Windows XP flaw

[[WebCarnage]]

...I clicked the button twice...sorries.

[[WebCarnage]]

Yea...I just heard that in the first three weeks of Windows XP going on sale - an estimated 7 million had already bought it. Now...do you seriosly think that all 7 million will d/l the patch. I honestly doubt it. Which means this exploit will be hanging around here for a while...at least thats my assumption.

And besides...that was only the first three weeks...imagin the millions more buying this OS. ...All I can say is...it sucks to be them.

[P.S. - ...I just remembered...It sucks to be me...on my Sony Vaio laptop...I've gotten Windows XP preinstalled....dammit...well... thanks to: tH3#cL3aN3r for making it easier for me. I'm secure...for now at least. I suspect about a few more exploits to be comming out soon, I mean...this is the normal drill for Window's products...isn't it?]

[hogfly]

with the advent of windows XP....vulnerabilities are going to start popping up like mad.

Windows XP has increased 6 fold in the default installation size, to roughly 1.5 GB's. consider the number of vulns in NT/2000 and multiply them by 6. that will give you a rough estimate of what to expect, not to mention others that are created by modifying the codes from previous versions.
The only reason I am using XP is because I have to support the people that are going to use it.......
I am not surprised that this has happened already, its common for MS products to be the taget of every hacker alive....its the most widely used SW around. every PC ships with MS on it. Every new PC will now ship with XP, and we all know that Microsoft isn't going anywhere soon. You can however choose not to use their products.

If you choose to use it, brace yourselves for multiple Service packs and the mess of patches in between the SP's......and lets not forget the .NET server versions that are on their way....

[-=solarismka=-]

It says that ME is vunrable to this type of attack too. I'm glad that I'm migrating to OpenBSD !!!!

[desolution]

and how can people like us take advantage of this flaw?

[eeshman]

Tedob1 - Good point on the port 5000. I scanned my box two weeks ago and that port came up as open with a "?" where the name of the service should be. I just shut down the port along with a few others that I didn't need.

Which brings me to a good point...if you're going to be a "smart" user, know what your OS does and how to lock it down. Just my 2 cents though.......

-The Eeshman

[Highlander]

You know you can put a Linksys router infront of the machine and only
map the ports you actually need......

[ac1dsp3ctrum]

Im probably gonna get flamed for this, but here it goes anyway. How do you scan/close ports on your computer ?

[eeshman]

ac1dsp3ctrum:

I use a scanner called SuperScan (Windows) and NMAP (Linux). When you scan yourself use the 127.0.0.1 or whataver IP you have assigned to you by your ISP/Broadband provider. When you scan, try to scan all 65,535 ports to see what is listening on your computer and close those ports that are not necessary to be open. You can do this by manually disabling the service or placing a block on a personal firewall. I used the latter method as my firewall is ALWAYS up. Just block all incoming TCP/UDP packets with a destination port of 5000 (or whatever the port in question is) and make this rule always valid. This way nothing can connect to the vulnerable port, thus protecting you system to a degree. I say "to a degree" because someone will always find a way to exploit whatever security measures are out there...just give it some time. At any rate, I hope this helps you out. By the way, both scanners mentioned above are available for free on the net, so with a little searching you should be able to find it.

The Eeshman

[casper3699]

I thought that all of XP was a flaw.