From: "Rich" 

This is a multi-part message in MIME format.

------=_NextPart_000_0810_01C75E4A.E75051A0
Content-Type: text/plain;
        charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

    =
http://www.microsoft.com/technet/prodtechnol/winxppro/maintain/sp2otech.m=
spx#ECJAC
    =
http://www.microsoft.com/technet/security/guidance/serversecurity/tcg/tcg=
ch10n.mspx#ED4AE
    http://support.microsoft.com/kb/555441
    http://blogs.msdn.com/nickmac/archive/2004/09/13/228549.aspx
    http://blogs.msdn.com/paranoidmike/archive/2005/01/24/359390.aspx
    http://blogs.technet.com/eileen_brown/archive/2004/12/03/274539.aspx

  "Hrvoje Mesing"  wrote in message =
news:45eb07a9{at}w3.nls.net...

  C'mon, there is realy no documentation. There are bunch of "white" =
papers=20
  which are not alwasy ebent true about the theme they are describing.

  Clue: StorageDevicePolicies

  Now please find me logical path to this piece of data when you are =
into=20
  securing USB :) You can even try with premier and any other you did =
not=20
  noted.

  I only can say that MS docco. stinks - it is readily available right, =
but it=20
  is full of holes.


  ---
  M.

  "Rich"  wrote in message news:45e9d696{at}w3.nls.net...
     You probably never understood because it isn't true.  Documentation =
is=20
  readily available both in the product and online.  You must live in =
some=20
  other universe if you have not seen MSDN, Technet, the knowlegebase, =
or the=20
  rest of microsoft.com.

  Rich

  "Hrvoje Mesing"  wrote in message=20
  news:45e9a650{at}w3.nls.net...
  LOL!

  "understand what it is you are changing" .. well, taking into account
  Microsoft documentation on any product, it is highly unlikely =
something will
  not be broken.

  I never understood why Microsoft documentation sucks. Why there is no =
decent
  Registry docs., why there are not documents by applications, OS ver.,
  functions, etc.

  Unbelivable ...


  ---
  M.


  "Rich"  wrote in message news:45e4eb2b$1{at}w3.nls.net...
     Now you are trying to read more into what symantec wrote.  If you =
want to
  express your own opinions, go ahead.  I don't see the point as I =
remember
  them.  Don't try to attribute this to others though.

     The best way to change your system config is to first understand =
what it
  is you are changing.  I do not believe you are qualified to recognize =
when
  you have broken something.

  Rich

  "Geo."  wrote in message =
news:45e4e663$1{at}w3.nls.net...
  The first sentence is complete, the second merely gives a few obvious
  examples. While windows may not have the obvious examples it has =
plenty,
  PLENTY of services that are not critical. But lets not get into that
  argument, ftp can be critical to a web server for example so it's =
completely
  subjective as to what is or isn't critical.

  (examples of non-critical the dns client, function discovery, infrared
  monitor, ssdp, etc)

  As for your "breaking the system" comment. The best way to find out if =
a
  service is critical or not is to manually stop it and see if anything
  breaks, if nothing you need breaks then I guess it's not critical huh?

  Geo.

  "Rich"  wrote in message news:45e465c1$1{at}w3.nls.net...
     The three examples are not enabled by default on any Windows client =
OS.
  For Windows Server OS releases I don't believe these three were ever =
enabled
  by default but my memory is fuzzy for Windows 2000.  Windows Server =
2003 did
  not and Windows NT 4.0 and earlier didn't include these features in =
the base
  product.

     What you do is randomly disable services which you don't even =
understand.
  You have broken your system with your flailing.

  Rich

    "Geo."  wrote in message news:45e45c00{at}w3.nls.net...
    Oh and one for Rich:

    Recommendations
    Symantec Security Response encourages all users and administrators =
to
  adhere
    to the following basic security "best practices":

    Turn off and remove unneeded services. By default, many operating =
systems
    install auxiliary services that are not critical, such as an FTP =
server,
    telnet, and a Web server. These services are avenues of attack. If =
they
  are
    removed, blended threats have less avenues of attack and you have =
fewer
    services to maintain through patch updates.

    So remember this Rich when you start complaining about me shutting =
down
  all
    those extra services in Vista...

    Geo.=20


------=_NextPart_000_0810_01C75E4A.E75051A0
Content-Type: text/html;
        charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable








http://www.microsoft.com/technet/prodtechnol/winxppro/maintain/sp=
2otech.mspx#ECJAC">   =20
http://www.microsoft.com/technet/prodtechnol/winxppro/maintain/sp2otech.m=
spx#ECJAC
    http://www.microsoft.com/technet/security/guidance/serversecurity=
/tcg/tcgch10n.mspx#ED4AE">http://www.microsoft.com/technet/security/guida=
nce/serversecurity/tcg/tcgch10n.mspx#ED4AE
    http://support.microsoft" target="new">http://support.microsoft.=">http://support.microsoft.com/kb/555441">http://support.microsoft.=
com/kb/555441
    htt=">http://blogs.msdn.com/nickmac/archive/2004/09/13/228549.aspx">htt=
p://blogs.msdn.com/nickmac/archive/2004/09/13/228549.aspx=
>
    http://blogs.msdn.com/paranoidmike/archive/2005/01/24/359390.aspx=
">http://blogs.msdn.com/paranoidmike/archive/2005/01/24/359390.aspx=
FONT>
    http://blogs.technet.com/eileen_brown/archive/2004/12/03/274539.a=
spx">http://blogs.technet.com/eileen_brown/archive/2004/12/03/274539.aspx=

 

  "Hrvoje Mesing" <Hrvoje.Mesing{at}zg.htnet.hr&g=">mailto:Hrvoje.Mesing{at}zg.htnet.hr">Hrvoje.Mesing{at}zg.htnet.hr&g=
t;=20
  wrote in message news:45eb07a9{at}w3.nls.net...C'mon,=20
  there is realy no documentation. There are bunch of "white" papers =
which=20
  are not alwasy ebent true about the theme they are =
describing.Clue:=20
  StorageDevicePoliciesNow please find me logical path to this =
piece of=20
  data when you are into securing USB :) You can even try with =
premier and=20
  any other you did not noted.I only can say
that MS docco. =
stinks -=20
  it is readily available right, but it is full of=20
 
holes.---M."Rich"
<{at}> wrote in message =
news:45e9d696{at}w3.nls.net...&nbs=
p; =20
  You probably never understood because it isn't true.  =
Documentation is=20
  readily available both in the product and online.  You must =
live in=20
  some other universe if you have not seen MSDN, Technet, the =
knowlegebase,=20
  or the rest of
microsoft.com.Rich"Hrvoje
Mesing" =
<Hrvoje.Mesing{at}zg.htnet.hr&g=">mailto:Hrvoje.Mesing{at}zg.htnet.hr">Hrvoje.Mesing{at}zg.htnet.hr&g=
t;=20
  wrote in message news:45e9a650{at}w3.nls.net...LOL!=
"understand=20
  what it is you are changing" .. well, taking into accountMicrosoft =

  documentation on any product, it is highly unlikely something =
willnot be=20
  broken.I never understood why Microsoft documentation sucks. =
Why there=20
  is no decentRegistry docs., why there are not documents by =
applications,=20
  OS ver.,functions, etc.Unbelivable=20
 
...---M."Rich"
<{at}> wrote in message =
news:45e4eb2b$1{at}w3.nls.net...=
  =20
  Now you are trying to read more into what symantec wrote.  If you =
want=20
  toexpress your own opinions, go ahead.  I don't see the point =
as I=20
  rememberthem.  Don't try to attribute this to others=20
  though.   The best way to change
your system config =
is to=20
  first understand what itis you are changing.  I do not =
believe you=20
  are qualified to recognize whenyou have broken=20
  something.Rich"Geo."
<georger{at}nls.net>">mailto:georger{at}nls.net">georger{at}nls.net>
wrote in =
message news:45e4e663$1{at}w3.nls.net...=
The=20
  first sentence is complete, the second merely gives a few =
obviousexamples.=20
  While windows may not have the obvious examples it has =
plenty,PLENTY of=20
  services that are not critical. But lets not get into =
thatargument, ftp=20
  can be critical to a web server for example so it's =
completelysubjective=20
  as to what is or isn't critical.(examples of non-critical the =
dns=20
  client, function discovery, infraredmonitor, ssdp,
etc)As =
for your=20
  "breaking the system" comment. The best way to find out if =
aservice is=20
  critical or not is to manually stop it and see if anythingbreaks, =
if=20
  nothing you need breaks then I guess it's not critical=20
  huh?Geo."Rich"
<{at}> wrote in message news:45e465c1$1{at}w3.nls.net...=
  =20
  The three examples are not enabled by default on any Windows client =
OS.For=20
  Windows Server OS releases I don't believe these three were ever =
enabledby=20
  default but my memory is fuzzy for Windows 2000.  Windows Server =
2003=20
  didnot and Windows NT 4.0 and earlier didn't include these =
features in the=20
  baseproduct.   What you
do is randomly disable =
services=20
  which you don't even understand.You have broken your system with =
your=20
  flailing.Rich 
"Geo." <geo{at}nls.net>">mailto:geo{at}nls.net">geo{at}nls.net>
wrote in message news:45e45c00{at}w3.nls.net...&nbs=
p; Oh=20
  and one for Rich: 
Recommendations  Symantec =
Security=20
  Response encourages all users and administrators =
toadhere  to the=20
  following basic security "best
practices":  Turn off and =
remove=20
  unneeded services. By default, many operating systems  =
install=20
  auxiliary services that are not critical, such as an FTP =
server, =20
  telnet, and a Web server. These services are avenues of attack. If=20
  theyare  removed, blended threats have less
avenues of =
attack and=20
  you have fewer  services to maintain through patch=20
  updates.  So remember this Rich when you start =
complaining about=20
  me shutting downall  those extra services in=20
  Vista...  Geo.


------=_NextPart_000_0810_01C75E4A.E75051A0--

--- BBBS/NT v4.01 Flag-5