Hi, I have the below questions on W2K3 SP1 loopback check feature 1. How BackConnectionHostNames differ from DisableLoopBackCheck in the security perspective? My understanding is that, still reflection attack can happen on the host names we are entering in the BackConnectionHostNames registry 2. Any security vulnerability imposed by BackConnectionHostNames 3. Is loopback check feature available in Win 2K3 SP2 also? Thanks, Vasanth

Hello Vasanth, You can read the following KB carefully. MS08-068: Vulnerability in SMB could allow remote code execution http://support.microsoft.com/kb/957097 Brent Hu,Please remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.