Robert Hensing's Blog

Software Security . . . and stuff.

Notable changes in Vista SP1

Notable changes in Vista SP1

  • Comments 1
  • Likes

http://technet2.microsoft.com/WindowsVista/en/library/b984ce70-701b-4565-868e-51d1ba47555d1033.mspx?mfr=true

Looks like we've made SP1 RC1 available to the public to download . . . Vista is a bit of a mixed bag for me as of late (but then again - I suffer so you don't have to - I've been running SP1 for months now).  The performance of SP1 as compared to SP0 is nearly night and day (on my notebook) in one important scenario:  sleep / resume.  The improved file copy performance and stuff is just gravy.  Vista SP1 should be extremely solid when it releases and I'm glad we're taking the time to do it right and not trying to rush it.

Comments
  • On behalf of Windows Vista customers who rely on SSH for SMB forwarding:

    I humbly request if you can forward this to someone who can meaningfully respond to this inquiry. Thank you!

    Dear Microsoft,

    for several years, users like us have been relying on an ability to tunnel Windows file shares over the SSH protocol to enable Windows file sharing to work securely across the internet without requiring complex VPN solutions to be set up.

    The way the SSH tunneling approach works is that a program running on the Windows machine that is the sharing consumer listens on port 139 or port 445, and forwards any connection requests across SSH to port 139 or 445 on the server. The user then establishes a file sharing connection to the server by navigating to \\127.0.0.1\ShareName. Alternately, the user sets up the SSH client to accept connections on an interface configured using the Microsoft Loopback Adapter, say 10.10.10.10, and then navigating to \\10.10.10.10\ShareName.

    The critical characteristic that has made this solution possible, until now, is that there was always some way to convince Windows to connect to the SSH client, instead of Windows connecting to the same SMB port it is listening on, itself.

    Unfortunately, recent changes you have made in Vista updates seem to leave us with no more ways to convince Windows to connect to the SSH client, instead of connecting to itself. If the SSH client listens on port 139, then Windows will not try to connect to that port because it tries connecting to port 445 instead, and so it connects to itself. On the other hand, recent Windows security updates have made it impossible for the SSH client to listen on port 445 - even if on an interface assigned to a Microsoft Loopback Adapter installed for that purpose.

    Can you provide us with instructions for a reliable way to configure Vista so that navigating to a certain share will result in a connection to the SSH client, and not to Windows itself?

    Can you provide us with instructions to do so in a way that does not require us to completely uninstall File and Printer Sharing?

    If this is not possible using Windows Vista with all the most recent updates, would you consider reopening the possibility in a future update?

    Thank you and best regards,

    denis bider

    Bitvise

    See topics:

    10013 error when forwarding port 445

    https://fogbugz.bitvise.com/default.asp?Tunnelier.2.8400

    Vista patch breaks forwarding of port 445?

    http://fixunix.com/ssh/263661-vista-patch-breaks-forwarding-port-445-a.html

Your comment has been posted.   Close
Thank you, your comment requires moderation so it may take a while to appear.   Close
Leave a Comment