Options
'Longhorn' build 4053 screenshots
[link=http://www.neowin.net]Neowin[/link] has some new screeshots of build 4053 of Windows 'Longhorn'.
[blockquote]The development of Longhorn is at build 4063 at the moment, the precise build number differs depending on what build lab you speak to. As the 4053 screenshots show below, this is only a main build (a build compiled from all the different labs). Unfortunately for us the shots don't show any big changes or improvements from the 4051 build a mere 21 days before it. The build stamp for all those interested is Build 4053.main.031022-1720.
[/blockquote]
[link=http://www.neowin.net/comments.php?id=17438&category=main]'Longhorn' build 4053 screenshots[/link]
[blockquote]The development of Longhorn is at build 4063 at the moment, the precise build number differs depending on what build lab you speak to. As the 4053 screenshots show below, this is only a main build (a build compiled from all the different labs). Unfortunately for us the shots don't show any big changes or improvements from the 4051 build a mere 21 days before it. The build stamp for all those interested is Build 4053.main.031022-1720.
[/blockquote]
[link=http://www.neowin.net/comments.php?id=17438&category=main]'Longhorn' build 4053 screenshots[/link]
0
Comments
Now that I like! Its about time Microsoft gave us more visual possibilities without using 3rd party software. Longhorn sounds better all the time. I really hope they take their time and get it right and secure. There is really no need to rush it out. After all, who do they have to compete with besides themselves?
Actually, I expect to see IPV6 at least partly (if not close to fully) implemented in "Longhorn." That is one thing needed for Microsoft's Windows Services on Unix initiative, and they are testing IPV6 to IPV4 tunneling now with the parts of SP2 that have hit WindowsUpdate recently, including the .NET functionality pack. Microsoft is starting to transition to IPV6.
Side note: Admins might note that ASN has been upgraded to version three already(a couple days ago), and that server admins of servers that use ASN and\or MTLN are being asked strongly to implement that update soonest. Windows XP is one of things that can be helped, but so far no WindowsUpdate release. I will say more publicly when the ASN update hits the web for public download. Technet has the update, and there is a security bulletin for this also.
Basicly, one of the major things coming up is that the web network addressing system is changing (basicly the addressed used now for TCP are being revamped), and Microsoft is reworking underlying networking addresses a whole bunch as far as web use(Linux and BSD users with latest versions already have this "canned into" the O\S, and AFAIK Solaris does or soon will as Sun is doing changes to Solaris kernel (per Sun's Pipeline Tech newsletter). AS IPV6 comes online, expect a LACK of not enough web addresses to go around(there will be enough for all and then a bunch extra for later), and for each node on the web to be known specifically. This is actually good for security, hackers will find they have boxes with specific-to-network-card IDs. One of the major things coming up will be changes in how the networking is done on Windows as far as how nodes are ID'd.
John D.
I was thinking the same thing.
Not every server, every BOX. EVERY COMPUTER will have a unique address. It will be physically unique to the computer. Since the unique part of the MAC address will be encoded into this address, computers can be tracked to by their IPV6 address. My linux box has a totally unique IPv6 address. You can use IPV6 to let exactly one box access another box. Let me look at my XP Box's IPV6 address a sec, will copy and paste it here:
3ffe:831f:4004:1954:8000:7e90:XXXX:XXXX (yes, I changed the eight hex numbers to Xs at end)
To Microsoft, the last 4 groups of four Hex digits are the physical address Microsoft tracks.
What is 16 to the fourth power??? 4096, so each group of four hexes can hold 4096 possibles. Note how many of the 4 hex digit groups there are. That means 4096 to the eighth power possible address numbers.
My MAC addess for my NIC card on my XP box is literally 80-80-7e-90-XX-XX-XX-XX as far as physical address goes(what I X'd out would have given you my MAC address specific to my network card on my XP box, the last two four digit hex sets of the IPV6 corresponds to most of the unique part of my MAC). That means each box can belong to one of 4094 to the fourth power unique subnets (there needs to be one broadcast and one number for subnet itself reserved in each group).
Sygate autorejects anything with a physical address of FF-FF-FF-FF-FF-FF-FF-FF which is an example of a spoofed physical address. So does my firewall. With all these possibles, networks can be built with ALCs geared to who is exclusively permitted, and because MAC is used, the same network card would have to be had or the MAC address suppressed and replaced with anothr MAC address that had perms to access under this scenario.
See what that pair of things does to security implications??? There are more addresses to hunt that way to find a port, and routers and switches and IDS that logs IPV6 IPS can compare valid MACS and reject what should not be entering a network also and sound alarms more certainly. Secondly, with a MAC address embedded IN an Internet address, Law enforcement and ISPs can KNOW if a box that is not authorized goes anywhere.
IPv6 coming into being in Windows as well as Linux and BSD leaves ways to backtrack who did what. ID by unique ID in network card, carried into the Internet addressing scheme.
THAT is what the heck IPV6 has to do, in summary, with security and accountability. With IPV6 there will need to be littel of the overall address possibility reserved for private addressing, it will be more public and so huge a number space that every computer will have its own WEB number. Right now routers that see a box with a masqed IPV4 address (masqed by router) have problems blocking IPV6 tunneling. But modern Cisco routers can use IPV6. So router can have an ACL based on positive control based on who is allowed to go where. Instead of having to exclude a whole subnet, you can exclude by IPV6 address and have ONE box blocked. You can exclude access by range with two rules, one higher than the subnet you are protecting and one lower.
Microsoft now is implementing testing of one box, one physical address, for all boxes that have the tunneling software upgraded into them. The recommended things for networking in WindowsUpdate implement the tunneling. With one-box, one-address carried over internet, Microsoft can track who does what by IPV6 address.
Basicly, because of the possible combos, it will be harder to crack a net by hunting IP by IP. Because the routers will also have IPV6 addresses PER PORT, you can exclude those router PORTS you do not want to hook to another router, and be better certain that office in LA will not accidentally dupe the IPV6 address of a box in Chicago office. Instead of each ROUTER having an IP, each PORT on router can.
What will happen first, is script kiddies will find themselves unmasked unless they use masqed MAC addresses on routers as well as masqed TCP addresses.
IPV6 traceroute will be able to traceroute router port by router port from box being intruded into to physical box doing hack.
MY DNS on ISP is routed from my computer that ran and loaded the updates offered on WindowsUpdate has pseudo IPV6 routes to them, as listed in my IPCONFIG /ALL output. Those boxes do not yet have IPV6, the IPV6 addresses have single zeros in two (third and fourth most major) hextets of the IPV6 addresses for the DNS servers local to me (my Comcast DNS is three deep here for local DNS).
John D.
fail
By the way: She's about to cheat on you!