Tue, Aug 17 2004 18:25
XP sp2 - one casualty
I've got my neck crooked in a funny angle with the phone and shoulder rest as I listen to some jazz music. I'm waiting on hold for a XP sp2 support representative because I have one laptop that the network card will not “wake” up and find that it's got a live cable connected to it.
Now I could uninstall SP2 and it would go on and function, but I don't want to. I'm a stubborn female who wants to go forward and make things work and not fall back. Besides I really like the features in XP sp2 especially for laptops. So here I am getting a neck in a funky crook because I want to work though these issues. And by the way THIS IS A FREE CALL. Why? Because the issue is totally due to the install of Server pack 2.
Gavin pinged me the other day if there was a “marketing deck” that showcased the advantages of XP sp2 over Windows 2000. The advantages of XP [any SP] over 98 and ME are pretty obvious....
Let's review them shall we?
98's have no security [oh that reminds me of a newsgroup post I did - I'll copy it here:]
1. When logging on ... hit cancel. You still can get into that
workstation right? Got any sensitive documents on that machine?
2. Lanmanhash. 98 based machines require a lower authentication
protocol to connect to a network. This lower authentication leaves
behind a "hash" of the passwords on a place on the server. Take LC4 or
John the Ripper program and run in on a network that runs 98's and it
can break that hash... less than 7 character password that is a
dictionary word gets broken my lc4 faster than I can find the icon on
3. User mode. XP/2k have three levels of security. User mode, Power
users mode, Local administrator. 98s has one level. Local admin. That
means that your employees can load on that machine ANYTHING they want.
4. Going to Windows 2000/XP is considered by my friends who work in the
defense contractor industry to be a downgrade. Why? Because of 3 above.
5. Services running as different levels. Even in windows 2000 versus
2003 you can see the impact of security.. many of the patches released
today didn't affect Windows 2003, or there is mitigating factors.
6. Hold onto your hats because right around the corner and within 90
days in the OEM channel XP sp2 will be released in August. XP sp2 is
very solid. All of the recent attacks affecting IE ... are all fully
protected in XP sp2. It's almost like a new OS, it's that good.
7. Group policy. Oh man this is where is really gets good. You want
to control the interior firewall on the XP sp2 machines INSIDE your
network, well get ready to. SBS2003 will be getting an update to our
Group policy to adjust so that the firewall is on inside our networks
better protecting us.
8. Group policy. If you have 98's you have no idea of the power you
can from that server. From locking down the screen saver to controlling
what programs are loaded, one of the advantage we SBSers have is we are
already on Active Directory.
9. 98's have no security. That's an oxymoron. It doesn't exist.
10. No blue screens of death. I honestly have never had one, don't
know what they look like on XP
11. System restore, load a driver that would normally BSOD a 98, and
you can easily recover on XP
12. SUS or Shavlik. You can't do a Patch management program on a 98.
You need XP....
How many more do you want?
C S R C - Systems Administration:
See that? You can't do anything like that on 98s.
But what is better in XP SP2 versus 2000? Let's see shall we?
3. Local zone protection [IE is better pretected from malware]
4. Firewall that is there protects it as the tcp/ip stack builds [unlike sp1 the firewall protects 100% of the time that the “network stack” builds
5. “In your face” notification of security issues if antivirus is not up to date, firewall is not on and patching is not set.
6. Pop up toolbar
7. Restriction of Active X
Here's the details here: Changes to Functionality in Microsoft Windows XP Service Pack 2: Part 1: Introduction:
Bottom line KILL OFF THOSE WINDOWS 98'S AND ME MACHINES first and foremost, but consider going “borg“ [as I affectionally call it] by having a full Windows XP firm. My life is easier, my issues are easier to troubleshoot, my body of knowledge is much easier to manage, I'm just an all around happier camper.
Still on hold... I'll post the resolution in another blog post.
[UPDATE] I think having two versions of AOL on this computer “toasted” things. I got a pcmcia based wired ethernet card and it wakes up just fine. I think the AOL messed up the NIC connection. So this weekend I'll mess with some of the registry settings in there and see what I can do.
Filed under: Security