Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email email@example.com
From: Williams, Kevin (KWilliamssark.com)
Date: Wed Mar 13 2002 - 16:09:23 CST
Oddly enough, my machine WOULD accept "telnet <ip.address> 389" when ICF is
enabled. But your answer is perfectly correct.
Thanks for the MSKB article - that held the answer!
According to MSKB Q261203 article, ICS (and RRAS-NAT) includes a H323/LDAP
proxy service. It cannot be disabled in ICS (read: Windows XP). I was very
confused by this because I was NOT running ICS, only ICF. Because ICS and
ICF run under the same service, the H323/LDAP proxy runs as well.
Personally, I feel the inability to disable this "proxy" and the obscure
documentation is a bug/design flaw/oversight, whether the proxy itself is a
"feature" or not. If you started up Sygate or ZoneAlarm and found that it
opened up the TFTP port, wouldn't you be concerned? Needless to say, I won't
ever use ICF again, and I strongly urge you to do the same. What if
NetMeeting had a buffer overflow condition? You wouldn't be protected.