Jump to content

Windows XP Service Pack 2 and the effects on mta v4


Recommended Posts

The current xp pacl also has the firewall but it isnt on by defualt, all that will have to be done is let the users know that they have to turn it off to play mta , xp firewall is not configurable :/ , anyways the xp firewall doesnt really help much so i dont see why it shoud be on anyways, just get a other firewall ( in my opinion any is better then the xp one) that is configurable.

Link to post

It's really funny when you see so many misconceptions about firewalls, routers, and overall Internet/Intranet security implementations. As well, IPv6, talked about in more detail in RFC 2460, is no new concept. It has been in the works for quite a long time now, but hasn't been fully implemented on a global scale.

Firstly, firewalls and routers don't close every port on your system, they use an ACL (Access Control List) to filter packets based on their type and the port they are attempting to enter through. This is merely implemented to provide better security, which is ironic because it only briefly postpones the time it takes for an attacker to breach a target. It does however help stop DoS (Denial of Service) attacks, as well as other variations, e.g. DDoS, DRDoS, etc. So, perhaps you will have to modify the ACL rules to a slight degree, but MTA can just as easily add a snippet of code to work around this problem, or add a tutorial to the site to help change the rules so you can still play MTA.

Second, as mentioned before, IPv6 is nothing new. In fact, the point that Windows is just now adding support into their Operating System for IPv6 is quite humerous, although I'm not quite sure how much support is currently available. Linux programmers have been working on IPv6 support for a few years now, and it's taken quite some time to get the current code to where it now is.

Anyway, feel free to argue my points. And if you were wondering, RFC's are Request for Comment documents that have been compiled since 1969. Every, or nearly every, protocol that has ever been devised has been documented in the RFC database. There are also numerous other pieces of information in the database, ranging from security to DoS attacks.

Ciao,

Kryptos

Link to post

When you have SP2 installed and you open a program that requires an internet connection, windows asks if you would like to allow that connection or not.

One thing I did notice with SP2 was that coloured text (in the client chat box) was no longer coloured... I did tell microsoft though :P

Link to post

heh. ive been beta testing sp2 for a while now and ive noticed no problems with it and MTA. only annoying thing is the popup window asking if you want to allow MTA this can be easily fixed by adding it to the allow list before running it :P

no other problems though with running it over the net.

Link to post

Ok, couple of things here:

SM xenex

Windows XP, Windows XP SP1 and Windows XP SP1a do not feature the same firewall as Microsoft are going to introduce with Windows XP SP2. Prior to SP2 the best Windows has to offer is the ICF - or Internet Connection Firewall, which is disabled as default and provides a minimum of protection compared to any of the mainstream offerings.

Service Pack 2 features an all-new Windows firewall, with much more in the way of features and control. As standard all outbound access is blocked and it's only when you use each application or port, that Windows will intervene and prompt the user as to whether they want to allow that program access to the outside world. Conscious that even their own browser can be made to do less than pleasant things when exploited this blocking includes Internet Explorer. Behavior is much more like ZoneAlarm and as a result ZoneLabs amongst others are trying to gear up for some kind of Antitrust action against Microsoft, believing noone will need to buy their application once SP2 makes it to market. Funny how people criticise M$ for security, and when they finally DO sort it out, someone is laying in wait to sue them.

The biggest problem is that it's enabled as standard, so no game or app will be able to reach the outside world without the user first granting permission. For most things that will be peachy, as it only requires a couple of clicks to allow communication, but for certain games, especially those which are prone to locking up or crashing when the user alt-tabs to desktop or the OS generates a popup, then that security prompt will leave the user unable to play online until the developers concerned fix their code.

Kryptos

I'd urge you to think twice before you try and act like the voice of authority on all things related to RFC standards or networking. Your jab at M$ over IPV6 support is completely inaccurate as IPV6 for XP/Windows 2000 has been available for almost 18 months now as a separate download - a part of their 'advanced networking pack'.

Your comments on firewall behavior also falls well clear of the mark, if properly maintained then the only way a hacker can make it past your firewall is by a known exploit or flaw. The MTA team shouldn't need to add anything to handle the SP2 firewalll either, as it makes its network connections whilst still within the windows environment, and any user using SP2 will be prompted as to whether they wish to permit MTA to access an external address with a popup.

Link to post

um, stop a DoS attack? thats like.. impossible isnt it? im pretty sure it is. even if there was something to stop the packeting (no that doesnt exist either) its still using ur connection to get to u thus bogging down ur internet and making the DoS successful.

im pretty sure im accurate, but hell, a few days ago i didnt know packeting == DoS!

Link to post

Don't bullshit yourself xavier. Firstly, IPv6 is nothing new, as I previously mentioned. Having support for it for the past 18 months is nothing big considering that documentation of IPv6 goes back to 1998, as well as before that. That still leaves five years of unaccounted progress on the IPv6 protocol on Microsoft's behalf. I will however apologize for my inaccurate timeframe as I have not been a Windows user for some time and am not aware of their current status. But, that brings me to the question; who are you to stick up for Microsoft in the first place? You accuse me of being the voice of authority on RFC standards when I merely discussed what they were and where they are located, and then you immediately dive into the Microsoft world as though you're their official spokesperson, so please refrain from being hypocritical and unjust.

As far as security standards go, there are security groups out there that maintain exploits that have yet to be released, referred to as "0 day" groups. Now I'm not saying that these groups are easy to find, but if someone has access to a group like this then they have access to exploits that haven't even entered the computing world yet. As well, considering your argument pertaining to firewalls, a quick Google search returns documents similar to the one found here which goes over similar techniques that I was referring to; tunneling, mapping ACL rules, etc. Also, you don't necessarily need an exploit to gain access to a system, in fact, as seen with Kevin Mitnick, one of the best methods is through employee incompetence, otherwise known as social engineering. I understand what you were trying to get at, with exploits such as the Cisco WLSE/HSE Default Username and Password Vulnerability that was recently uncovered, as well as the ISS BlackICE ICQ Parsing Buffer Overflow Vulnerability. If the patches are applied correctly, with the exception of the Cisco vulnerability that can't be patched, then a system maintains a much more secure nature against exploit code usually used by Script Kiddies, however, if an attacker who understands the infrastructure of the Internet wants to gain access to a highly secure system then they'll stop at nothing to get what they want, and those are the attackers that are impossible to defend against.

As well, in reference to DoS, DDoS, and DRDoS attacks; DoS (Denial of Service) attacks, such as the Kiss of Death Attack, are normally defendable against since they are older and outdated, routers and firewalls can be configured to discard packets that are similar to ones used in DoS attacks, and can also be configured to block specific hosts, although some bandwidth lag may be noticed. As well, the attacker is easily traced since they directly interacted with the target, unless they routed through numerous systems. DDoS (Distributed Denial of Service) attacks are much more difficult to defend against, they use a distributed means of attacking the target; generally the attacker installs software on remote systems that will be used in the process of the attack, these are called zombies. The attacker then sends the zombie's messages to tell them to commence the attack. This means that no direct interaction between the target and the attacker takes place, making it much more hard to trace in the aftermath, although the attacker did install remote software on the attacking systems which means that if someone gains access to one of those systems and the attacker was sloppy and forgot to remove entries from the log files then they can be traced. Finally, DRDoS (Distributed Reflective Denial of Service) attacks are both the most dangerous and the most difficult to trace. One of the more notable forms of this attack is the BGP (Border Gateway Protocol) attack. The BGP protocol is used by the core routers of the Internet to exchange routing tables as well as perform numerous other tasks. In this attack the attacker sends tainted packets to the core routers telling them that the target is requesting to swap routing tables. This immense amount of data then forces the target machine offline. The problem with blocking this type of attack is that it is unreasonable to block core routers because that would, in the end, block access to the Internet.

Ciao,

Kryptos

Link to post

I've just remembere, IPv6 has no relevance to MTA (or this post), nor do DoS attacks, or anything in that post. Fine, you know it, but we don't need essays on random computer technology things here.

eAi

Link to post

I assure you IPv6 will have a larger impact on the MTA community in the near future. European and Asian ISP's are already looking into implementing it in the next while, which means that if you continue to avoid IPv6 support you will find a portion of the community enraged. You've been forewarned.

Ciao,

Kryptos

Link to post
I assure you IPv6 will have a larger impact on the MTA community in the near future. European and Asian ISP's are already looking into implementing it in the next while, which means that if you continue to avoid IPv6 support you will find a portion of the community enraged. You've been forewarned.

Ciao,

Kryptos

Yeah, perhaps, but they needn't think about it at the moment. These things take time, and it will be several years before IPv6 is widely implemented.

Link to post
lets get back to the topic now.....

will windows xp service pack 2 be ok with mta 0.4?

Yep, fine. It'll pop up asking if you want to allow MTA to access the internet though, like all software firewalls do. And it'll take a long time for IPv6 to get mass support, so I can't see any problems.

Link to post

I feel that some of us must maintain our English language skills considering that most of you are either horrific at spelling or merely lazy and feel that speaking in the tone of a lamer or haxor, whichever you prefer, is "cool". As well, most people don't fully explain their thoughts, thus they are misheard and oftentimes slandered for their beliefs. Anyway, point being; if you don't like my posts then don't read them; I don't tell you how to make a post, so piss off hypocrite.

Ciao,

Kryptos

Link to post
  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...