Presentation is loading. Please wait.

Presentation is loading. Please wait.

Changes in Windows XP Service Pack 2

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Changes in Windows XP Service Pack 2"— Presentation transcript:

1 Changes in Windows XP Service Pack 2 7/2004robsmith@cs.cmu.edu

2 Enhancements in XP SP2  Network Protection  Memory Protection (compatible cpu’s)  Safer E-mail handling  Enhanced Browsing Security  Improved Computer Maintenance

3 Services Disabled by Default  Messenger Service  Alerter Service

4 Updated / Modified Applications  Windows Media Player upgraded to v9  Windows Messenger security enhancements: - blocks unsafe file transfers - required user display name (different from e-mail address) - ports need to be opened through firewall  Outlook Express – plain text mode, more  Windows Installer v3.0

5 RPC / DCOM, other Changes  Anonymous RPC calls no longer allowed  DCOM computer level ACL  Configurable via Registry key  Better support for Bluetooth wireless devices

6 Major changes  Firewall turned on by default  IE Pop-Up blocker  IE runs in restricted mode  Installed patches not displayed by default (enabled via registry key)

7 Firewall Definition - electronic blocking mechanism that will not allow unauthorized intruders into a computer system The firewall in Windows XP will not block any traffic originated on the local system.

8 Quick Survey  Black Ice?  ZoneAlarm?  Symantec Firewall?  Tiny?  Other? SCS Computing Facilities will support the firewall bundled with WinXP SP2

9 Methods for configuring the Windows Firewall in XP-SP2  Group Policy .Inf file bundled with setup  Manual configuration  Netsh command line tool Example: netsh firewall show state

10 Group Policy Settings  GPO will be linked to the three Organizational Units where computers reside  Contain settings that allow the standard SCS Windows environment to function:  Backup Agents (local network scope)  Windows File Sharing (local network scope)  Remote Administration (Hyena),WMI (local network scope)  Common Internet Services (Http,FTP,Telnet,SSH)  Additional exceptions will be configurable by user

11 Group Policy Details Ports: 7 (Echo) 6050 (Arcserve Client Agent) 497 (Retrospect Client Agent) 1977 (TiBS Client Agent) 6000,177(udp) (X-Win32) 3389 Remote Desktop Windows File Sharing (NetBios Ports) Remote Management (WMI Ports) All ICMP Traffic

12 Configuring Exceptions

13 Configuring Exceptions # 2

14 Configuring Exceptions #3  Add a text description and specify port

15 Dynamic additions of exceptions Add an exception to the firewall when a newly installed application wants to listen on a port. Add an exception to the firewall when a newly installed application wants to listen on a port.

16 SCS Subnets – Local Scope 128.2.178.0/23 (255.255.254.0) 128.2.180.0/22 (255.255.252.0) 128.2.184.0/21 (255.255.248.0) 128.2.192.0/19 (255.255.224.0) 128.2.242.0/24 (255.255.255.0) 128.2.254.0/24 (255.255.255.0)

17 Pop-Up Blocker Pop-up Blocker can be enabled by three different methods: Pop-up Blocker can be enabled by three different methods: Prompt at first occurrence. Prompt at first occurrence. A prompt appears before the first pop-up window appears that asks the customer to enable Pop-up Blocker. The Tools menu: In Internet Explorer, on the Tools menu, click Pop-up Blocker, and then click Block Pop-up Windows. Internet Options: In Internet Explorer, on the Tools menu, click Internet Options, click the Privacy tab, and then click Block pop-up windows. You can then click Options to configure Pop-up Blocker settings.

18 IE Restrictions  Configurable via Group Policy (TBD) Binary Behavior Security Restriction MK Protocol Security Restriction Local Machine Zone Lockdown Consistent Mime Handling Mime Sniffing Safety Feature Object Caching Protection Popup Management Scripted Window Security Restrictions Protection From Zone Elevation SecurityBand Restrict ActiveX Install Restrict FileDownload

19 IE prompt when downloading files, adding ActiveX controls, etc. Information Bar - used to bypass default settings in order to download files (AES), display pop-up windows, run unsigned scripts, etc. Information Bar - used to bypass default settings in order to download files (AES), display pop-up windows, run unsigned scripts, etc.

20 Tools for troubleshooting  Port Reporter Tool – useful for determining additional ports that may need to be opened. http://support.microsoft.com/default.aspx?scid=kb;en-us;837243  Firewall Log: %systemroot%\winnt\win_FW.log

21 Additional Reading   Details on changes http://www.microsoft.com/downloads/details. aspx?FamilyID=7bd948d7-b791-40b6- 8364-685b84158c78&DisplayLang=en   Manually configuring the Firewall http://www.microsoft.com/technet/communit y/columns/cableguy/cg0204.mspx

22 Questions ???

23 Fall 2004 - Software Changes  New Kerberos ticket manager (Kfw)  Updates versions of WinZip, Mozilla,X- Win32, OpenAFS (integrated with Kfw)

Download ppt "Changes in Windows XP Service Pack 2"

Similar presentations

®® Microsoft Windows 7 for Power Users Tutorial 7 Enhancing Your Computers Security.

®® Microsoft Windows 7 for Power Users Tutorial 7 Enhancing Your Computers Security.
Chapter 7 – Managing Windows XP. Control Panel The main tool for configuring your system. Most of the tools to configure the system come with the normal.

Chapter 7 – Managing Windows XP. Control Panel The main tool for configuring your system. Most of the tools to configure the system come with the normal.
Microsoft Windows XP SP2 Urs P. Küderli Strategic Security Advisor Microsoft Schweiz GmbH.

Microsoft Windows XP SP2 Urs P. Küderli Strategic Security Advisor Microsoft Schweiz GmbH.
Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.

Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.
Windows Server 2003 SP1. Windows Server™ 2003 Service Pack 1 Technical Overview Jill Steinberg: Added TM Jill Steinberg: Added TM.

Windows Server 2003 SP1. Windows Server™ 2003 Service Pack 1 Technical Overview Jill Steinberg: Added TM Jill Steinberg: Added TM.
Configuring Windows Internet Explorer 7 Security Lesson 5.

Configuring Windows Internet Explorer 7 Security Lesson 5.
Configuring Windows Vista Security Lesson 8. Skills Matrix Technology SkillObjective DomainObjective # Setting Up Users Configure and troubleshoot parental.

Configuring Windows Vista Security Lesson 8. Skills Matrix Technology SkillObjective DomainObjective # Setting Up Users Configure and troubleshoot parental.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 9: Implementing and Using Group Policy.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 9: Implementing and Using Group Policy.
Configuring Windows Vista Security Chapter 3. IE7 Pop-up Blocker Pop-up Blocker prevents annoying and sometimes unsafe pop-ups from web sites Can block.

Configuring Windows Vista Security Chapter 3. IE7 Pop-up Blocker Pop-up Blocker prevents annoying and sometimes unsafe pop-ups from web sites Can block.
Windows XP Service Pack 2 Technical Update. Windows XP Service Pack 2 Technical Workshop Agenda –Security Overview –Introduce Windows XP Service Pack.

Windows XP Service Pack 2 Technical Update. Windows XP Service Pack 2 Technical Workshop Agenda –Security Overview –Introduce Windows XP Service Pack.
Windows XP Service Pack 2 Alex Balcanquall Senior Consultant Microsoft Services Organisation.

Windows XP Service Pack 2 Alex Balcanquall Senior Consultant Microsoft Services Organisation.
11.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.

11.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 9: Implementing and Using Group Policy.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 9: Implementing and Using Group Policy.
Information for Developers Windows XP Service Pack 2 Information for Developers.

Information for Developers Windows XP Service Pack 2 Information for Developers.
MCDST 70-271: Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 15: Internet Explorer and Remote Connectivity Tools.

MCDST : Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 15: Internet Explorer and Remote Connectivity Tools.
Windows Remote Administration

Windows Remote Administration
TCP/IP Tools Lesson 5. Objectives Skills/ConceptsObjective Domain Description Objective Domain Number Using basic TCP/IP commands Understanding TCP/IP3.6.

TCP/IP Tools Lesson 5. Objectives Skills/ConceptsObjective Domain Description Objective Domain Number Using basic TCP/IP commands Understanding TCP/IP3.6.
WebCCTV 1 Contents Introduction Getting Started Connecting the WebCCTV NVR to a local network Connecting the WebCCTV NVR to the Internet Restoring the.

WebCCTV 1 Contents Introduction Getting Started Connecting the WebCCTV NVR to a local network Connecting the WebCCTV NVR to the Internet Restoring the.
EDDS Error Handling QP & Reliability Team. 2 EDDS Error Handling 1. In case of ‘Error code: -1’ (refer below captured error message ) EDDS system need.

EDDS Error Handling QP & Reliability Team. 2 EDDS Error Handling 1. In case of ‘Error code: -1’ (refer below captured error message ) EDDS system need.
SP2 Mikael Nystrom. Agenda Översikt Installation.

SP2 Mikael Nystrom. Agenda Översikt Installation.

Similar presentations

Ads by Google