[Dshield] Security CD's, Quick Look Win 2k

Al Reust areust at comcast.net
Wed Apr 7 22:40:40 GMT 2004


Hello All

The first installment
Security CD - 474 megabytes

Win 2K Pro Clean install.

Installs Win 2K Service Pack 4 and KB824146 (MS03-039) which prevents 
Blaster. It leaves these particular HotFixes open

MS03-011 - Virtual machine
MS03-023 - HTML Converter
MS03-034 - NETBIOS flaw
MS03-040 - Media Player 6.4
MS03-041 - Authenticode
MS03-042 - ActiveX Control (troubleshooter)
MS03-043 - Messenger Service
MS03-044 - Help and support
MS03-045 - Listbox Combo box
MS03-049 - Workstation
MS04-003 - MDAC
MS04-004 - ie cumulative rollup
MS04-007 - ASN.1

It takes ie to 5.000.3700.1000 SP4. It does Not have a copy of Ie 5.5 or 
6.0 to upgrade to. There is room for a Custom IE to be housed but it is 
missing...

I Dropped in the EZArmor CD and it upacks and installs. If there is a 
network connection it will grab an update to the AntiVirus. The firewall 
looks very similar to Zone Alarm (can you say Licensed source code?). It 
recognized my IANA non routable IP's and made the entire Class C a 
"Trusted" network. There are several configurations possible such as this 
machine is the Gateway (M$ - ICS). The machine is on a network with a 
Master FW, no did not have one to attempt to get it to read the 
configuration. The machine is a Stand Alone machine participating in the 
Trusted network. The machine is a Stand Alone machine directly connected to 
the network. By default blocks NETBIOS ports 135, 137-9 and 445 inbound.

XP
I dropped into and XP box that I have (fully patched). It recognized that 
it was patched (uses WMI API), While I have not tracked back the KB numbers 
to bulletins, I can see that it has at least 8 of 9 Hotfixes and Media 
Player 9, DirectX9(b), and SP1

It recommends installing ICF and leads to a web page that has a basic 
configuration.

The general presumption is that XP needed more protection that Win 2K. The 
same win 2K patches would have taken less than ten megabytes.

As I can figure out why my "scanners" are not wanting to play will give the 
results..

R/

Al




More information about the list mailing list