Please check it out, and let me know what you think.

Finally, have you run into trouble with Windows XP Service Pack 1 or do you want to comment about it? What's your experience? Tell me all about it.

Back to the Top

It seems a lot of people are unhappy about the AutoUpdate feature. Frankly, I think they're wrong about that. I hated it in Windows XP too, when I first starting using XP. But after quite a long time with it, I've changed my mind. I do think that AutoUpdate should be configured so that it doesn't download and install updates automatically. That's foolish. Someone knowledgeable needs to decide what gets installed, especially in a business setting; stuff shouldn't be installed willy-nilly. Under Win98 and Windows Update, I've seen mindless installation of updates cause lots and lots of problems. (I wrote an article about this in Windows Insider newsletter a few years back called "We Don't Need No Stinkin' Patches.") But Microsoft has significantly improved both the process and the updates themselves under Windows XP. It's neither like the old NT days or the Win98 disaster. It's better. To Win2K folks, I say, live with AutoUpdate for a while. It's better than you think.

And to those who are worried about privacy issues to do with AutoUpdate, or about the wording of Microsoft's EULA -- honestly, I think you're overreacting. And I care a lot about this sort of thing. Microsoft really isn't spying on you with this code. I can't say for sure they aren't with other things. But I'm more than reasonably sure they aren't doing it with their Windows Update/AutoUpdate technology.

Beyond AutoUpdate, though, the vast majority of emails I received were from happy people who'd installed SP3 often on multiple Win2000 machines with absolutely no problems. One wrote to me that it installs "smooth as silk." That's been my experience too. Some people even report that minor bugs were fixed by the SP3 install.

But, naturally, there were also some problems. Blue screens, for example, on a small number of installations seems to be an issue. Also, many people who experienced problems mention having installed Windows Media Player 7.1. Thanks to all who wrote in. Here are some of the messages I got, in case knowing about them might help you:

Since loading W2K-SP3 my Outlook Express 6 cannot recognize any kind of an embedded hyperlink. If it is an HTTP hyperlink it will not open Internet Explorer 6 and go to that URL. I have tried reloading the (final) IE/OE 6 package, but that doesn't resolve the problem. --Chad Fletcher

We installed Win2K SP3 on a server that we use for remote use via Microsoft Terminal Services. One of our user's primary applications is an investment portfolio management program that is run from a shortcut on this box, with its executables located on another server. After we applied the SP3 patch, this program stopped printing. After various attempts at a fix failed, we tried an uninstall of the SP3 patch by the book, but which also failed. We finally had to reformat the server and rebuild it to SP2 to get our program fully functional again. We still don't know why this happened, but surmise that it may have to do with one of the security patches. --Steve Disenhof

I recently installed Win2K SP3 on a Gateway 1.7 GHz machine. The download and installation went smoothly, without a hitch. However, when I rebooted after the installation, I found that I could no longer connect to the Internet. I could connect to my local network but not to anything outside it. After much investigation I discovered that the problem was with my Zone Alarm Pro configuration. This configuration had been working properly for several months with SP2 and I disabled it for the installation of SP3. It seems that even though I had ZA shut down it still wanted to control my computer's access to the Internet. The solution was to restart Zone Alarm and change its settings to Low. I was then able to get to the 'Net and have since reset Zone Alarm to my previous specifications. --Ken Couser

After installing SP3 on our server it now hangs intermittently on the boot screen. All of sudden, the system just locked up and after numerous attempts, I was able to get it to boot. I had recently upgraded the computer with SP1, SP2, critical updates, and recommended updates from the Windows Update Site. No problem until I ran SP3. I have tried a cold boot and a warm boot and it doesn't matter, it still hangs, but only sometimes. --John Melson

"Both at work and at home I ran into driver issues with the installation of SP3. At work we have a camera for looking at optical components that interfaces with Windows. It turns out the computer locks up with no error on boot if you install SP3. The camera is from Dataray and their website explains the fix. I don't expect many of your readers will have this camera but the driver they use is from another company so it may show up with other software installations. The driver company is Jungo and the driver is windrvr.sys. They too have a detailed Web page on updating the driver.

At home I found that the drivers for Promise's Ultra100 will not work with SP3. The company's Web page suggests using the Ultra100 TX2 drivers instead. They state that, while the company has not tested it, many users report no problems.

At work only two computers out of more than 60 have had any problems with SP3, both due to the camera driver. At home I am in no hurry to install SP3 so I will wait to see what happens with the Ultra100 drivers before I take the plunge. --Mike Morrell

I installed SP3 on top of IE 5.5 with latest patches and Media Player 7.1 and it also [like Sande Nissen reported in the last issue of SFNL] took me back to IE 5.01. The system in question is a Dell Latitude 610. --Louis M. McCutchen

I downloaded the network version to a home grown system with an Asus motherboard, a 533 PIII, W2K Pro and IE 5.5 with all patches. The installation went well except for one problem. I lost the ability to make changes to Windows components in Add/Remove Programs. --John Diakogeorgiou

Mike King, from Microsoft's Windows 2000 Setup Support, wrote to say that the problem Sande (in the last issue) and now Louis and John report "might be related to a similar issue noted in Microsoft Knowledgebase article Q277624, Updated Versions of Internet Explorer Not Listed in Add/Remove Programs. The SP3 install might cause programs not to show up in Add/Remove Programs when they are actually still there and can be launched." In other words, check your software versions in the program's About box, not just in Add/Remove Programs.

I found out that if you're still using Office 97 (my company is) you must update it with all the patches available, or you'll be reinstalling it and Outlook 98. They both worked improperly on my first computer. --Alan Kuehnau

I had big problems with SP3. The install deleted many core Windows files but did not replace them with the updated versions. For example, NTOSKRNL.EXE was gone which prevents Win2k from booting. Thank goodness I used a disk imaging program to back up my system drive before running SP3 so I was able to restore without re-installing Win2k. I submitted a trouble report to Microsoft via the free e-mail support option but got no response. --Dennis Bartt

Finally, Microsoft has released Knowledgebase article Q309601, Some Windows 2000 Hotfixes May Cause a Conflict with Service Pack 3 for Windows 2000. Apparently this problems affects "a small number of post-Service Pack 3 (SP3) hotfixes." Check out the KB article for the details.

Back to the Top

In the last issue, I wrote about DigiPortal's ChoiceMail, which is half service, half program, half local email server. I've been testing it extensively since the last issue, and I've run into major pluses and minuses. First, this thing does work to drastically eliminate spam. Right away. That's a major plus. But on the negative side, it's fairly young software, and I ran into numerous problems with it.

The ChoiceMail developers have spent a fair amount of time troubleshooting my problems, but many of the fixes needed for my situation involve new functionality in the program. For example, ChoiceMail doesn't work with email servers that require authentication to send mail. It also isn't able to work with multiple SMTP servers (if you have multiple email accounts, as I do). It requires you to choose one SMTP server to send all your mail through. That isn't always a workable solution. Finally, software firewalls can give ChoiceMail problems, since it actually functions as a small mail server on your system whose only client is your email package.

All those things are being fixed in future versions of the program, DigiPortal's people say. And I've decided to wait until they fix a few more of them before I render my opinion on the product. I'm still very interested in ChoiceMail, but it isn't quite ready for my very complex mailbox.

That doesn't mean it isn't ready for yours. If you have only one or two email accounts and you don't make heavy, customized use of Eudora's or Outlook's Personalities/Identities feature sets, ChoiceMail may work just fine for you.

Where ChoiceMail Isn't Going to Work
There is a type of emailbox that ChoiceMail is unlikely to ever be ideal for, a public emailbox. In my case, that's the Scot’s Newsletter mail accounts, but most email accounts attached to websites have this problem. Whether it's a webmaster's address or customer service or sales, if email contact with unknown people is important, but only likely to occur once, ChoiceMail isn't going to work well. People are unlikely to fill out a form that identifies them to a faceless email account in order to send a one-time message. ChoiceMail's basic assumption is that you're spam until you prove otherwise. And that just isn't going to work with most public email addresses.

That's why I'm interested in other anti-spam solutions too, and could even see a combination of rules-based, spam-filter products with the ChoiceMail approach.

Norton's New Anti-Spam Utility
Although the $70 Norton Internet Security 2003 hasn't shipped yet, it will shortly. One of the brand new modules in this version of the product is a spam-filtering utility. Such programs work by consulting a list of rules, or patterns, that identify common spam techniques and comparing those rules with incoming mail. They are not even close to 100 percent effective. On the other hand, they're a lot better than nothing.

Although I've yet to try it, I particularly like the approach taken in the Norton product. Instead of deleting spam on the server, it downloads the mail to your email package, sending it to a special spam folder -- something like an antivirus program's quarantine. That's the right way to handle this because the user can check to make sure that a "good" message didn't get tagged as spam by accident.

Even more importantly, though, Norton is hooking its tool up to its LiveUpdate system. That's important with a product like this because spammers are constantly changing tactics. For example, ever notice the something like 137 variations on putting the three letters "ADV" (which stands for advertisement) in the subject line of a spam message? Spammers get into trends as they copycat each other, identifying new ways to fool people. But then someone comes up with a breakthrough spamming technique, and off they go, invading your mailbox again. So long as the Norton folks devote some resources to chasing down the spamming trends and make lots of new spam signatures available on LiveUpdate, their product could be useful.

You can use the Norton anti-spam tool with any email client that uses POP3 email accounts, and spam detection levels are configurable by user type or account.

See the next section of this issue, Firewall Frenzy, for some of the other new features of Norton Internet Security 2003. And look for an in-depth review of this product in an upcoming issue of the SFNL.

Your Anti-Spam Suggestions
I know a lot of you are using MailWasher, an almost cult favorite spam-filtering product. Many SFNL regulars have written to tell me that they're using it, but also that in its default configuration, MailWasher scrubs away this newsletter. I've reached out to the folks who make MailWasher in an attempt to get to the bottom of that, but there seems to have been some sort of disconnect because I haven't heard back from them recently. To be honest, I can't recommend MailWasher. This newsletter, being as long as it is, and especially the HTML version (most HTML newsletters are suspect to a spam-filtering product), is an excellent test of anti-spam tools. But don't expect me to recommend a program that nabs SFNL in its default settings, ok?

What I'm most interested in is ChoiceMail-like solutions -- services you sign up with that provide a way for email senders to identify themselves to you in a way that spammers are never likely to do. You can't really reply to most spam messages. They're usually sent from phony email addresses. Their only goal is to get you to click a link. They don't want to hear from you by email. So if you ask them to identify themselves, chances are very high they're not even getting your message. But if someone really did mean to send you the message, and they expect to send you additional messages, taking a few seconds to identify themselves is not a problem. What I'd like to hear about is any solution you're aware of that takes advantage of that approach.

For example, one such service sent me by an SFNL reader is called Spam Arrest. I have yet to test it out, but according to this FAQ, it works similarly to ChoiceMail.

If you know of similar services -- and especially if you're using one -- I'd like to hear from you with a recommendation and a link to the company's website.

Anti-Spam Bonus Link of the Week
Finally, one of my colleagues from Windows Magazine, Mike Elgan, just did an excellent issue of his free Mike's List newsletter whose lead story is all about fighting spam. I know you're going to get something out of this. Read it, and give strong consideration to subscribing to Mike's List. His article is titled How to Stop Spam.

I hadn't read this issue of Mike's newsletter until this morning, but as soon as I did, it became a Scot’s Newsletter Link of the Week.

[Read the next installment in the I Hate Spam series.]

Back to the Top

Norton Internet Security 2003
Start with the newest of the new. Norton Internet Security 2003 is slated to be unveiled on September 16, so SFNL readers are getting a couple days heads up on it. I have beta of the product, but I probably won't receive the "gold" version -- the only kind of firewall I seriously test -- until the middle of next week. I'm very eager to check it out, for a lot of reasons. Some of which I'll come back to a little later in this section.

What's new in Norton Internet Security (NIS) 2003? For starters, this $70 package offers everything the $100 Norton Internet Security 2002 Pro package offered, plus lots of bug fixes and refinements. That means perhaps the easiest-to-use personal firewall, intrusion detection, Norton Antivirus, ad blocking, and parental and privacy controls. As I mentioned in the Let's Fight Spam section above, the newest feature is spam detection. NIS 2003 also incorporates Norton AntiVirus (NAV) 2003, which is detailed in the next section of this issue of the newsletter, Product Beat. I haven't even tested the final version of NIS 2003 yet, but I can tell you that at $70 (plus the rebate coupons Symantec usually includes), NIS2003 is one heck of a value. The combination of NAV2003, Norton Personal Firewall, Intrusion Detection, and Symantec's anti-spam utility are easily worth the $70. Among the improvements to Norton Personal Firewall, by the way, is full stealthing across all TCP ports. (More on this shortly.)

Sygate Personal Firewall Pro 5.0
The final version of Sygate Personal Firewall Pro 5.0 was also recently released. So recently, in fact, that I put off doing a review of any firewall in this issue of SFNL. I had intended to work on either Sygate 5.0 or Norton Internet Security 2003, but neither arrived quite in time, and I waited too long to start on something altogether different, like Agnitum Outpost. But all in good time.

The new Sygate has an impressive list of features. As before, the product comes in "Standard" and "Pro" versions. I've been testing the 5.0 Standard edition, and I can already tell you that I could not have recommended that product over the Norton or Zone Labs firewall products. It is better than the last Sygate version I tested, but it's not better enough for me to go ga-ga over it. I realize that folks like Fred Langa and friends of mine at PC World think highly of Sygate. And you may too if you try it. But as an early gut reaction, I find the Standard version less than perfect.

But I'm intrigued by the features the Pro version packs, including intrusion detection with online updating, auto-blocking and stealthing ("Active Response"), ICSA certification, VPN support (which I deem mandatory for any firewall), operating system-identification protection, and more. I'm going to test this product, and if I can get around it's awkward UI (why are firewalls so hard to use?), and it tests well -- it's a serious contender.

For more on the features in both the Standard and Pro versions, visit this Sygate Personal Firewall Standard and Pro comparison page.

ZoneAlarm 3.1 Pro (version: 3.1.395)
Earlier this week, Zone Labs finally released ZoneAlarm 3.1 Pro. In an earlier issue of SFNL, I wrote that I expected a dramatic new feature of some sort in this release. I was wrong about that. This is more of a maintenance release than a new-features build. The delay with releasing the Pro version is what prompted me to think there might be more. Here's the list of what's new, as provided by ZoneAlarm's Te Smith:

Take the 30-day trialware version of ZoneAlarm 3.1 Pro for a test drive, and let me know what you think. I'll be testing this one too, but unless something surprisingly good or bad surfaces, I think I'll let the subject of ZoneAlarm 3.1 rest with my SFNL-Top-Product Product ZoneAlarm 3.1 Plus review.

PC Flank vs. Norton Personal Firewall
But wait, there's even more on firewalls. In a recent issue of the LangaList, Fred included an item about the PC Flank website and how its firewall test showed Norton Personal Firewall (included in Norton Internet Security 2002 Pro, an SNFL Top Product) didn't fully "stealth" ports.

While I had heard rumblings of this before, I didn't feel that PC Flank's conclusions were nearly as important as they made them out to be. To be honest, I'm still not quite sure that they are. The bottom-line assertion is not about true firewall protection, but about stealthing, or the ability to hide your visibility on the Internet. According to PC Flank, ZoneAlarm, Sygate, and some other firewalls are fully invisible on the Internet, while Norton Personal Firewall and one or two others are not. Other stealth tests, including Gibson's Nanoprobe port tests, show that Norton Personal Firewall stealths ports just fine. By the way, check the Scot’s Newsletter Firewall Test Suite and Methodology page for more on how I test firewalls, and for links to the tests.

I decided to check it out again, and spent a long time on PC Flank testing firewall products and reading about other people's experiences in the PC Flank forum. It convinced me enough to contact the Norton Symantec folks about it and find out what gives.

Symantec was surprisingly forthcoming. They told me that after talking to PC Flank, their own firewall techies agreed that PC Flank had a point. Even if it was an academic one. Norton Personal Firewall only stealthed ports that were hacker targets. And GRC's tests focus on the same ports. So to some extent, this is a semantic (no pun intended) discussion. Is it important to hide every port, or only the ones hackers commonly probe for? I could come down on either side of that question. I guess when all is said and done, though, it's better to be safe than sorry.

The Norton folks felt it'd be no trouble to stealth all the ports, so that's what they're doing. And the results show up be in the Norton Internet Security 2003 product mentioned earlier in this article. Norton Personal Firewall 2003 will also get this upgrade.

Bonus Link of the Week
Incidentally, despite my ambivalence about the conclusions drawn by its stealth test, the PC Flank site is a worthy destination for anyone interested in security. There are also several additional security tests and it provides a good deal of useful information. One page I like in particular is the Ports Database, which allows you to search for information about TCP/UDP ports. I also recommend the Which Software to Choose page for an excellent discussion of different types of security software, and why you need them.

PC Flank is now an official Scot’s Newsletter Link of the Week site.

Back to the Top

Both of these 2003 editions are evolutionary rather than revolutionary. And that's a good thing. Both NAV2002 and SW2002 were fairly significant changes over their predecessors, as were the upgrades before those. We software users are ready for a gentler change right now.

Norton AntiVirus 2003
Of the two newest versions, NAV2003 is the more ambitious. For the $50 full retail price or $30 upgrade, you get Instant Messenger scanning that supports AOL Instant Messenger (AIM), Yahoo Instant Messenger, and MSN/Windows Messenger. I use AIM, but unfortunately, I use too old a version of AIM to be supported by NAV2003. (I've avoided upgrading AIM because it seems to get worse, not better, with newer version numbers.) I like the idea of scanning instant-message traffic for viruses. While there isn't a big problem there yet, it's probably just a matter of time. One thing I didn't like is that NAV2003 doesn't support ICQ instant messaging.

NAV2003 also adds Worm Blocking, designed mostly to prevent outbound transmission of worms via your email package. This is one of those features we all need, because stopping outbound worm traffic will stop the promulgation of email viruses. And we need to do that. Pronto. If we'd had it last year, perhaps SirCam, Nimda, and Badtrans wouldn't have been such a big deal.

Earlier versions of Norton AntiVirus added a pretty steep performance hit (especially on slower Internet connections) for outbound mail scanning. I've found NAV2003 to be slightly better than NAV2002 at this task, and NAV2002 in turn was a tad better than NAV2001. I like the trend.

NAV2003 is also designed to handle viruses without getting in your face about it. It can silently dispose of viruses, so you keep on working. Actually, that was somewhat true of NAV2002 as well. But not as it originally shipped. LiveUpdate modified it to do more dispatching of viruses silently, if you preferred. NAV2003 is better, although I'm still working through my testing of this aspect -- and am not 100 percent convinced yet that it works as silently as it should. This was a big criticism I had of NAV2001, though. Symantec has gotten the message.

What I notice most about NAV2003 in use is that it, for the most part, it works better, and more as you expect it to. I wouldn't call it perfect, but it's a solid refinement over NAV2002.

Norton SystemWorks 2003
Symantec Group Product Manager Marian Merritt was able to brief me on SW2003 in record time when Symantec called to give me the 2003 heads up. The biggest new feature in the $70 SystemWorks 2003 standard version is NAV2003. SW2003 Professional Edition, which sells for $100 retail, gets a new version of Norton Ghost. Among other things, Norton Ghost no longer needs to be booted from a floppy because it has a full Windows UI. It also supports Firewire, USB, and CD/DVD. SW2003 Pro also includes a new Process Viewer/Task Manager utility and a new performance/benchmarking utility.

The quintessential refinement release, SW2003 standard only has three notable features. One Button Checkup has changed, and the primary change is that it's a lot more user-customizable so that, for example, if you're in a hurry you can skip Speed Disk. Or if there are tests you don't really care about, you can skip them permanently. One Button Checkup also logs its changes to a history file, and even better, provides an Undo capability.

Web Cleanup is a modest addition that serves as a sort of one-button checkup for Internet Explorer. It empties your browser cache, cookies, and history. It has no e

SEARCH:

Related searches:
norton product microsoft firewall version

gipoco.com is neither affiliated with the authors of this page or responsible
for its contents. This is a safe-cache copy of the original web site.

gipoco.com is neither affiliated with the authors of this page nor responsible for its contents. This is a safe-cache copy of the original web site.