Fine-Tune Your Web Site for Windows XP Service Pack 2

Some reading material for you folks:
http://msdn.microsoft.com/security/default.aspx?pull=/library/en-us/dnwxp/html/xpsp2web.asp

--
~ Kathleen Anderson
Microsoft MVP - FrontPage
Spider Web Woman Designs
http://www.spiderwebwoman.com/resources/

Mark
Wed Aug 11 20:47:13 CDT 2004

In addition, I've found that some GIF files that use an exact pallette and
not an adaptive one fail to display so keep an eye on those GIF's.

Mark Fitzpatrick
Microsoft MVP - FrontPage

"Kathleen Anderson [MVP - FP]" <spiderwebwoman@mvps.org> wrote in message
news:%23$zmzdAgEHA.3988@tk2msftngp13.phx.gbl...
> Some reading material for you folks:
> http://msdn.microsoft.com/security/default.aspx?pull=/library/en-us/dnwxp/html/xpsp2web.asp
>
> --
> ~ Kathleen Anderson
> Microsoft MVP - FrontPage
> Spider Web Woman Designs
> http://www.spiderwebwoman.com/resources/
>

clintonG
Thu Aug 12 19:13:35 CDT 2004

Thanks Kathleen but what kind of idiot do you suppose considers
security something to consider 'after the fact' as this excerpt from
the MSDN article indicates...

"In SP2 the publisher information will be shown after downloading a
file type that can potentially harm the user's computer and can be signed.
(Common examples of file types that can be signed and that can
potentially harm the user's computer are .exe, .dll, .ocx, .msi)."


--
<%= Clinton Gallagher, "Twice the Results -- Half the Cost"
Architectural & e-Business Consulting -- Software Development
NET csgallagher@REMOVETHISTEXTmetromilwaukee.com
URL http://www.metromilwaukee.com/clintongallagher/



"Kathleen Anderson [MVP - FP]" <spiderwebwoman@mvps.org> wrote in message
news:%23$zmzdAgEHA.3988@tk2msftngp13.phx.gbl...
> Some reading material for you folks:
>
http://msdn.microsoft.com/security/default.aspx?pull=/library/en-us/dnwxp/html/xpsp2web.asp
>
> --
> ~ Kathleen Anderson
> Microsoft MVP - FrontPage
> Spider Web Woman Designs
> http://www.spiderwebwoman.com/resources/
>

Kathleen
Fri Aug 13 12:57:13 CDT 2004

clintonG <csgallagher@REMOVETHISTEXTmetromilwaukee.com> wrote:
> Thanks Kathleen but what kind of idiot do you suppose considers
> security something to consider 'after the fact' as this excerpt from
> the MSDN article indicates...
>
> "In SP2 the publisher information will be shown after downloading a
> file type that can potentially harm the user's computer and can be
> signed.
> (Common examples of file types that can be signed and that can
> potentially harm the user's computer are .exe, .dll, .ocx, .msi)."

Clinton:
I'm not sure what the statement you refer to means. I just downloaded two
.exes on a machine with SP-2 installed. IE let me do this after I said it
was OK - I saw nothing about publisher information before or after the
download.


--
~ Kathleen Anderson
MVP - FrontPage

clintonG
Fri Aug 13 14:40:35 CDT 2004

Downloading executables only to be told 'afterwords' that they
may pose a risk is not secure -- secure is never allowing the file
to reach the file system until the file and its credentials have
been scrutinized.

--
<%= Clinton Gallagher, "Twice the Results -- Half the Cost"
Architectural & e-Business Consulting -- Software Development
NET csgallagher@REMOVETHISTEXTmetromilwaukee.com
URL http://www.metromilwaukee.com/clintongallagher/



"Kathleen Anderson [MVP - FrontPage]" <spiderwebwoman@mvps.org> wrote in
message news:OKax47VgEHA.3416@TK2MSFTNGP09.phx.gbl...
> clintonG <csgallagher@REMOVETHISTEXTmetromilwaukee.com> wrote:
> > Thanks Kathleen but what kind of idiot do you suppose considers
> > security something to consider 'after the fact' as this excerpt from
> > the MSDN article indicates...
> >
> > "In SP2 the publisher information will be shown after downloading a
> > file type that can potentially harm the user's computer and can be
> > signed.
> > (Common examples of file types that can be signed and that can
> > potentially harm the user's computer are .exe, .dll, .ocx, .msi)."
>
> Clinton:
> I'm not sure what the statement you refer to means. I just downloaded two
> .exes on a machine with SP-2 installed. IE let me do this after I said it
> was OK - I saw nothing about publisher information before or after the
> download.
>
>
> --
> ~ Kathleen Anderson
> MVP - FrontPage
>
>

Thomas
Fri Aug 13 14:58:10 CDT 2004

Windows can not detect the actual file type until after the file has been actually downloaded. AV
applications work the same way, files are scanned after they are in the file system.

--
==============================================
Thomas A. Rowe (Microsoft MVP - FrontPage)
WEBMASTER Resources(tm)
http://www.ycoln-resources.com
FrontPage Resources, WebCircle, MS KB Quick Links, etc.
==============================================
To assist you in getting the best answers for FrontPage support see:
http://www.net-sites.com/sitebuilder/newsgroups.asp

"clintonG" <csgallagher@REMOVETHISTEXTmetromilwaukee.com> wrote in message
news:ehznp1WgEHA.2928@TK2MSFTNGP10.phx.gbl...
> Downloading executables only to be told 'afterwords' that they
> may pose a risk is not secure -- secure is never allowing the file
> to reach the file system until the file and its credentials have
> been scrutinized.
>
> --
> <%= Clinton Gallagher, "Twice the Results -- Half the Cost"
> Architectural & e-Business Consulting -- Software Development
> NET csgallagher@REMOVETHISTEXTmetromilwaukee.com
> URL http://www.metromilwaukee.com/clintongallagher/
>
>
>
> "Kathleen Anderson [MVP - FrontPage]" <spiderwebwoman@mvps.org> wrote in
> message news:OKax47VgEHA.3416@TK2MSFTNGP09.phx.gbl...
> > clintonG <csgallagher@REMOVETHISTEXTmetromilwaukee.com> wrote:
> > > Thanks Kathleen but what kind of idiot do you suppose considers
> > > security something to consider 'after the fact' as this excerpt from
> > > the MSDN article indicates...
> > >
> > > "In SP2 the publisher information will be shown after downloading a
> > > file type that can potentially harm the user's computer and can be
> > > signed.
> > > (Common examples of file types that can be signed and that can
> > > potentially harm the user's computer are .exe, .dll, .ocx, .msi)."
> >
> > Clinton:
> > I'm not sure what the statement you refer to means. I just downloaded two
> > .exes on a machine with SP-2 installed. IE let me do this after I said it
> > was OK - I saw nothing about publisher information before or after the
> > download.
> >
> >
> > --
> > ~ Kathleen Anderson
> > MVP - FrontPage
> >
> >
>
>

Kathleen
Fri Aug 13 16:53:34 CDT 2004

Clinton:
I think you should try this for yourself so you can see how it really works.

--
~ Kathleen Anderson
Microsoft MVP - FrontPage
Spider Web Woman Designs
http://www.spiderwebwoman.com/resources/


clintonG <csgallagher@REMOVETHISTEXTmetromilwaukee.com> wrote:
> Downloading executables only to be told 'afterwords' that they
> may pose a risk is not secure -- secure is never allowing the file
> to reach the file system until the file and its credentials have
> been scrutinized.
>
>
> "Kathleen Anderson [MVP - FrontPage]" <spiderwebwoman@mvps.org> wrote
> in message news:OKax47VgEHA.3416@TK2MSFTNGP09.phx.gbl...
>> clintonG <csgallagher@REMOVETHISTEXTmetromilwaukee.com> wrote:
>>> Thanks Kathleen but what kind of idiot do you suppose considers
>>> security something to consider 'after the fact' as this excerpt from
>>> the MSDN article indicates...
>>>
>>> "In SP2 the publisher information will be shown after downloading a
>>> file type that can potentially harm the user's computer and can be
>>> signed.
>>> (Common examples of file types that can be signed and that can
>>> potentially harm the user's computer are .exe, .dll, .ocx, .msi)."
>>
>> Clinton:
>> I'm not sure what the statement you refer to means. I just
>> downloaded two .exes on a machine with SP-2 installed. IE let me do
>> this after I said it was OK - I saw nothing about publisher
>> information before or after the download.
>>
>>
>> --
>> ~ Kathleen Anderson
>> MVP - FrontPage