Re: How to Disable Microsoft Networking Port Listeners?
From: CHANGE USERNAME TO westes (DELETE_westes_at_earthbroadcast.com)
Date: 10/25/04
- Next message: Phillip Windell: "Re: How to Disable Microsoft Networking Port Listeners?"
- Previous message: Rob: "replication question"
- In reply to: Phillip Windell: "Re: How to Disable Microsoft Networking Port Listeners?"
- Next in thread: Phillip Windell: "Re: How to Disable Microsoft Networking Port Listeners?"
- Reply: Phillip Windell: "Re: How to Disable Microsoft Networking Port Listeners?"
- Messages sorted by: [ date ] [ thread ]
Date: Mon, 25 Oct 2004 12:09:48 -0700
If I were dealing with something simple, that could be understood, then I
would take your perspective. But Windows 2000 is a set of hackishly
interelated black boxes, most of which don't work well, and most of which
have tons of undefined behaviors that hackers exploit. You say don't
fight ghosts, but after 20 years of dealing with this stuff, I am starting
to feel that there are as many ghosts as there are real things. If
netstat -a shows active listeners on some undefined interface(s), that means
the code is active somewhere. I would sleep better knowing that
Microsoft's networking code wasn't running at all.
As far as business success, that reminds me of an experience. I remember
walking into a famous company whose first letters of the first two words in
their name are HP (draw your own conclusions about the name :). When the
project lead went to get us a file on their network, I was shocked beyond
words. Hundreds of computers in totally disorganized loose collections,
with no standards for naming, or security. When we attached our notebook,
we were instantly attacked by viruses all over this network.
The reason MS succeeded in ignoring security until just the last few years
is that it was selling to a vast ocean of companies that were simply unaware
about, or didn't care, about safe computing. I have walked into way too
many companies whose networks were being hacked blind, who simply didn't
care. What they could not see with their eyes did not exist. I won't
judge what is secure by who survives in the market. I think Microsoft's
survival in the market has a lot more to do with extremely perceptive
pricing decisions, and by the way they used pricing to effectively put every
other commercial DOS clone out of business in the 1980s.
-- Will westes AT earthbroadcast.com "Phillip Windell" <@.> wrote in message news:OvxkyBsuEHA.2136@TK2MSFTNGP15.phx.gbl... > I never heard of removing it. Disabling them is the right thing to do,..as > I believe you have done. It is unrealistic to expect them to vanish from > Netstat because there are multiple "interfaces" on a machine even if there > is only one NIC,...remember there is always the 127.0.0.1 (localhost) and if > there is a Firewire interface (many are built into the MB now) it will also > act as an active interface. I don't believe that "Netstat -a" indicates > which specific interface something is listening on,...it is just going to > list what is listening at all anywhere as far as I know. > > You have to keep the right perspective and not chase after ghosts. If > something is not "bound" to a particular interface then it is not going to > be available to that interface no matter where ever else it is "listening". > If that isn't the case, there is no point to the "binding" in the first > place and an OS that is that "sloppy" would have it's poor condition shouted > from the mountaintops, everyone in the business would know about it, and it > would have never survived in the market. > > -- > > Phillip Windell [MCP, MVP, CCNA] > www.wandtv.com > > > "CHANGE USERNAME TO westes" <DELETE_westes@earthbroadcast.com> wrote in > message news:OMYH4truEHA.684@TK2MSFTNGP10.phx.gbl... > > If you open Control Panel | Add Remove a Program | Windows Components, > there > > is no option to install or not install "MS Networks Service" under Windows > > 2000. > > > > What are you referring to? Can you be explicit about which Windows 2000 > > applications to open and when menus and dialogs to select? > > > > -- > > Will > > westes AT earthbroadcast.com > > > > > > "A P" <ap@textguru.ph> wrote in message > > news:OjjTivkuEHA.4028@TK2MSFTNGP15.phx.gbl... > > > Do not install MS Networks Service. And disable some of the services. > > under > > > Administrative Tools. > > > > > > "CHANGE USERNAME TO westes" <DELETE_westes@earthbroadcast.com> wrote in > > > message news:u45$1UfuEHA.684@TK2MSFTNGP10.phx.gbl... > > > > On a machine that must be directly on the Internet (it is acting jus t > as > > a > > > > sniffer), I have disabled Microsoft client and server, and just about > > > every > > > > service that wasn't critical for system function. When I do a > > netstat -a > > > > command, I still see the following services: > > > > > > > > TCP EPMAP > > > > TCP MICROSOFT-DS > > > > TCP 1025 > > > > TCP NETBIOS-SSN > > > > UDP MICROSOFT-DS > > > > UDP 1026 > > > > UDP NETBIOS-NS > > > > UDP NETBIOS-DGM > > > > UDP ISAKMP > > > > > > > > I don't want all of these Microsoft domain and NETBIOS listeners > running > > > on > > > > this machine. Even though in theory they are set off, the fact that > > > there > > > > are listeners still means there is a code path inside of code that is > > > > notoriously buggy and ridden with back doors that hackers can exploit. > > > Is > > > > there any way to make the machine safe? > > > > > > > > Yes I can use a firewall or packet filters if necessary, but I prefer > to > > > > just turn off all of the options on the machine before I start to look > > at > > > > firewalls. > > > > > > > > -- > > > > Will > > > > westes AT earthbroadcast.com > > > > > > > > > > > > > > > > > > > >
- Next message: Phillip Windell: "Re: How to Disable Microsoft Networking Port Listeners?"
- Previous message: Rob: "replication question"
- In reply to: Phillip Windell: "Re: How to Disable Microsoft Networking Port Listeners?"
- Next in thread: Phillip Windell: "Re: How to Disable Microsoft Networking Port Listeners?"
- Reply: Phillip Windell: "Re: How to Disable Microsoft Networking Port Listeners?"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
