I just DL'ed SP2 plz pray for me lol... i will keep you posted on how it goes, i will prolly be back on here posting a problem soon lol.
Printable View
I just DL'ed SP2 plz pray for me lol... i will keep you posted on how it goes, i will prolly be back on here posting a problem soon lol.
Ok.... It was a pretty silly post.... But I'll bite.... I'm like that.... and my sweetie still luvs me.... ahhhhhh.... so sweet.... ;)
It seems to me that the major point of SP2 is to increase your security..... Ok, I'm all for that.... But why would you want to upgrade if you are happy with your security and know that it might break some of those nice little "security" tools we both use?
This laptop will not be getting SP2 unless the fixes to the programs I like to use from it are available or, the SP is altered to allow them to work.... which I don't see happening... ;)
"Upgrades" aren't madatory..... while many may feel that having the sleekest new car or the most up to date OS is "where it's at" in some cases it might not be the best place to be... Having said that, I enforced the update to SP2 on my XP clients and I'll deal with the issues, one of which seems to be that having ZoneAlarm running after the upgrade has foxxed a laptop after the upgrade until the ICF was disabled.... Oh well, 5 minutes of my time to put it back to rights with the trusted networks still intact and the other networks that the laptops have to connect to being protected from..... I can live with that.
Your thoughts?
Becase SP2 isn't just increased security, it's affecting levels of security that we can't alter, literally. New Kernel level protection against buffer overflows. New Memory security handling and checking. Multiple support to work together with different processor chips for increased buffer overflow prevention and protection. It is to windows what SELinux (http://www.nsa.gov/selinux/index.cfm) and Grsecurity (http://www.grsecurity.net/) is to Linux. Recompiled common libraries and binaries to take more advantage of newer processor features and thus a slight increase in preformance.
Sure sure, we can still have our own firewalls and virus scanners, as well as a secure browser. But there are core features in any OS that are beyond our control (unless open source and we modify it personally) that require updates and fixes to secure things in a way that we can not under any circumstances prevent or modify manually.
The ICF and bug fixes are only a small peice of what SP2 accomplishes.
edit: Might as well toss these in too. Here are the list of security updates and OS level fixes, which you can see is EXTENSIVE:
http://support.microsoft.com/default...5bLN%5d;811113
http://www.microsoft.com/technet/sec...ews/xpsp2.mspx
I've had sp2 installed on my laptop since the RTM version was released. Really, I've not had any problems that I couldn't quickly work out. I'd say the most important thing is to check for updates to all your system utility programs (AV, firewall) before installing. I knew that NAV would have problems, so I used liveupdate to update the core program. Also, my version of ZA pro wasn't compatible with microsoft's "security center" so windows always wanted to bitch at me for not having a firewall (I turned off the windows firewall). I went ahead and updated to 5.1.11 and I've had no problems. I have the security center disabled now (it's a service) because I just don't need it taking up cycles.
I must say, I highly dislike the new windows firewall. There is no program control, so if I got infected by a worm, there would be no way for me to stop it from getting out to other computers. Also, if somehow a trojan got in, it would be able to open a door without me knowing. Also, why would the windows help center need to access the internet? Or windows explorer? So that's why I use ZA.
I've also read that nmap and other network tools no longer work, but I've not tried to use any of them since the update.
Really, I've not used any of the new updates (AFAIK). I've turned off my WAP so I've not played with the new wireless wizard. Also, I use Firefox so I've not used the new version of IE.
In summary, check for updates, be ready to play around with stuff for 15 mins, and watch for bigger problems down the road.
Help Center to access online knowledge bases when you do a search. Windows explorer because you can technically use it to browse web sites, or FTP sites.Quote:
Also, why would the windows help center need to access the internet? Or windows explorer?
There's an updated version of nmap available which bypasses the problem (I don't have a link for it handy, though. Just search and you should be able to find it). Most others just have problems with the firewall. Disable the Windows firewall and you're set.Quote:
I've also read that nmap and other network tools no longer work
AJ
I got SP2 because i knew that i will prolly be safer with it than without it. now i know that is a micro$oft saying but still i think its better to have it than not too.
good luck, you damn well will need it
And don't bother telling us when you have it installed, we will notice when you have stopped posting
sp2 limits the amount of outbound uncompleted tcp connections. This effectively kills most port scanners, including old nmap and most p2p applications.
just coz your expecting problems here is the microsoft uninstall guide :)
http://support.microsoft.com/default.aspx?kbid=875350
Here is how to solve that:Quote:
sp2 limits the amount of outbound uncompleted tcp connections. This effectively kills most port scanners, including old nmap and most p2p applications.
1. Download the file I've provided below and extract it to C:\
2. Reboot into safemode
3. Open up a command line console and navigate to C:\
4. Run: EvID4226Patch.exe /L
5. When it asks for how many connections you want to allow, set it to: 16777214
(note: Before SP2, maximum connections were unlimited, so that setting (the max) should work just fine)
6. Confirm that you want to apply the patch.
7. Reboot.
I've tested it and it seems to do the job, as well as having been tested for viruses, spyware, and other possible exploits. Enjoy!
hey cytex thanx for the uninstall guide, i didnt think about that... well yall have a good one
Hmm...Well, I'm running SP2 on my home computer and haven't had any problems with it, though I don't do any port scanning from that machine. And I installed in right after it came out for testing (I know, probably not the brightest idea in the world). So far, so good!
<edit> Correction, I have had one problem -- CD-RW drive stopped working and computer locks up when I run Ahead Nero...I'm thinking a corrupted driver maybe? I don't think it has anything to do with SP2, but given the timing I guess it's a possibility...hmm...I'll have to research that.
pooh sun tzu > The patch that you suggest merely changes the maximum limit of outbound uncompleted tcp connections. It does not remove this limit, only changes it. While I can believe the code is free from spyware and malware, I would still have a very hard time getting myself to install and run 3rd party unsigned code on any of my production servers, at home or work.
However, since I have free time and test beds to experiment on, I did try the file that you posted. It appears to only modifiy winnt\system32\drivers\TCPIP.sys. By default, SP2 limits the amount of outbound connections per second to 10. The program you posted can be ran with a parameter of /L=# where # will be the new number of connections per second.
So you can use a 3rd party program written by some kid to modify a system file to hopefully prevent windows from stopping your amount of outbound traffic.
Other note as well, like I said before, this still does not 'uncap' the limit, just changes it. Even after setting it to 16,777,214 connections per second, I was still able to get event log to generate ID 4226 errors. 4226 is the new error code that is issued whenever windows reaches the set limit of outbound uncompleted tcp conncetions, and blocks further ones.
Quote:
The patch that you suggest merely changes the maximum limit of outbound uncompleted tcp connections. It does not remove this limit, only changes it.
Correct. However, 1677214 WAS the limit cap for preSP2 on 2k and XP SP1. While it was called uncapped, the actual number was 1677214 because of how insanely high it is. That setting is no different than Pre SP1Quote:
Other note as well, like I said before, this still does not 'uncap' the limit, just changes it.
Then you need to make sure the settings held by running it again to verify (not reset, just run) the amount of allowed connections. I don't have any errors being logged even with trillian, firefox, bittorrent (hosting sp2), and music streaming. I don't know why you are getting errors, but it isn't par and may be your settings. Like I said. Rerun the executable and see if your configuration settings held. This means run it without the /L. Windows tries to replace this file if you are not running it in safe mode, so make sure you did it in safe mode as well.Quote:
Even after setting it to 16,777,214 connections per second, I was still able to get event log to generate ID 4226 errors. 4226 is the new error code that is issued whenever windows reaches the set limit of outbound uncompleted tcp conncetions, and blocks further ones.
Correct. Because that is the only file in the entire OS that controls the rates/limits on tcp/ip connections. There wouldn't be a reason to modify anything else since nothing else touches it.Quote:
It appears to only modifiy winnt\system32\drivers\TCPIP.sys
Careful there. You trust nmap don't you? And that wasn't started by a 31337 company.Quote:
So you can use a 3rd party program written by some kid
I have 3 computers I have to connect a keyboard/mouse/monitor up to do
the SP update.... It does lock down the firewall so the non-MS software I use to
admin these computer will break until I add the firewall rule in manually...
But so far I have had no major glitches in in my other updaes so far other
than it takes 1-2 hrs for a computer to run its full course in updating XP
To bad MS canot make an update that takes longer to install tan the orginal
install of XP
Does anyone have the link for a list of the software affected by sp2?
AngelicKnight: Yes, there is a compatibility issue with Nero. I installed Nero Express 6.x after updating XP and it actually pulled up and told me that there was an issue with SP2. You can get a patch from http://www.nero.com/us/updates.html which fixes that up.
There ya go the duck
http://support.microsoft.com/default.aspx?kbid=842242