Re: Vista patch breaks forwarding of port 445?

I just finished testing this on two other computers running Vista Home Premium and the result was the same: Vista patch KB942624 breaks port 445 forwarding. Uninstalling the patch reverts back to expected operation. ----- Original Message ---- From: "Welsh, Armand" <Armand.Welsh@sscims.com> To: ssh@erdelynet.com Sent: Friday, December 14, 2007 5:45:49 PM Subject: Re: Vista patch breaks forwarding of port 445? SSH is an exception, but what about TCP port 445? Sometimes you need to ad the port as an exception. (At least it has been my experience that it tends to behave this way at time) Also, did you do a "netstat -an" to enumerate all you listening and connected ports (pre ssh tunnel)? Armand Welsh -------------------------- Sent from my BlackBerry Wireless Handheld ----- Original Message ----- From: ssh@erdelynet.com <ssh@erdelynet.com> To: ssh@erdelynet.com <ssh@erdelynet.com> Sent: Fri Dec 14 16:40:07 2007 Subject: Re: Vista patch breaks forwarding of port 445? Firewall is on with ssh as an exception, so not an issue. Nothing appeared to be changed on the loopback adapter and it had been working great for weeks before installing the patch. Additionally, I was still able to forward port 80 on it, just not port 445! ----- Original Message ---- From: "Welsh, Armand" <Armand.Welsh@sscims.com> To: ssh@erdelynet.com Sent: Friday, December 14, 2007 3:28:44 PM Subject: RE: Vista patch breaks forwarding of port 445? And, I'm sure you have already checked, but just to be complete, did you ensure that the personal firewall is completely disabled on the loopback interface? ________________________________ From: ssh@erdelynet.com [mailto:ssh@erdelynet.com] On Behalf Of Mike Sent: Friday, December 14, 2007 2:27 PM To: ssh@erdelynet.com Subject: Re: Vista patch breaks forwarding of port 445? That was one of the first things I checked and it wasn't selected. I even tried a "telnet 10.0.0.222 445" and got no response, so there's nothing listening on that port, yet Vista won't let me use it. Did Microsoft break this intentionally to make SMB "safer?" I'd like to know if anyone else can reproduce the problem so I can be sure it's not unique to my machine. ----- Original Message ---- From: "Welsh, Armand" <Armand.Welsh@sscims.com> To: ssh@erdelynet.com Sent: Friday, December 14, 2007 7:53:49 AM Subject: RE: Vista patch breaks forwarding of port 445? After applying the patches, check that the patch did not bind the microsoft client service to the loopback adapter. If it did, then you won't be able to bind to port 445, because the microsoft networking client service is already listening on the port. When creating a loopback interface to use only this type of purpose, you should disable (or remove) all services, leaving only the TCP/IP protocol, and nothing else. This will ensure you have a wide open interface, ready for 3rd party software bindings. Armand ________________________________ From: ssh@erdelynet.com [mailto:ssh@erdelynet.com] On Behalf Of Mike Sent: Friday, December 14, 2007 6:49 AM To: ssh@erdelynet.com Subject: Vista patch breaks forwarding of port 445? Yesterday I installed the latest set of Vista patches from Microsoft Update. I also made a few other changes, like turning off User Account Control. Immediately before this I was able to forward port 445 using "ssh -L 10.0.0.222:445:localhost:445 user@server" where 10.0.0.222 is a loopback adapter in Windows. After installing the patches I got an error message saying port 445 could not be forwarded. So I used Windows Restore to rollback the patches and everything worked correctly again. Looking through the patches I'd just installed I found this one addressing a SMB vulnerability: http://www.microsoft.com/technet/security/bulletin/ms07-063.mspx I'm guessing it was this one that screwed up the port forwarding. Has anyone else ran into this issue? ________________________________ Be a better friend, newshound, and know-it-all with Yahoo! Mobile. Try it now. <http://us.rd.yahoo.com/evt=51733/*http://mobile.yahoo.com/;_ylt=Ahu06i62sR8HDtDypao8Wcj9tAcJ%20> ________________________________ Be a better friend, newshound, and know-it-all with Yahoo! Mobile. Try it now. <http://us.rd.yahoo.com/evt=51733/*http://mobile.yahoo.com/;_ylt=Ahu06i62sR8HDtDypao8Wcj9tAcJ%20> ________________________________ Never miss a thing. Make Yahoo your homepage. <http://us.rd.yahoo.com/evt=51438/*http://www.yahoo.com/r/hs> .+-"wè†Ûiÿ÷«uér�ë\¢oì².+-·!Š÷¬†Ûiÿ÷«uér�ë\¢oÚ­Èb½ïì²N…'²æìr¸›xÆ¢–f¢–Ú,²®žË›±Êâmç«uér�ë\¢ ____________________________________________________________________________________ Be a better friend, newshound, and know-it-all with Yahoo! Mobile. Try it now. http://mobile.yahoo.com/;_ylt=Ahu06i62sR8HDtDypao8Wcj9tAcJ

--
List Info:      http://erdelynet.com/ssh-l/
List Archives:  http://erdelynet.com/archive/ssh-l/
To Unsubscribe: Mail mailto:ssh+unsubscribe@erdelynet.com