there must be few reasons for that :
1)firewall => i shut down windows firewall so its cant be that
2)isp blocked ports 1434 , 1433 => cant be ? or im wrong ?
3)SP2 => is blocking that or sth ?
plz help if some1 know sth about that
Full Version: Its Only Me Or Ever1 Whos Install Sp2 Cant Find
I suppose you wanna know how to scan this so you can scriptkiddy mssql with a new exploit or something.
I already know how to scan plz if u dont have smart thing to say DONT SAY
i just wanna know if there is sth in SP2 that block scans
i just wanna know if there is sth in SP2 that block scans
its the sp2 socket limit that makes it inpossible to use multithreated scan utilities (like scan100, scan1000 and all other port scanners)
you have to use the fix for it 2 times posted on this board
you have to use the fix for it 2 times posted on this board
just uninstall sp2 and everything will be fine 
ok i found the problam is with SP2 i found results in my brother computer he have windows xp sp0...
thnx for all
thnx for all
can u post the fix again plz plz plz
lol.
this is so gonna make the ninjas angry
this is so gonna make the ninjas angry
QUOTE(sangoku @ Oct 15 2004, 09:05 AM)
just uninstall sp2 and everything will be fine
there is no such thing as "JUST uninstall sp2". the only way is to do a clean install. but then why would you do that if you can just apply the fix?
QUOTE(iiiemuiii @ Oct 21 2004, 04:35 PM)
QUOTE(sangoku @ Oct 15 2004, 09:05 AM)
just uninstall sp2 and everything will be fine
there is no such thing as "JUST uninstall sp2". the only way is to do a clean install. but then why would you do that if you can just apply the fix?
thnx already uninstall it long time ago
QUOTE(Killaloop @ Oct 15 2004, 02:04 PM)
its the sp2 socket limit that makes it inpossible to use multithreated scan utilities (like scan100, scan1000 and all other port scanners)
you have to use the fix for it 2 times posted on this board
you have to use the fix for it 2 times posted on this board
are u sure? i thoughed it only blocked SYN-scanners and raw-sockets.
heh lucky i dont have enough privs on GSO to trash this...
from the m$ site : h33p://www.micro$oft.com/technet/prodtechnol/winxppro/maintain/sp2netwk.mspx
QUOTE
What new functionality is added to this feature in Windows XP Service Pack 2?
Restricted traffic over raw sockets
Detailed description
A very small number of Windows applications make use of raw IP sockets, which provide an industry-standard way for applications to create TCP/IP packets with fewer integrity and security checks by the TCP/IP stack. The Windows implementation of TCP/IP still supports receiving traffic on raw IP sockets. However, the ability to send traffic over raw sockets has been restricted in two ways:
. TCP data cannot be sent over raw sockets.
. UDP datagrams with invalid source addresses cannot be sent over raw sockets. The IP source address for any outgoing UDP datagram must exist on a network interface or the datagram is dropped.
Why is this change important? What threats does it help mitigate?
This change limits the ability of malicious code to create distributed denial-of-service attacks and limits the ability to send spoofed packets, which are TCP/IP packets with a forged source IP address.
Limited number of simultaneous incomplete outbound TCP connection attempts
Detailed description
The TCP/IP stack now limits the number of simultaneous incomplete outbound TCP connection attempts. After the limit has been reached, subsequent connection attempts are put in a queue and will be resolved at a fixed rate. Under normal operation, when applications are connecting to available hosts at valid IP addresses, no connection rate-limiting will occur. When it does occur, a new event, with ID 4226, appears in the system's event log.
Restricted traffic over raw sockets
Detailed description
A very small number of Windows applications make use of raw IP sockets, which provide an industry-standard way for applications to create TCP/IP packets with fewer integrity and security checks by the TCP/IP stack. The Windows implementation of TCP/IP still supports receiving traffic on raw IP sockets. However, the ability to send traffic over raw sockets has been restricted in two ways:
. TCP data cannot be sent over raw sockets.
. UDP datagrams with invalid source addresses cannot be sent over raw sockets. The IP source address for any outgoing UDP datagram must exist on a network interface or the datagram is dropped.
Why is this change important? What threats does it help mitigate?
This change limits the ability of malicious code to create distributed denial-of-service attacks and limits the ability to send spoofed packets, which are TCP/IP packets with a forged source IP address.
Limited number of simultaneous incomplete outbound TCP connection attempts
Detailed description
The TCP/IP stack now limits the number of simultaneous incomplete outbound TCP connection attempts. After the limit has been reached, subsequent connection attempts are put in a queue and will be resolved at a fixed rate. Under normal operation, when applications are connecting to available hosts at valid IP addresses, no connection rate-limiting will occur. When it does occur, a new event, with ID 4226, appears in the system's event log.
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
