Quantcast
PC World: Technology Advice You Can Trust
Search
Browse by Topic
Subscribe to magazine

Magazine

Subscribe & Get
a Bonus CD

Customer Service

Audio & Video Business Center Cameras Cell Phones & PDAs Desktop PCs Gadgets Gaming HDTV Laptops Macs & iPods Monitors Printers Software Spyware & Security Storage Upgrading Windows Vista & XP
Resource Centers
Asus Notebook Center
Intel Technology Center
CDW Solution Center
Lenovo Laptop Showcase
Try It Free
White Paper Library
Webcast Library
Most Popular Search Terms
Most Popular Products
Most Popular Downloads
Today at PC World
Today @ PC World
News, opinion, and links from the PC World staff.
Recent entries in this blog:
Friday, September 17, 2004 5:34 PM PT Posted by Andrew Brandt

XP SP2 Bug Inadvertently Shares Your PC's Files Online

PC World's counterpart in Germany, PC Welt, published a short story today detailing how Windows XP computers running Service Pack 2 may be inadvertently sharing files on their hard drive with more people than they might like.

PC Welt editors Thorsten Eggeling and Andreas Kroschel discovered that a setting created when you install SP2 slightly changes the way the Windows Firewall--one of the new components installed with SP2--creates so-called exceptions to the firewall. The firewall, under normal circumstances, should block all incoming traffic, but exceptions allow certain programs that need to communicate through the firewall to do so.

In this case, the Windows Firewall creates a default exception for the File and Printer Sharing component of Windows XP. If this service was blocked, and you wanted to share files with others on your local network, for instance, the other people wouldn't be able to connect to your PC. However, Windows mistakenly opens the "exception" gap a bit too widely. (The PC Welt story has the technical explanation of the bug.)

Here's how PC Welt's editors recommend you fix the problem: Open the Windows Firewall control panel applet (click Start, Settings, Control Panel, double click Windows Firewall, then click the Exceptions tab.

If you don't ever need to use File and Printer Sharing, you can clear the checkbox next to that label, and the firewall will block any attempt to connect to your PC.

But if you want to use File Sharing, you need to change some settings. Select the listing for File and Printer Sharing, and click the Edit button. In the "Edit a Service" dialog box that appears, click the button labeled "Change scope."

Typically, if you use a home gateway/router, your home network will use internal IP addresses that start with the numbers 192.168.0.x, 192.168.1.x, or something similar.

Click the "Custom list" radio button and then create an entry for your network. The entry will look like this:

192.168.1.1/255.255.255.0

The first IP address should be your gateway/router's internal IP address (192.168.1.1, in the example above); The second IP address should be "255.255.255.0" (without the quotes).

Click OK on all the dialog boxes, and you should be all right.
Comments

FYI:
The name of the PC Welt editor is NOT "Von" Thorsten Eggeling, same as the writer of the article above did most likely not name him
"Posted by" Andrew Brandt.

Kar98
September 17, 2004
6:55 PM PT

Correction:
The name of the PC Welt editor is NOT "Von" Thorsten Eggeling, same as the writer of the article above is most likely not called
"Posted by" Andrew Brandt

Anonymous
September 17, 2004
6:57 PM PT

Whoops, we fixed the typo.

-=A

Andrew Brandt
September 17, 2004
7:20 PM PT

what about IP address spoofing?
this solution as presented does not protect against a hacker with half a brain.
... half a brain used to google a list of broadband ip blocks and ip spoofing technology.


this article doesn't make much sense.

Any user that has more than one static and/or dynamic IP address from their ISP would most likely have the brains to firewall.

A user that has one IP (dynamic or static) would most likely be using a linksys/ belkin/ netgear etc. router.

This vulnerability only extends to people directly connected to their DSL or Cable modem. Your solution as proposed would only make a difference if port forwarding was enabled or if the vulnerable computer was in a DMZ. Anyways consumer routers are vulnerable to ip address spoofing anyways. So the proposed fix merely deters the average port sniffer. It does not "secure" your windows shares at all.

You should advise people that are connected directly to their cable/xdsl modem to turn off all sharing.

Why? Because the average user that is directly connected to the modem has no lan and does not share in the (non-existent) lan.
... and what if the subnet is 255.0.0.0?

But honestly.
Any article on this topic should end with a link to the free zonealarm. Because (as this article shows) built in windows firewalls suck.

johnny
September 19, 2004
7:58 PM PT

This article makes no sense,
the new XP firewall has different rules for different connections.

If you're running your internal and external lan off the same physical interface you deserve what is comming to you.

ds
September 23, 2004
4:15 PM PT

ds = jackass

random person
November 05, 2004
10:43 AM PT
Post a comment Post a comment
Recent Posts
More Bad News for Blu-Ray
McCain Pushes Fair Use on YouTube
Firefox Update Enters Beta
Googling Is Good For Your Brain
Apple vs. the Economy: Can the New Macs Really Sell?
Motorola, Verizon Deliver ZN4 Touch-Screen: Krave
Pimp Your Flip Mino with Customizable Designs
Archives
View posts from:
 

PC World's Marketplace

PC World's Free Whitepapers

QUICK LINKS: cheap laptops cell phones laser printers HDTV reviews LCD TV Plasmas digital cameras laptop reviews security antivirus windows vista reviews digital camera reviews inexpensive desktop LCD wide screen monitors
tech news tech blogs community & forums laptop prices software reviews downloads
About UsContact UsAdvertiseASME GuidelinesNewslettersFAQIDG InternationalMagazine Customer Service
© 1998-2008, PC World Communications, Inc.Terms of Service AgreementPrivacy PolicyCommunity Standards
RSS FeedsXML

Visit other IDG sites: