08-09-2004, 07:00 PM
|
|
Contributing Editor Emeritus
Join Date: Aug 2006
Posts: 8,228
|
|
Service Pack 2 For Windows XP Coming To A PC Near You
The long awaited Service Pack 2 for Windows XP will be on your XP based PC soon. Beta testers and subscribers to MSDN may already have it. Microsoft will put it on the Windows Update site and push it out via Automatic Updates in the coming days and weeks.
I mainly wanted to alert you to a few changes in SP2 that will apply to mobile device users that use ActiveSync. By default, XP now enables the "Windows Firewall" which replaces the anemic "Internet Connection Firewall" that came with XP in 2001. You will need to create two exceptions in the new Windows Firewall for ActiveSync, but XP should help you do this with relative ease.
After your initial boot after SP2 has installed, a 24 minute install process on my 1.2GHz laptop and a nearly 5 minute boot as the install finished up, you'll be welcomed with the following dialog box:
Figure 1: Tell XP to unblock the Connection Manager, which is an ActiveSync component.
When you initially dock your Pocket PC, you will then be welcomed by the dialog box in figure 2:
Figure 2: Tell XP to unblock ActiveSync itself.
If, for some reason, the new Windows Firewall doesn't prompt you, you can manually create exceptions by going into the XP control panel, select the Windows Firewall, select the Exceptions tab and select the following two applications:
Connection Manager: C:\Program Files\Microsoft ActiveSync\wcescomm.exe
ActiveSync: C:\Program Files\Microsoft ActiveSync\WCESMgr.exe
Unless you really know what you are doing, you should enable the new Windows Firewall. It doesn't block file and printer sharing on local networks like many of us have at home like its predecessor did, and it is much more user friendly when it comes to blocking/unblocking and setting up exceptions. Even though I am behind a NAT router at home and have IP addresses that aren't accessible from the outside, I have chosen to enable the Windows Firewall as an extra measure of protection, something I didn't do with the old Internet Connection Firewall because of the problems it caused.
|
| |
|
|
|
08-09-2004, 07:08 PM
|
|
Ponderer
Join Date: Mar 2004
Posts: 65
|
|
How will this new firewall interact with the one I am already running (Symantic). Should only one? Both be enabled?
Will they interfere with one another? :?:
|
| |
|
|
|
08-09-2004, 07:16 PM
|
|
Philosopher
Join Date: Sep 2006
Posts: 533
|
|
Please don't flame me.
One thing I appreciated about the current (soon to be replaced) Windows XP firewall WAS its simplicity. It blocked unsolcitied traffic, period. Yes, it should have been activated by default, and yes it should have trusted file / printer shares on local networks, but other than that it was good.
One thing I personally HATE about third party software firewalls is every 24.8 seconds they're informing you some process on your machine is doing something and asking if it should be allowed. True, that's great if you've got a virus or trojan installed, but a Firewall should NOT be an anti-virus program (anti-virus programs should do that).
Obviously, most everyone else AND Microsoft disagree with me, becuase it looks like I'll have to approve every service running on my machine after I install SP2. DRAT.
Granted, I haven't actually used SP2's new firewall as I didn't beta test and am not an MSDN subscriber, so I can't get it yet. So, perhaps my opinion will change, but your (helpful) post is scaring me.
|
| |
|
|
|
08-09-2004, 07:20 PM
|
|
5000+ Posts? I Should OWN This Site!
Join Date: Jul 2003
Posts: 5,133
|
|
Yay! I never liked that I had to mess with my XP firewall settings when trying to print TO a network printer. I can understand needing to specify exceptions on the computer HOSTING the printer. But *accessing* the printer?
Hooray. 
|
| |
|
|
|
08-09-2004, 07:22 PM
|
|
Philosopher
Join Date: Sep 2006
Posts: 533
|
|
Quote:
|
Originally Posted by Kati Compton
Yay! I never liked that I had to mess with my XP firewall settings when trying to print TO a network printer. I can understand needing to specify exceptions on the computer HOSTING the printer. But *accessing* the printer?
Hooray. |
Printing TO a network printer is solicited traffic....it should have been allowed back in through the "old" firewall if needed. Or perhaps I'm seriously confused :?
|
| |
|
|
|
08-09-2004, 07:29 PM
|
|
5000+ Posts? I Should OWN This Site!
Join Date: Jul 2003
Posts: 5,133
|
|
Quote:
|
Originally Posted by brianchris
Printing TO a network printer is solicited traffic....it should have been allowed back in through the "old" firewall if needed. Or perhaps I'm seriously confused :?
|
If you're using the Windows network, you cannot. Because you can't really "get onto" that network if you have the firewall up. Using actual "Network" printing where there's an IP? Yes. But not the simple file-sharing printer-sharing that Windows likes you to do normally.
|
| |
|
|
|
08-09-2004, 07:32 PM
|
|
Philosopher
Join Date: Apr 2004
Posts: 545
|
|
Quote:
|
Originally Posted by brianchris
Please don't flame me.
One thing I appreciated about the current (soon to be replaced) Windows XP firewall WAS its simplicity. It blocked unsolcitied traffic, period. Yes, it should have been activated by default, and yes it should have trusted file / printer shares on local networks, but other than that it was good.
One thing I personally HATE about third party software firewalls is every 24.8 seconds they're informing you some process on your machine is doing something and asking if it should be allowed. True, that's great if you've got a virus or trojan installed, but a Firewall should NOT be an anti-virus program (anti-virus programs should do that).
Obviously, most everyone else AND Microsoft disagree with me, becuase it looks like I'll have to approve every service running on my machine after I install SP2. DRAT.
Granted, I haven't actually used SP2's new firewall as I didn't beta test and am not an MSDN subscriber, so I can't get it yet. So, perhaps my opinion will change, but your (helpful) post is scaring me.
|
Trust me this is a good thing....BUT.....
I think that McAfee, Symantec and other firewalls need to let you be able to configure the ports that you have open manually and watchout for programs that try to access open ports (like say something other then a web browser accessing port 80). Also, for god's sakes, detect when upgrades happen and use the same settings. Also, the security needs tweaked a hari where you MUST login and you MUST provide a password to install things even if you are an admin user. Mac OS X is like this at least on the install part. But I feel for you having to answer the danged message every 5 minutes for a while especially if it's the same program or a related program.
|
| |
|
|
|
08-09-2004, 07:37 PM
|
|
Pontificator
Join Date: Dec 2005
Posts: 1,183
|
|
Quote:
|
Originally Posted by brianchris
One thing I appreciated about the current (soon to be replaced) Windows XP firewall WAS its simplicity. It blocked unsolcitied traffic, period. Yes, it should have been activated by default, and yes it should have trusted file / printer shares on local networks, but other than that it was good.
One thing I personally HATE about third party software firewalls is every 24.8 seconds they're informing you some process on your machine is doing something and asking if it should be allowed. True, that's great if you've got a virus or trojan installed, but a Firewall should NOT be an anti-virus program (anti-virus programs should do that).
Obviously, most everyone else AND Microsoft disagree with me, becuase it looks like I'll have to approve every service running on my machine after I install SP2. DRAT.
|
The final release candidate has been in public beta for several weeks, and I installed it as soon as I discovered it. The firewall is not so bad as you make out ... but sure you will have to explicitly approve things. Which makes sense. It means you can prevent things like Solitaire and MineSweeper (!!!!!) connecting to the internet if you don't want them to.
You are not supposed to run the new firewall in conjunction with another, but I have been doing so without any apparent issues. To be honest, though, I installed the free 12 month 'trial' of EZ Firewall and EZ AntiVirus 'suggested' by the security panel. Both seem to work really well, and after a couple of days there were few Firewall prompts. You can also switch off notification of intrusin attempts btw.
Steve
|
| |
|
|
|
08-09-2004, 07:37 PM
|
|
Executive Editor
Join Date: Aug 2006
Posts: 29,160
|
|
Quote:
|
Originally Posted by brianchris
One thing I personally HATE about third party software firewalls is every 24.8 seconds they're informing you some process on your machine is doing something and asking if it should be allowed. True, that's great if you've got a virus or trojan installed, but a Firewall should NOT be an anti-virus program (anti-virus programs should do that).
|
I couldn't disagree more. :-) Outbound port connections are important to keep track of, because it's the first sign that you might have spyware on your computer. In every instance I've seen, and I trust the new XP firewall is the same way, you only have to approve each service ONCE. That's it - so the first few minutes might be irritating, but beyond that you won't see the firewall warning come up unless there's a new program that's asking to access the Internet. Knowledge is power, and knowing when certain programs access the Internet is an important thing I believe. :-)
Anti-virus programs catch viruses, not spyware/malware/dialers that do crazy things with your computer. I for one applaud this new direction from Microsoft with their Firewall. I hope it's better at allowing local computers on the same subnet to see each other though - I had huge problems with that with the 1.0 version of the firewall.
|
| |
|
|
|
08-09-2004, 07:44 PM
|
|
Thinker
Join Date: Aug 2006
Posts: 368
|
|
I'm actually pretty happy when my Sygate firewall asking every so often. I understand it can be annoying, but I feel protected and I like the fact that I can examine network traffic I've never authorized before. Also the frequency of firewall interuption drops down quite a bit as I train it. The first couple days after the installation are the busiest time for me and the firewall software, but after that I am rarely asked for authorization.
|
| |
|
|
|
|
|
Linear Mode
