Seconfig XP
Freeware security configuration utility for Windows.
Seconfig XP Other software Miscellaneous
  • Page visited 1762862 times
  • Downloaded 83289 times
  • Current version 1.1
Page translation
Visitor locations
Other counters
  Search Results  
Background of Seconfig XP
Insecurity of Windows
It is well known that Windows has huge capabilities of accessing files, printers, registry and software components via network. This (so called Microsoft Networks) is widely used on Local Area Network (LAN) infrastructures, however this kind of access can be a great security risk if used by malicious sources (such as worms and hackers on the Internet). For Microsoft Networks over TCP/IP (TCP/IP is protocol suite used by the Internet) mostly are used three Windows components - NetBIOS (running on ports 137-139), SMB (running on port 445) and RPC (running on port 135).
Although on recent versions of Windows (e.g. Windows XP SP2) some Microsoft Networks objects have more restrictive default permissions, the ports are still opened (and Windows components running behind them are still ready to accept communications from the network). There is one more problem with these critical system components - so called buffer overflow exploits (which, if successfully directed at unpatched computer, bypasses any access restrictions and runs any given code on that victim computer). Example of such code is famous Blaster worm.

Firewalls are not enough or not used at all
Often firewalls are rather successfully used to block access to these ports, however firewalls doesn't close them, instead firewalls more or less successfully screen these ports by filtering network traffic at different layers. Sometimes firewalls are not used at all, because seem to be too expensive (financially or consuming too many hardware resources). For example, user behind ISPs NAT firewall will most likely use no other firewall, because feels protected from most attacks and doesn't want to spend time, hardware resources (or even money) on firewall. Additionally there can be technical problems with third party software firewalls (incompatibility with other drivers etc.).
There are two more problems with firewalls. First is that a firewall must be running without interruption all the time critical Windows components run. These components and firewall both are automatically started while loading Windows, but which one first?! Actually this depends on various conditions (firewall used, Windows configuration etc.). And also - what happens if user temporary disables firewall for some reason (or the firewall crashes)? In most cases system is left totally unprotected. The second problem is that the firewall must block all traffic that can be interpreted as communication attempt by those critical Windows components (although this task is relatively good solved by most modern firewalls).

Seconfig XP
In any case (with or without a firewall) configuring critical Windows components (NetBIOS, SMB and RPC) not to accept network connections would highly increase network security. So this task is accomplished by Seconfig XP.
Seconfig XP can configure NetBIOS, SMB and RPC not to use TCP/IP (networking protocol suite used in Internet) as a transport protocol, thus leaving these ports (135, 137-139 and 445) truly closed.
With Seconfig XP is also possible to configure other security related TCP/IP settings and disable some insecure and mostly unneeded Windows components.
Note: Seconfig XP is not a firewall (or replacement of firewalls) - it is a completely different thing.
Share |
© 2006-2012