January 2006


Options: Use Monospaced Font
Show Text Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Stefanie Ploof <[log in to unmask]>
Reply To:
Technology Discussion at UVM <[log in to unmask]>
Fri, 20 Jan 2006 10:57:30 -0500
TEXT/PLAIN (60 lines)
Phil and Greg -- good morning to you, too. :)  That is why I chose
IT-DISCUSS, where techs can read the info and decide to discuss it or not,
but it's not broadcast-worthy.  It's information for anyone who wants it.

On Fri, 20 Jan 2006, Philip Plourde wrote:

> So this threat is about as dangerous as being connection to a network
> with other computers while having file sharing turned on.
> I love this line in particular:
> "This would allow the two machines to associate together, potentially
> giving the attacker access to files on the victim's PC."
> Associate together?  Is that like having tea?
> This feature, that I believe was deactivated with SP2, is one of the
> first questions we get from people with a new notebook.  They take the
> machine home and find that it won't talk to their home wireless
> gateway/router.  You either have to create a wireless profile for your
> home system and allow it to connect, or you throw the switch back to
> auto connect to any available network.  If you offer the security
> prudent solution and create the profile, your third support call will be
> a few months later with them in their hotel room at some conference and
> their machine will again not connect to the latest wireless network they
> encounter.
> The bottom line is still the same:  If you are not accessing your files
> remotely, leave file sharing blocked by the firewall.  Regardless of
> whether you access files remotely, have good passwords on all accounts
> on the machine, especially Administrator, which should be renamed anyway.
> The vector of attack here is the mere ability to pass IP traffic to your
> machine.  If that worries you, I'd consider one word very carefully:
> CatsPAWS
> Phil.
> Stefanie Ploof wrote:
> > Microsoft has acknowledged a wi-fi security flaw in their operating
> > system, but will not offer a patch until 2007 when Windows XP SP3 is
> > released:
> >
> >
> >,39020375,39247302,00.htm
> >,39020396,39247733,00.htm
> >
> > If you follow the chain of ZDNets you'll see that Vista is taking
> > priority over XP SP3, hence the delay.
> >
> >
> > ----
> > Stefanie Ploof
> > CIT Client Services
> > CALS Information Technology Office
> > University of Vermont, Burlington
> >