Vista has network surprises for some beta testers
I saw something about this last week but held off until I could read a bit more. It seems that the Beta version of Windows Vista (the successor to XP) has a feature enabled by default that has caught a few testers by surprise.
Essentially it’s a peer to peer networking concept that when a Vista machine boots and connects to the internet it sends requests and contacts othe Vista machines and they form an ad-hoc peer to peer network. Now, all this traffic from various addresses raised the eyebrows of some testers suspecting this to be an attack of some sort.
PNRP is the name of this service (Peer Name Resolution Protocol) and Microsoft sees many uses including network gaming for this. It does raise a concern though that it’s enabled by default in the Beta without a mention. (Most Linux vendors give some detailed release notes even for testing releases, so I would have though Microsoft might do likewise.) It appears to have caught folks off guard. In light of the recent and ongoing virus/worm/exploit troubles on the Microsoft platform I would think that “on by default” for a network service (beta or not) would be a bad idea.
They (Microsoft) say that it will be disabled by default when Vista ships. Which is at least a bit reassuring. The protocol has been studied internally by Microsoft for vulnerabilities and they are “currently in discussions with external security experts for a third-party analysis.”