always looking forward to the next challenge, never taking time to fix and support older products.
Well, Microsoft has supported NT4 for 7 years, compare that to Linux distributions...
They make choices regarding what they fix, they won't release a patch for a small issue which doesn't affect many people, but all real problems are addressed usually.
You don't add/remove/modify files with sizes from 512 bytes to 1Gbytes in a database like you do in a filesystem
MS has had SQL Server for years, and they still acknowledge that WinFS is a work in progress, so thinking that a few guys can put up the same thing using MySQL in a few weeks/months is nothing but a dream.
Dude, if you think that MySQL, OpenOffice and a pretty GUI can replace what WinFS does, you're up for a big surprise, and you won't like this surprise...
1) the RPC port is blocked by the firewall, same thing for Messenger, NETBios, etc..., good luck if you try that way, you basically don't even know how a firewall works it seems. 2) IIS is not installed by default on XP, and the firewall blocks that port by default 3) There's only 1 exploit for IIS6(the one on WS03, which is not installed by default either), there's more than that for Apache 2 4) Try to send me an e-mail that takes over my machine, I bet you won't get in, even though I read my e-mail with Outlook. Know why ? Because if an exploit of that kind really existed, there would be a worm currently riding the internet through it, and there's none.
So yep, your arguments are worth 0.
I already told you so, go read about the subject first, then come back and talk about it.
Go read the docs in the DDK and the SDK, go write some drivers and IP filters, then come back and talk about it.
Until you do this, it's not worth talking with you about it, you don't know a thing about how it works and keep arguing.
Go check by yourself and you'll see that I'm right.
And until you do so, please avoid calling me an immature child, I gave you the way it works, you only gave proofs of your lack of knowledge on the subject.
MS has a database of all the crashes reported by its bug reporting tool(in XP & WS03), these crashes are analyzed, sorted and categorized and help them fix the bugs.
You know you can unload modules on Linux without rebooting ? Do you know that modules run in kernel space ? Do you know what/proc is ? Do you know you can modify Kernel behavior using/proc without having to reboot ? Did you ever remark that you can control the firewall's behavior using commands while being root, thus meaning you can stop the firewall, all this without having to reboot ?
You can stop, start or modify the behavior of kernel modules on Linux and Windows without having to shutdown the machine. You just need to be an administrator(or root on Linux), same thing you need to stop a firewall running on Windows. There's NO difference on this.
As far as crashing the firewall: On Windows, the network layer of the TCP/IP stack sends the packets to the firewall, and the firewall decides if it forwards them to the layer 3 of the TCP/IP stack, if the firewall dies, the TCP/IP stack still has the firewall's hooks, and will NOT forward the packets as it would without a firewall.
You lack OS concepts knowledge and mix concepts, you should get a book on OS concepts and understand how kernels and OS are designed before talking about it.
Because there's a lot of things you don't understand.
The fact that the app runs in user-space has NOTHING to do with the fact that a user has to be logged in.
Example:
On Windows, the RPC service, IIS, etc.. all run in user-space, but you don't have to login in order for them to run.
winlogon.exe, the process that allows you to login, runs in user-space ! Before anybody is logged in obviously since that's what you use to login.
user-space simply means it runs in a memory space different from the kernel, where it can't access the kernel memory and can't execute specific processor instructions.
For example on Unix, KDE, Gnome, etc... run in user-space, even XFree. You can see on your own machine that they run even before you login.
You should go get a book on operating system design, that would help you undestand this concept.
If you know what you're talking about, why is it you think that a user-space firewall is more secure than a kernel-space firewall?
When the firewall runs in the kernel, the firewall sees incoming packets FIRST, and can drop them on the spot. When the firewall runs in user-space, incoming packets come in, get handled by a kernel process (which may have a vulnerability), and THEN get handled by the firewall. So if there's a vulnerability in the kernel, the packet has already nailed you before the firewall has "seen" it. It's why every single Unix puts its firewall in the kernel, and has done so for decades.
Windows TCP/IP has hooks, which allow the user-space firewall to be alerted when a packet arrives. So, whenever a packet arrives, it is forwarded to the user-space firewall, as it would have been forwarded to the kernel space firewall on Unix, only difference : it's in user-space. It happens at the same time, simply the time spent in kernel is less in Windows's case. So there's not a bigger risk of failure, packets go through fewer layers in kernel space on Windows than on Unix. On both Unix and Windows, the firewall is hooked in between layer 2 and 3 of the TCP/IP stack, so the only difference is that the firewall(one more layer) is in kernel space on Unix, and user-space on Windows, that's why Windows's method is more secure, less code run in kernel space.
As for scanning, I used nmap, netstat to see which ports are open directly on the box, my own attack tool, etc...
I have a 10 years Unix background, 5 years of Windows development, all in networking, I perfectly know what I'm talking about.
Not to upset/depress you, but you DO know that all firewalls in the windows world run in userspace (whereas Unix/Linux firewalls run in the kernel) so they're not quite as bulletproof as you might think?
1) That's not true, you can write a packet filter driver on Windows, running in kernel space to do the filtering, see http://msdn.microsoft.com/library/default.asp?url=/library/en-us/network/hh/network/fltrhook_5xpj.as p
However most people use the IP Filter API to do this in user-mode, thus avoiding putting more code in kernel side, reducing the risk of complete machine crash.
2) Being in kernel space does not provide any security compared to being in user-space. The only thing it provides, is that in case of buffer overflow in the firewall, in kernel space you own the machine, and in user-space you own the user under which the firewall is running. Which case is the most secure ? Bingo, the user-space one.
By the way, your windows box is listening on a whole range of ports you don't even know about. And, you have to trust that Microsoft has truly locked down that "firewall" of yours. Considering that they opened up all those weird ports in an end-user machine in the first place (why?) you might want to ask yourself whether they'd firewall themselves out of the very ports they left open in the first place.
I trust them, because I know what ports are open by default on a windows box, I scanned a machine with the firewall on and saw the results, I actually know what I'm talking about...
I personnally don't run either IIS not SQL Server on my XP box, moreover, the firewall which is provided and proposed when I create a DSL connection prevents me from being attack on the RPC port as well as other ports. The lack of Desktop issues on Unix comes principally from the lack of Unix desktops... That's why they're not considered as important, because almost nobody's hit when there's a failure in Mozilla, it's a drop in the ocean of users.
As for disabling services, I largely prefer the UI provided by MS which includes the dependencies for each service and a description of what the service does to going into/etc and trying to understand what service does what and which service depends on which other service.
No, I just have a brain, something which you obvisouly don't have.
Community is more important than the individual, if the decision of the majority pisses you off, then so be it, and if you do any violent act, then you need to be thrown in jail, if you fight it physically and get shot, I won't shed a tear, you deserved it by your stupidity.
You're just egoist and think only about your own interest, you're an idiot.
There's only 1 alternative after peacful protest; violent protest and our leaders are too dumb to realize that if they piss enough people off, they are dead meat literally.
So label me a terrorist for conveying the message bitch, I'm getting to the end of my rope and patience.
Yep good idea, and I'm sure you'll get to think about it again once you're in jail, at least you'll have plenty of time for that.
Slashdot Mirror
Probably because the betas and RC of Microsoft operating systems are distributed to more than 500'000 people.
Also, maybe because NASDAQ and Microsoft.com were some of the websites running RC versions of WS03 before it went RTM.
Betas and RC of Win2003 have been available for more than 2 years.
You need to find another reason...
Hmmm, I'm actually saying that it *is* secure, there' no irony.
All viruses that flew through the net had patches for the vulnerability before it spread.
Windows source code is available for however has 1500 licenses also.
Only one mitigated security issue in a month for WS03, a default configuration where almost everything is off by default.
Yep, that's secure.
Let's look at the security issues for November:
/ te chnet/security/bulletin/MS03-048.asp
/ te chnet/security/bulletin/MS03-049.asp
/ te chnet/security/bulletin/MS02-050.asp
/ te chnet/security/bulletin/MS03-050.asp
/ te chnet/security/bulletin/MS03-051.asp
http://www.microsoft.com/technet/treeview/?url=
WS03 is affected, but vulnerability is mitigated by the fact that IE runs in enhanced security mode.
http://www.microsoft.com/technet/treeview/?url=
Doesn't affect WS03
http://www.microsoft.com/technet/treeview/?url=
Doesn't affect WS03
http://www.microsoft.com/technet/treeview/?url=
Doesn't affect Office 2003
http://www.microsoft.com/technet/treeview/?url=
Doesn't affect Windows Server 2003 and Windows 2000 SP4
So as you can see, the latest versions of Windows & Office are definitely more secure
always looking forward to the next challenge, never taking time to fix and support older products.
Well, Microsoft has supported NT4 for 7 years, compare that to Linux distributions...
They make choices regarding what they fix, they won't release a patch for a small issue which doesn't affect many people, but all real problems are addressed usually.
Think speed, memory usage, etc...
You don't add/remove/modify files with sizes from 512 bytes to 1Gbytes in a database like you do in a filesystem
MS has had SQL Server for years, and they still acknowledge that WinFS is a work in progress, so thinking that a few guys can put up the same thing using MySQL in a few weeks/months is nothing but a dream.
Dude, if you think that MySQL, OpenOffice and a pretty GUI can replace what WinFS does, you're up for a big surprise, and you won't like this surprise...
1) the RPC port is blocked by the firewall, same thing for Messenger, NETBios, etc..., good luck if you try that way, you basically don't even know how a firewall works it seems.
2) IIS is not installed by default on XP, and the firewall blocks that port by default
3) There's only 1 exploit for IIS6(the one on WS03, which is not installed by default either), there's more than that for Apache 2
4) Try to send me an e-mail that takes over my machine, I bet you won't get in, even though I read my e-mail with Outlook. Know why ? Because if an exploit of that kind really existed, there would be a worm currently riding the internet through it, and there's none.
So yep, your arguments are worth 0.
I already told you so, go read about the subject first, then come back and talk about it.
Go read the docs in the DDK and the SDK, go write some drivers and IP filters, then come back and talk about it.
Until you do this, it's not worth talking with you about it, you don't know a thing about how it works and keep arguing.
Go check by yourself and you'll see that I'm right.
And until you do so, please avoid calling me an immature child, I gave you the way it works, you only gave proofs of your lack of knowledge on the subject.
You still don't understand.
If you crash the firewall, the TCP/IP stack will stop responding, so there's no issue.
As for starting the firewall, they start at the same time as the TCP/IP stack.
What the taskbar tells you is not the status of the firewall, even if you don't login the firewall is running, I already told you that.
I repeat it, go buy a book about OS concepts and read it before commenting on such subjects, you're just looking like a fool with your comments.
Please tell me mister smart.
What's the use of disabling the firewall if you have to penetrate the machine through IIS ?
Once you're in through IIS, you don't need to stop the firewall anymore since you're already in.
So the firewall design has no issue at all.
You should stop here, you're looking more and more stupid with every post.
They don't follow suit.
They had this idea first.
MS has a database of all the crashes reported by its bug reporting tool(in XP & WS03), these crashes are analyzed, sorted and categorized and help them fix the bugs.
You know you can unload modules on Linux without rebooting ? /proc is ? /proc without having to reboot ?
Do you know that modules run in kernel space ?
Do you know what
Do you know you can modify Kernel behavior using
Did you ever remark that you can control the firewall's behavior using commands while being root, thus meaning you can stop the firewall, all this without having to reboot ?
You can stop, start or modify the behavior of kernel modules on Linux and Windows without having to shutdown the machine. You just need to be an administrator(or root on Linux), same thing you need to stop a firewall running on Windows.
There's NO difference on this.
As far as crashing the firewall:
On Windows, the network layer of the TCP/IP stack sends the packets to the firewall, and the firewall decides if it forwards them to the layer 3 of the TCP/IP stack, if the firewall dies, the TCP/IP stack still has the firewall's hooks, and will NOT forward the packets as it would without a firewall.
You lack OS concepts knowledge and mix concepts, you should get a book on OS concepts and understand how kernels and OS are designed before talking about it.
Because there's a lot of things you don't understand.
The fact that the app runs in user-space has NOTHING to do with the fact that a user has to be logged in.
Example:
On Windows, the RPC service, IIS, etc.. all run in user-space, but you don't have to login in order for them to run.
winlogon.exe, the process that allows you to login, runs in user-space ! Before anybody is logged in obviously since that's what you use to login.
user-space simply means it runs in a memory space different from the kernel, where it can't access the kernel memory and can't execute specific processor instructions.
For example on Unix, KDE, Gnome, etc... run in user-space, even XFree. You can see on your own machine that they run even before you login.
You should go get a book on operating system design, that would help you undestand this concept.
If you know what you're talking about, why is it you think that a user-space firewall is more secure than a kernel-space firewall?
When the firewall runs in the kernel, the firewall sees incoming packets FIRST, and can drop them on the spot. When the firewall runs in user-space, incoming packets come in, get handled by a kernel process (which may have a vulnerability), and THEN get handled by the firewall. So if there's a vulnerability in the kernel, the packet has already nailed you before the firewall has "seen" it. It's why every single Unix puts its firewall in the kernel, and has done so for decades.
Windows TCP/IP has hooks, which allow the user-space firewall to be alerted when a packet arrives. So, whenever a packet arrives, it is forwarded to the user-space firewall, as it would have been forwarded to the kernel space firewall on Unix, only difference : it's in user-space.
It happens at the same time, simply the time spent in kernel is less in Windows's case. So there's not a bigger risk of failure, packets go through fewer layers in kernel space on Windows than on Unix.
On both Unix and Windows, the firewall is hooked in between layer 2 and 3 of the TCP/IP stack, so the only difference is that the firewall(one more layer) is in kernel space on Unix, and user-space on Windows, that's why Windows's method is more secure, less code run in kernel space.
As for scanning, I used nmap, netstat to see which ports are open directly on the box, my own attack tool, etc...
I have a 10 years Unix background, 5 years of Windows development, all in networking, I perfectly know what I'm talking about.
Not to upset/depress you, but you DO know that all firewalls in the windows world run in userspace (whereas Unix/Linux firewalls run in the kernel) so they're not quite as bulletproof as you might think?
= /library/en-us/network/hh/network/fltrhook_5xpj.as p
1) That's not true, you can write a packet filter driver on Windows, running in kernel space to do the filtering, see http://msdn.microsoft.com/library/default.asp?url
However most people use the IP Filter API to do this in user-mode, thus avoiding putting more code in kernel side, reducing the risk of complete machine crash.
2) Being in kernel space does not provide any security compared to being in user-space.
The only thing it provides, is that in case of buffer overflow in the firewall, in kernel space you own the machine, and in user-space you own the user under which the firewall is running.
Which case is the most secure ? Bingo, the user-space one.
By the way, your windows box is listening on a whole range of ports you don't even know about. And, you have to trust that Microsoft has truly locked down that "firewall" of yours. Considering that they opened up all those weird ports in an end-user machine in the first place (why?) you might want to ask yourself whether they'd firewall themselves out of the very ports they left open in the first place.
I trust them, because I know what ports are open by default on a windows box, I scanned a machine with the firewall on and saw the results, I actually know what I'm talking about...
I personnally don't run either IIS not SQL Server on my XP box, moreover, the firewall which is provided and proposed when I create a DSL connection prevents me from being attack on the RPC port as well as other ports.
/etc and trying to understand what service does what and which service depends on which other service.
The lack of Desktop issues on Unix comes principally from the lack of Unix desktops... That's why they're not considered as important, because almost nobody's hit when there's a failure in Mozilla, it's a drop in the ocean of users.
As for disabling services, I largely prefer the UI provided by MS which includes the dependencies for each service and a description of what the service does to going into
Neither IBM's method nor Netscape's method were able to diagnose the failure and point the user to a fix.
This feature is clearly specified in the patent, which the moderator obviously didn't read before making his comment about IBM's prior art.
So this patent is perfectly valid, as no other bug reporting system known currently has this capability.
Oh yeah, like wu_ftpd, sendmail, bind and openssh which have been around for years, and we still have day 1 security vulnerabilities in these.
Depends, if the women who participate can be shared like GPL software, this might be interesting :)
No, I just have a brain, something which you obvisouly don't have.
Community is more important than the individual, if the decision of the majority pisses you off, then so be it, and if you do any violent act, then you need to be thrown in jail, if you fight it physically and get shot, I won't shed a tear, you deserved it by your stupidity.
You're just egoist and think only about your own interest, you're an idiot.
I have a really hard time copying a bottle of Evian to give it to my friends.
However I can do that with no problem whatsoever with Mandrake.
There's only 1 alternative after peacful protest; violent protest and our leaders are too dumb to realize that if they piss enough people off, they are dead meat literally.
So label me a terrorist for conveying the message bitch, I'm getting to the end of my rope and patience.
Yep good idea, and I'm sure you'll get to think about it again once you're in jail, at least you'll have plenty of time for that.