> -----Original Message----- > From: Paul Leach [mailto:paulleat_private] > Sent: Thursday, October 29, 1998 1:31 PM > > G. We have always been quite clear that Win95 and Win98 are > not the systems > to use if you are in a hostile security environment. We > recommend Windows NT > for those environments. I guess I thought what the above meant was clear from context, but judged from the volume of mail I got, it wasn't. I apologize for the confusion; here's what I meant to say: First, we absolutely do recognize that the Internet is a hostile environment. Second, that comment was talking about file and printer sharing servers on Win9x, not its use as an Internet client. We do recommend use of Win9x as an Internet client, and we have agressively fixed TCP DoS bugs, Internet Explorer bugs and Outlook Express bugs (among others) that would affect users connected to the Internet, and recommend that anyone connected directly to the Internet with Win9x apply those patches (many of which are already in Win98). A good place to start is http://www.microsoft.com/ie/security. We are committed to continuing to fix any such bugs. It's because we recognize the Internet as hostile that I gave instructions on how to disable file and printer sharing from a dialup Internet connection in item D of the original post. Similar instructions would apply to cable modems and to services other than file/print sharing. In a corporate environment, using a firewall is recommended, so the hostile environment is kept away from Win9x systems (and others!). In the home context, disabling file/print sharing and other services is intended to do the same kind of thing as a firewall -- prevent connections originating from the hostile network from being made to services running on the system. (Don't get me wrong: a firewall does it in a different and usually more flexibile and scalable manner -- I'm _not_ trying to say that Win9x is a firewall.) Paul
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:21:57 PDT