Installing Windows

[joe722]

Hi, I'm going to install a copy of Windows XP that does not have any service packs in it. I wanted to know if I need to install service pack 1 before I install service pack 2, or just install service back 2 directly. Thanks

 

[bsobel]

Originally posted by: joe722
Hi, I'm going to install a copy of Windows XP that does not have any service packs in it. I wanted to know if I need to install service pack 1 before I install service pack 2, or just install service back 2 directly. Thanks

Service packs contain all the fixes of the prior service packs (so no, you just need to install SP2 and any patches since).

Be carefull if your directly connected to the internet with an unpatched XP box, even if its just for the time you need to download SP2, you can become infected.

If you are behind a fw or turned on tcp filtering, or are installing the SP from disk before connection you should be fine.

Bill

 

[jeffk55]

Service pack 2 contains all the sp1 stuff. There's kind of a "gotcha" w/ XP. If you install XP and then download sp2 via internet your computer will be exposed to a certain
virus rather quickly and could become infected. Best to download sp2 disc and install before going on line. If you are on a router this precaution is not normally needed.
qote....Windows XP has a horrible track record with regards to security, and it's well earned -- a default install of Windows XP without Service Pack 2 can be hacked and infected with a virus within minutes of being started up -- even faster than it can take to download the patches!...unquote
http://www4.shopping.com/xPR-Microsoft_...H_NA_CD_W_SP2_22206642~RD-178527178372
http://www.microsoft.com/athome/security/update/sp2.mspx

 

[firewall]

Download SP2. Slipstream it into your WinXp cd. Burn a new disc. Install from that.

 

[JonnyBlaze]

Originally posted by: bsobel

Originally posted by: joe722
Hi, I'm going to install a copy of Windows XP that does not have any service packs in it. I wanted to know if I need to install service pack 1 before I install service pack 2, or just install service back 2 directly. Thanks

Service packs contain all the fixes of the prior service packs (so no, you just need to install SP2 and any patches since).

Be carefull if your directly connected to the internet with an unpatched XP box, even if its just for the time you need to download SP2, you can become infected.

If you are behind a fw or turned on tcp filtering, or are installing the SP from disk before connection you should be fine.

Bill

i hear this all the time but i think its BS. i have had systems online with no patches for a week and nothing happens.

 

[bsobel]

i hear this all the time but i think its BS. i have had systems online with no patches for a week and nothing happens.

Then something upstream from you protected you. Some ISP's will filter malicoius traffic and ports. If your ISP did this you would be much less likely to get infected (your infectors would be the subset of infected users using the same isp's vs everyone).

Otherwise, no, it's not BS. There have been plenty of studies about this (my company does one yearly). And it's simple to reproduce, put up a honeypot and see how many different attacks you get within a day.

I used to throw up an open ftp server to see how long from the port was open until it was used as a warez dump (I also had a service running which randomly corrupted any files put into the ftp directory, making sure the warez dump wasn't usefull). Shortest time was about 1/2 an hour, longest was 2 days.

Bill