Re: Correction
From: Stephen Harris (Stephen_P_Harris_at_hotmail.com)
Date: 09/16/04
- Next message: Ray Becklwith: "Cannot logon Exchange Messaging"
- Previous message: Stuart Tocher: "Website integration with MSN Messenger"
- In reply to: Old Nick: "Re: Correction"
- Next in thread: Old Nick: "Re: Correction"
- Reply: Old Nick: "Re: Correction"
- Messages sorted by: [ date ] [ thread ]
Date: Thu, 16 Sep 2004 11:34:53 -0700
"Old Nick" <hell@downunder.invalid> wrote in message
news:%23hL9c97mEHA.2764@TK2MSFTNGP11.phx.gbl...
> Stephen,
> What a fuss you are making over physical or electrical disconnection.
That is a lie.
> Nick wrote:
> Shirley,
> "A few days ago I saw a post which suggested physically removing
> (unplugging)
> the connection to the ISP to enable removing QoS."
> Nick
You read that post and misinterpreted it. Ron's postings had
nothing to with physical removal. That was a figment of your
imagination.
> Normally to physically disconnect is just a matter of reaching for the
> connection at the wall, if you disconnect at the wall or click on the
> disconnect icon makes very little difference in effort expended.
> Nick
>
Another ignorant remark. It might be normally true for a router.
But it is not true for a dial-up modem. And a dial-up modem
connection normally produces this error situation not a router.
And a modem is often connected near a desk with the connection on
the floor and the computer sits on top of the desk facing a wall and
often not easily accesible to the modem plug-in in the back of the computer.
A physical disconnection is certainly more difficult for elderly people.
Your narrow interpretation makes me think you are a teenager or at
least have not grown up yet, because you have a teenage mentality.
> "Stephen Harris" <Stephen_P_Harris@hotmail.com> wrote in message
> news:OqMLfk5mEHA.3472@TK2MSFTNGP09.phx.gbl...
>>
>> "Old Nick" <hell@downunder.invalid> wrote in message
>> news:O8pTZt2mEHA.648@tk2msftngp13.phx.gbl...
>>> Stephen,
>>> I have an ADSL connection which polls my computer from time to time,
>>> therefore I physically disconnected the link to conform with Ron's
>>> suggested procedure (disconnecting the connection), anyway I had no
>>> problems when I physically broke the connection. I gave that advice to
>>> Shirley who seemed to be having problems deleting/un-installing her QoS.
>>
>> I did not say that you could not break the connection your way.
>> But I did say it was the wrong way and the wrong advice to give.
>> A router can be disabled by a mouse click near its status option or
>> by disabling the nic card will break the connection and enabled simply.
>>
>> You quoted some posts made by Ron. He was using dial-up and
>> he broke his connection (which he never had to make) by clicking
>> on the ATT dial-up screen which has connect --- disconnect options.
>> Then he entered properties from that screen and proceeded to disable QoS.
>>
>> The option to untick QoS is when using dial-up like Ron, is not
>> available.
>> After you disable the dial-up internet the internet connection you have
>> to
>> uninstall QoS not untick it.
>>
>> Shirley may have a router, but a dial-up modem shows up in Network
>> Connections, and you can use Properties / Networking to get to QoS.
>> So you don't know if she has a router or a dial-up from what she wrote.
>>
>> You gave the wrong instructions for a dial-up, because they give the
>> impression you have to unplug the telephone cord or open the computer
>> case and remove the internal modem. That is what physical means.
>> This is inefficient when you have the option of doing this by mouse. I
>> don't
>> have to be a Know It All to know what the word disconnect means or
>> realize that advice for dial-up does not fit dsl well. You used your
>> imagination
>> to substitute for your limited knowledge which you brashly supposed was
>> adequate.
>>
>> You were clueless about those conditions when you dispensed advice:
>>
>> Nick wrote:
>> Shirley,
>> "A few days ago I saw a post which suggested physically removing
>> (unplugging)
>> the connection to the ISP to enable removing QoS."
>> Nick
>>
>> No post said anything like what your reading comprehension has conjured
>> up.
>> Jonathan Kay gives advice that works on a router. That is because most
>> routers do not have the Qos option greyed out, you can untick them, and
>> you
>> can untick them or uninstall them while you are connected to the
>> internet.
>>
>>> Reference Shirley's quote
>>> "I followed the instructions and got to the point of where
>>> I was attempting to uncheck the Qos Packet and the only
>>> options are to uninstall/install...even though it has a
>>> check tick in it I cannot get the tick to come out. Is
>>> it safe to uninstall Qos Packet or is it a necessary part
>>> of the msn service?????"
>>>
>>
>>> As you have mentioned another post, ref.
>>> http://www.mvps.org/sramesh2k/Popups.htm, if SP.2 supersedes this
>>> document the it should be amended. Again I was only quoting from an
>>> authorised MS Document. You say that "Windows Firewall automatically
>>> installed which disables the questioned ports unless the user intervenes
>>> and allows the ports". I cannot find it documented anywhere that UDP
>>> ports 135, 137, and 138; TCP ports 135, 139, and 445 137 are blocked by
>>> Sp.2. As you appear to KNOW IT ALL perhaps you can enlighten me on
>>> where this information is located?
>>>
>>> Nick
>>
>> You know it took me awhile to figure out what you meant, what
>> you interpreted this portion of my post to mean. Why would you think
>> that you would find this documented? SP2 Windows Firewalls block
>> almost all ports except those required by the OS and not singled out
>> by installing software that requires unique ports like a lot of games.
>>
>>>> What you stated was bluntly wrong, and striker just decided not to go
>>>> into detail.
>>
>> That means the advice you passed on about physically disconnecting
>> your internet connection device (router or dial-up modem) was wretched.
>>
>> Striker's fault, if you want to call it that, was according to you
>> "I just feel that you should have been a little more enlightening to the
>> OP."
>>
>> SH: The enlightenment contained in your advice will have you
>> reincarnating
>> as a troglodyte. IOW, you missed the cosmic mark on a much grander scale
>> than your guru striker.
>>
>>>> Win xp SP2 comes with messenger service disabled and Windows Firewall
>>>> automatically installed which disables the questioned ports unless the
>>>> user
>>>> intervenes and allows the ports. That is a choice, not automatically a
>>>> bad decision.
>>>> Whereas using some method other than mouse clicks such as physical
>>>> removal
>>>> of internal modem or unplugging the telephone to disconnect from the
>>>> internet is a
>>>> bad decision.
>>
>> Nick wrote:
>>> I cannot find it documented anywhere that UDP ports 135, 137, and 138;
>>> TCP ports 135, 139, and 445 137 are blocked by Sp.2. As you appear to
>>> KNOW IT ALL perhaps you can enlighten me on where this information is
>>> located?
>>
>> This question is poorly framed. A better question is what ports does
>> SP2 block automatically and which does it open. Can you allow or
>> disallow each and every port with Windows Firewall?
>>
>> Group Policy Settings Reference for Windows XP Professional Service Pack
>> 2
>> http://www.microsoft.com/downloads/details.aspx?familyid=ef3a35c0-19b9-4acc-b5be-9b7dab13108e&displaylang=en
>> "If you disable or do not configure {see further down page for url}
>> this policy setting, Windows Firewall does not open TCP port 135 or
>> 445. Also, Windows Firewall prevents SVCHOST.EXE and LSASS.EXE from
>> receiving unsolicited incoming messages, and prevents hosted
>> services from opening additional dynamically-assigned ports."
>> _______________________________________________________
>>
>> Hi Andy,
>>
>> The Windows XP firewall (current and SP2) handle inbound connections
>> only -- outgoing connections are not blocked.
>>
>> I'm not 100% sure what you mean here, so I'll simply explain how the
>> current firewall does it and then how the SP2 firewall can.
>>
>> Current Firewall:
>> 1. Either side of a conversation initiates an Audio conversation and
>> accepts it
>> 2. Messenger sends API call to firewall to open necessary port for audio
>> conversation
>> 3. Messenger sends information on current IP and audio port to connect
>> to the other contact
>> 4. Incoming connection from contact to the specified port
>> 5. After conversation is complete, API call to remove the open port
>>
>> and we're done. Also keep in mind that Windows Messenger will also open
>> some ports when it starts (MSN Messenger does not).
>>
>> The SP2 firewall is basically the same, with the exception that the SP2
>> firewall will allow you to unblock all inbound to Messenger, therefore
>> not requiring the individual ports to be opened.
>> ____________________________________________
>> Jonathan Kay
>> Microsoft MVP - Windows Messenger/MSN Messenger
>> Associate Expert
>>
>> Mark Olbert wrote:
>>
>>> I cannot connect WMI Control to a remote SP2 machine (on the same
>>> subnet). I've checked to ensure the correct TCP port is open as
>>> per the KB article I found -- it is -- but still no joy.
>>>
>>> Is there anyway to use WMI against a remote XP SP2 machine now,
>>> or has MS blocked that forever?
>>
>> torgeir, wrote: Hi
>>
>> WMI (or more correctly RPC/DCOM) uses TCP ports 135 and 445 as well
>> as dynamically-assigned ports above 1024.
>>
>> To handle this, you need to enable "Allow remote administration
>> exception" for the firewall.
>>
>> This can be done with gpedit.msc for a local computer, or push it out
>> with a AD GPO if possible. You can also use the command line tool
>> netsh.exe to do this, see further down for how.
>>
>> Group Policy Settings Reference for Windows XP Professional Service Pack
>> 2
>> http://www.microsoft.com/downloads/details.aspx?familyid=ef3a35c0-19b9-4acc-b5be-9b7dab13108e&displaylang=en
>>
>> <quote>
>> Administrative Templates\Network\Network Connections\Windows
>> Firewall\<some> Profile
>> Windows Firewall: Allow remote administration exception
>>
>> "Allows remote administration of this computer using administrative
>> tools such as the Microsoft Management Console (MMC) and Windows
>> Management Instrumentation (WMI). To do this, Windows Firewall opens
>> TCP ports 135 and 445. Services typically use these ports to
>> communicate using remote procedure calls (RPC) and Distributed
>> Component Object Model (DCOM). This policy setting also allows
>> SVCHOST.EXE and LSASS.EXE to receive unsolicited incoming messages
>> and allows hosted services to open additional dynamically-assigned
>> ports, typically in the range of 1024 to 1034. If you enable this
>> policy setting, Windows Firewall allows the computer to receive the
>> unsolicited incoming messages associated with remote administration.
>> You must specify the IP addresses or subnets from which these
>> incoming messages are allowed. If you disable or do not configure
>> this policy setting, Windows Firewall does not open TCP port 135 or
>> 445. Also, Windows Firewall prevents SVCHOST.EXE and LSASS.EXE from
>> receiving unsolicited incoming messages, and prevents hosted
>> services from opening additional dynamically-assigned ports. Because
>> disabling this policy setting does not block TCP port 445, it does
>> not conflict with the Windows Firewall: Allow file and printer
>> sharing exception policy setting. Note: Malicious users often
>> attempt to attack networks and computers using RPC and DCOM. We
>> recommend that you contact the manufacturers of your critical
>> programs to determine if they are hosted by SVCHOST.exe or LSASS.exe
>> or if they require RPC and DCOM communication. If they do not, then
>> do not enable this policy setting. Note: If any policy setting
>> opens TCP port 445, Windows Firewall allows inbound ICMP echo
>> request messages (the message sent by the Ping utility), even if the
>> Windows Firewall: Allow ICMP exceptions policy setting would block
>> them. Policy settings that can open TCP port 445 include Windows
>> Firewall: Allow file and printer sharing exception, Windows Firewall:
>> Allow remote administration exception, and Windows Firewall: Define
>> port exceptions.
>>
>> WF_XPSP2.doc "Deploying Windows Firewall Settings for Microsoft
>> Windows XP with Service Pack 2" is downloadable from
>> http://www.microsoft.com/downloads/details.aspx?familyid=4454e0e1-61fa-447a-bdcd-499f73a637d1
>>
>> --
>> torgeir, Microsoft MVP Scripting and WMI, Porsgrunn Norway
>> Administration scripting examples and an ONLINE version of
>> the 1328 page Scripting Guide:
>> http://www.microsoft.com/technet/scriptcenter/default.mspx
>>
>> Nick wrote:
>>> As you have mentioned another post, ref.
>>> http://www.mvps.org/sramesh2k/Popups.htm, if SP.2 supersedes this
>>> document the it should be amended.
>>
>> SH: IMO, supersedes means to replace and such things should be understood
>> in terms of practical reality. Microsoft cannot rewrite hundreds of
>> thousands
>> of pages of documentation in a few weeks, if they choose to do so at all.
>>
>> Your research is also sloppy and second-rate. Your other post
>> makes no sense to me. This is all the free time you get from me.
>> It case you think I insulted you by calling you stupid, I didn't mean
>> it that way. I meant it as a technical description.
>>
>> Sincerely,
>> Stephen
>>
>>
>>
>
>
- Next message: Ray Becklwith: "Cannot logon Exchange Messaging"
- Previous message: Stuart Tocher: "Website integration with MSN Messenger"
- In reply to: Old Nick: "Re: Correction"
- Next in thread: Old Nick: "Re: Correction"
- Reply: Old Nick: "Re: Correction"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
|
