researching some security issues this week, out of necessity I hit on some of the more unsavoury sites on the ‘net and before I knew it, my PC was infested with all sorts of pop-ups (and probably more).

If you do need to perform a quick clean up, I can fully recommend Spybot Search and Destroy and Lavasoft Ad-Aware.

Bill Gates’ view on solving the spam problem

Posted on Monday 2 August 2004Wednesday 23 May 2007 By Mark Wilson

I’ve just read an interesting executive e-mail from Bill Gates in which he discusses preserving and enhancing the benefits of e-mail, whilst curbing the epidemic of junk e-mail. Not surprisingly, this includes a plug for Microsoft’s Sender ID proposed standard.

Suffering from my fair share of domain spoofing, I think that Sender ID sounds a reasonable approach to take, although doubtlessly there will be those from the open source and Macintosh communities who will take offence at any technology (co-)developed by Microsoft (even as part of the Anti-Spam Technical Alliance, whose members include AOL, Yahoo, Earthlink, Comcast and BT).

One point of particular interest, was the comment around the possibility of charging for e-mail. I’ve read various articles which have suggested this (although I had guessed this was non-technical journalists failing to appreciate the idea of charging computing time to “qualify” e-mails and slow down spammers), but according to Microsoft:

“We firmly believe that monetary charges would be inappropriate and contrary to the fundamental purpose of the Internet as an extremely efficient and inexpensive medium for communications.”

Gates also discusses third-party e-mail accreditation services.

It all makes interesting reading, and the full article is available on the Microsoft website.

Microsoft Windows Server 2003 SP1 delayed

Posted on Friday 30 July 2004Tuesday 15 May 2007 By Mark Wilson

Its probably not real news to anyone but Windows XP SP2 has been slipping for a while now and so will Windows Server 2003 Service Pack 1 (SP1).

In last week’s post (Windows Update Services slips into 2005), I reported that the WUS slippage was as a result of using technology from Windows XP SP2, and as can be expected, the first service pack for Windows Server 2003 is closely related to the XP client service pack, with many common features and fixes.

Windows 2003 SP1, like XP SP2, will include multiple security-oriented changes, such as a Security Configuration Wizard that will use the roles-based infrastructure in Windows 2003 to automatically shut down unnecessary ports and services. It will also include any relevant security changes from XP SP2.

Microsoft confirmed that the company will delay Windows Server 2003 SP1 until the first half of 2005 as development can take place in earnest only after XP SP2 is completed.

According to Microsoft:

“We now anticipate that Windows Server 2003 SP1 and Windows Server 2003 for 64-bit Extended Systems will ship in the first half of 2005, whereas we previously estimated the release timing for both to be the end of 2004… As is the case with all Microsoft product schedules, the development cycle is driven by quality, with a focus on the needs of our customers rather than an arbitrary date.”

(Edited from the July 28 2004 WinInfo Daily Update, published by the Windows and .NET magazine network)

Manually configuring Windows Firewall in Windows XP SP2

Posted on Monday 26 July 2004Tuesday 15 May 2007 By Mark Wilson

There is an interesting article on the Microsoft website describing the settings for the Windows Firewall introduced in Windows XP Service Pack 2.

Windows Update Services slips into 2005

Posted on Monday 26 July 2004Wednesday 23 May 2007 By Mark Wilson

Microsoft Windows Update Services (the successor to Software Update Services) looks to have slipped into 2005. In an e-mail sent from Microsoft to registered users for the Windows Update Services Open Evaluation Program, Microsoft state that:

“There are two primary drivers behind this schedule change:

The March release of the Windows Update Services closed beta has spurred overwhelming interest from customers and partners evaluating the product. We have assessed this input as part of the beta cycle, and are committed to incorporating the feedback before releasing the next beta release for the Windows Update Services Open Evaluation Program.

The Windows Update Services team is developing a new Automatic Updates agent which will be included in XPSP2. The new agent is used both to improve the updating experience for XPSP2 users connecting directly to Windows Update and for users who will leverage Windows Update Services in their corporate environments in the future.

This decision to include the new Automatic Updates technology in XPSP2, and perform the necessary integration and testing, also contributes to the development schedule for Windows Update Services being staggered behind the XPSP2 release.”

Another interesting note in the e-mail is that:

“The final production release of Windows Update Services will include a migration toolkit that will simplify the migration from Software Update Services (SUS) 1.0 with SP1 to Windows Update Services, so if you are holding off on implementing SUS because of concerns about migrating to Windows Update Services, we encourage you to go ahead and implement SUS 1.0 with SP1”.

For further information on Windows Update Services, including a Windows Update Services (Beta Version) datasheet, refer to the Windows Update Services area on the Microsoft website.

Preventing denial of service attacks on an ADSL router

Posted on Monday 19 July 2004Tuesday 15 May 2007 By Mark Wilson

Since about April 2004, I’ve been having problems with my ADSL router at home (a Solwise SAR 110). As the hardware was just over 12 months old (and hence just out of warranty), the cynical side of me was resigned to the fact that it had just “broken”. Not wanting to lose my configuration settings through a firmware upgrade, I got used to resetting the router each day (sometimes several times a day) when it seemed to just drop off the network. Because I couldn’t access the box, I couldn’t check any logs and find out what was happening.

This all changed when I spotted a posting on my ISP’s support forum, directing me to Chris Marsh’s excellent SAR 110 and 130 Guide. Using Chris’ advice I have been able to stealth my router (as tested using the GRC Shields UP! port prober). The SAR Guide website also included interesting information on other configuration items that were not always clear from the Solwise manuals and help text.

Now that my router is no longer visible on the Internet, it seems to stay up as it did for the first year I was on ADSL (just under 13 days and counting as I write this). I can only assume that the problem was a denial of service (DoS) attack, that has now been prevented through the stealthing of the router.

Obviously, there are many types of router out there, but by following the same steps, it should be possible to stealth most ADSL routers, even if the user interface is slightly different.