Section H.5. Key Features in Service Pack 2


H.5. Key Features in Service Pack 2

Released in August 2004, Service Pack 2 is a much bigger release than SP1 and almost entirely devoted to online security. As a result, there are several new tools to use, as well as several major changes to core parts of Windows XP, notably, Internet Explorer. Each is covered in detail earlier in the book. The key additions are discussed below. For a full list of the changes, visit http://www.microsoft.com/windowsxp/sp2/default.mspx.

H.5.1. Windows Security Center

The first thing you'll notice is that Windows XP is much more proactive about online security. The slightly upgraded Internet Explorer now, by default, doesn't allow any downloads (a default that you can change, of course). XP will now nag you if your anti-virus definitions are old or if you've turned off a key security feature. And SP2 adds a home base for monitoring security settingsthe Security Center control panel (see Figure H-3). This brand new screen provides instant access to the three key parts of the security jigsaw puzzle: firewall, anti-virus, and OS updates. While Windows still lacks its own built-in anti-virus software, the Security Center can hook into most third-party software, from commercial packages like McAfee and Norton, to popular free packages such as AVG, and either automatically pull updates from the web or warn you that it's time to upgrade. Likewise, it keeps tabs on your firewall, giving you a visible alert if your protection is disabled. But note that there's nothing here guarding you against spyware, adware, and other malware. Think of the Center as a security-conscious screen rather than a one-stop security shop.

Figure H-3. SP2's new Security Center lets you monitor your firewall, anti-virus, and updates status

H.5.2. Automatic Updates

Previous versions of Windows XP would notify you when updates were available, but left it up to you to download them. With SP2, automatic updating is on by default, pulling all the latest patches onto your machine as they're posted online by Microsoft. You can change these settings from the Security Center (or by going to the System control panel and clicking the Automatic Updates tab), and ask XP to automatically download updates but let you install them, only notify you of updates, or let you find and install updates manually.

H.5.3. Windows Firewall

The Windows Firewall is SP2's update to the Internet Connection Firewall (ICF). The biggest difference is that it's now on by default, adding some automatic protection for users who don't want to check every box by hand.

The good news: It's better than it was. The bad news: You'll still want to replace it with something else because it only monitors inbound communicationsit won't prevent applications (be it a media player or a Trojan horse) on your PC from communicating out to the Internet. Ideally, you should replace it with a dedicated hardware firewall, such as the one built into most broadband routers. Barring that, or when you're on the road with your laptop, turn to third-party software firewalls such as ZoneAlarm.

Web sites that attempt to save anything on your system must now receive permission. The Firewall presents three options: Keep Blocking, Unblock, or Ask Me Laterthe latter giving you a chance to run a quick Google search to find out exactly what the downloading program is.

For the most part, Windows Firewall works and can be left to its own devices. But you can open it up via the Security Center or Control Panel to make any necessary adjustments by hand. In particular, the Exceptions tab (see Figure H-4) lists all the programs and services that canand cannotreceive incoming network connections, with checkboxes that let you block or unblock access with a click. From this same tab you can open individual ports for any applications that need specific access. From the General tab, you can turn exceptions offmeaning no application can receive incoming communications. This is a handy feature if you're connected to an unsecure, public Hotspot.

Figure H-4. Go to the Windows Firewall control panel and click the Exceptions tab to grant exceptions to applications that need them. Since this gives programs unrestricted access to your Internet connection, only do this for applications you trust.

The most complicated options, and the ones that rarely need altering, are on the Advanced tab. From here you can select individual network connections, from dial-up to VPNs, and use ICMP (Internet Control Message Protocol) to share error and status logs between systems.

While better than nothing, the Windows Firewall doesn't let you customize settings by connectionthe last settings you apply to any connection type are applied to all the connections on your PC. Strangely, this includes things like FireWire (IEEE-1394) and Bluetooth connections, which means you may have to disable all firewall protection to download video from your FireWire camcorder or connect to any Bluetooth devices.

H.5.4. Internet Explorer

Microsoft's ever-present web browser has received the lion's share of new features in SP2, and with good reason. From its tendency to welcome spyware into your system to its total inability to block pop-up ads, it's no surprise that millions have flocked to alternative browsers such as Firefox or turned to third-party pop-up blockers. While the changes wrought by SP2 aren't breakthroughs, they make browsing the web more agreeable and safer. The notable changes in IE are:


Pop-up blocking

This has long been provided by third party IE plug-ins, notably the Google Toolbar, but now this essential utility is built right into the browser. When you encounter a page that tries to display a pop-up window (usually an irritating ad), Internet Explorer displays an unobtrusive "Pop-up blocked" warning at the top of the browser window. If you want to see the pop-up, click the warning and choose whether to temporarily allow all pop-ups on this site or always allow the site to display them. The Pop-up Blocker offers three choices: Temporarily Allow Pop-Ups, Always Allow Pop-Ups From This Site, and the Settings window (allowing you to switch the blocker off).

If you know that a link will open a pop-up you want to see, hold the Ctrl key when you click it. The current default blocking settings won't be affected.



Drive-by downloads

This is the term for applications (such as ActiveX controls) that either install themselves automatically, or present a vague message hoping that you'll click "OK" without thinking. Click without thinking and you may be giving the site permission to download whatever software it likes onto your machineoften spyware capable of reporting on your movements, or adware that bombards you with pop-ups and banners. Internet Explorer will stop such a download cold and ask if you want to let it through. You can always accept downloads from this source, never accept them, and have IE ask you on a case-by-case basis.

Despite the improvements in Service Pack 2, Internet Explorer is still extremely vulnerable to any number of malware attacks. For instance, to test the actual security afforded by Internet Explorer 6, this author conducted a little test. Immediately after installing Service Pack 2 on an existing Windows XP system, and without changing any settings whatsoever , a single visit to a "Free Clipart" web site infected the test PC with enough spyware, adware, and malware to choke a horse, requiring a complete reformat to completely clean the system. Thus, even with SP2 installed, the only way to surf the Web safely is to do so with a different browser, such as Firefox (available at http://www.mozilla.org).



Add-On Manager

Worth the SP2 upgrade by itself, this new Internet Explorer menu option (Tools Manage Add-ons) lists every add-on living in your browserActiveX controls (such as a Shockwave player), browser helper objects (such as the Google toolbar), browser extensions (such as applets that search your bookmarks), and spyware/adware that takes on any of these guises. Better yet, you can disable any of these add-ons with a few clicks. Just remember that this feature is only part of the solution, and should be used with dedicated spyware removal software.

H.5.5. Outlook Express

Internet Explorer's e-mail cousin has only received a few nips and tucks to remove some obvious security problems. Email messages with web " bugs "tiny graphics that can verify your address with spammersare now stopped at the gate before they can do any harm. But if you want to send and receive email more safely, consider using a non-Microsoft email client, such as Eudora (http://www.eudora.com).

H.5.6. Wireless Networking

Something of an afterthought in the original Windows XP, Wi-Fi support is substantially beefed up in SP2, making it much easier to manage your network connections. SP1's half-hearted approach frequently left computers incapable of connecting to insecure systems (a noble idea in theory, but one that made it extremely hard to connect to a public, if somewhat unsecure, Hotspot) and hiding everything behind a highly underpowered dialog box.

This updated version more than makes up for its predecessor's failings. In addition to making connecting to any network as easy as selecting it from a list (which warns you if the network is unsecure, but otherwise lets you connect to it without a fuss), it comes with the useful Wireless Network Setup Wizard. Use this once to assign a network name and a WEP encryption key and Windows will generate a list of all the settings you'll need to add to your other networked machines. You can then save this configuration information to a USB Flash drive, and reconfigure other machines just by plugging it in (see Figure H-5).

Figure H-5. Setting up multiple PCs in your wireless network? Just set up one machine, copy the settings to a USB Flash drive, and then plug that into the other PCs for quick configuration.

Ordinarily, you access wireless connections via the System Tray. A small computer icon appears when Windows detects a network you can connect to. Alternatively, you can summon the controls by opening the Network Connections control panel and double-clicking the icon for your wireless network connection. (If it's not there, double-check your hardware.)

The Wireless Network Connection status window, accessed by clicking the System Tray icon, shows you how much data is being pushed across your current connection, along with your computer's IP address and other potentially important connection information. The Repair button on the Support tab attempts to restore a troublesome connection, but in most cases Windows will automatically handle this without being prompted.

Click the View Wireless Networks button to browse through all available networks. Select the network that you want and click Connect. If encrypted, it will prompt you for the key. If not, you'll be connected in a few seconds. Click the "Change advanced settings" link to choose the order you want Windows to try connecting to your configured wireless networks and to change other settings. For instance, choose whether Windows or a third party program should control your connection. Unless you're experiencing problems, it's best to let Windows handle this job.

For more coverage of wireless networking in Windows XP SP2, see Chapter 7. For even more coverage, see Windows XP Annoyances for Geeks , Second Edition (O'Reilly) by David A. Karp.

H.5.7. Bluetooth Support

The gadget side of wireless communications finally puts in a proper appearance in Windows XP, with a huge control panel dedicated to connecting and managing your Bluetooth cameras , keyboards, mice, PDAs, and such that are near enough to your computer to forge a connection (see Figure H-6). Depending on who you ask, Bluetooth is either one of the biggest steps forward in wireless technology, or an overhyped dead end of little practical use. Either way, it's finally ready for use in Windows XP.

Figure H-6. Set your Bluetooth device to be discovered and run the Add Bluetooth Device Wizard to make your connection

Just remember that the Bluetooth control panel won't even appear unless you have a Bluetooth receiver installed in your computer. Assuming that you have both this and the Bluetooth enabled hardware on hand, connecting the two up is almost completely automatic. Open the Bluetooth control panel and check the "Turn discovery on" box. (For security reasons, this box is unchecked by default to prevent devices from communicating with your machine without your permission.) Windows will list all the hardware that it can detect, and ask you to select which devices you want to add to your system.

Follow any instructions that came with the devicenotably, installing any software the device needs and checking for a passkey, which lets your computer "handshake" with the Bluetooth device. That's it. Turn off discovery and your wireless equipment should begin working without a hiccup.



Windows XP in a Nutshell
Windows XP in a Nutshell, Second Edition
ISBN: 0596009003
EAN: 2147483647
Year: 2003
Pages: 266

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net