Old Windows and the Internet

Just how dangerous would it be to connect an old Windows 98 or XP machine to the Internet these days? I've heard there are remote code execution exploits that you're vulnerable to by just being connected to the Internet at all; is there any truth to that? I'm interested to know the details of exactly how these vulnerabilities work.

Attached: Windows98.png (365x273, 39.63K)

Other urls found in this thread:

vimeo.com/65856694

It probably depends on what ports are open in your firewall/router. If all inbound traffic is blocked then it can't get infected unless you deliberately download something to infect it. If you don't have vulnerable ports opened or forwarded to your machine nothing will happen so it's pretty safe to put it on the internet, assuming you don't immediately download RAM upgrade, browser enhancer or "performance booster".

XP unofficially supports embedded security updates which will continue through April 2019
Windows Registry Editor Version 5.00[HKEY_LOCAL_MACHINE\SYSTEM\WPA\PosReady]"Installed"=dword:00000001

I guess it depends on what is dangerous for you. Is it being spied on, viruses or having data stolen or encrypted?

This. All this "OMG can I connect a PC to the Internet that has not been updated since 12hrs" paranoia. And this is even with normies. And they call US paranoid. There shure is something wrong with this world.

Turn the firewall off on your router and connect a Windows 95-XP machine to the Internet. It doesn't take long to go round the horn on ipv4 anymore. If you've ever hosted a server and seen all the failed attempts on the authentication logs, you should be paranoid. Chinks are like the raptors in Jurassic Park testing that electrical fence 24/7. Never let your guard down.

You would probably be ok with an old 386 running DOS + Windows 3 without any of the Win32 shit. You just need Trumpet Winsock for TCP/IP. Mosaic is great btw.

Exploits can still work in some cases

this guys is right, i ran a server once for a project and the next day i looked at the fail2ban log: full with chinese, indians and russians

About 130 seconds. This is the average time a Windows XP or Windows 2000 (even the server edition) gets infected when connected to the internet without any additional protection.

If you really need Windows XP, just run it in a virtual machine ffs.

Stupidest thing I've ever seen. Just send a single HTTP request with IE6 across multiple borders and you will get a different response back.

Elaborate.

Sending a single HTTP request is downloading something. I was trying to explain that, if you block all non-requested inbound traffic to your PC, it can't get infected just sitting there doing nothing as OP was concerned about. Also I don't quite understand your statement. You meant sending your packet through different routes? Someone modifying content during the transit between server and you? Content changing due to different location? IP changing because CDN?

...

Yes, but *why* is that?

The botnet searches for vulnerable systems, and tries to infect it with a literal botnet.

But how can random incoming requests get a computer to do anything the attacker wants?

this, and it's been like that for a good 12+ years, Had an FTP server in the good old days (gene6 ftp on windows 95 on my first real computer, an AST Advantage 812 with a Pentium 100) and even back then the logs were megabyte-sized with failed attempts and autobans. Never thought to look up subnets but figured it must be chinks

got any sources? interesting if true

Exploits in the software. Remember WannaCry? That used flaws in old SMB code to infect any other Windows PC on the same network. The same vulnerabilities could be used to spread other types of malware beside ransomware.

it would be extremely painful
4U

I've been running XP on a regular basis up until a couple months ago now. I regularly avoided Microsoft updates unless there was something specific I thought was important. Not a single virus in my ~12 years of using the operating system.

If your ISP is semi competent they will drop inbound packets unless they were requested by you.

Attached: eHrvNJ_1511317371104.jpg (1920x1200, 1001.89K)

How do you host a server then? Your ISP would drop everyone who wanted to connect since you didn't initiate the connection. What a terrible idea.

That's what dyn-dns is needed for.

I just don't see the risk connecting an old 9x/2k/XP box to the net if you take the proper precautions: disable windows updates, IE, netbios, smb etc etc

Attached: ghostwall.png (640x452 36.02 KB, 24.93K)

This has been a helpful and informative thread, thank you all who have contributed.

I'm offering and adjunct professor position at the university if you are interested.

If it's a well made virus, you won't know it's there.

whats your favorite virus developer environment?

Most ISPs don't give a shit what you host as long as you aren't doing it for business or doing something otherwise illegal. I've never had issues with roadrunner/timewarner.

1) When you connect something to the internet it gets an IP address.
2) Bots are constantly scanning the internet.

Best case scenario: you don't start any outgoing connection.
Botnet probes your IP address and gets a response, or botnet finds out there has been an activity from your IP address.
The botnet thinks.
Botnet tries on telnet, botnet tries on ssh, botnet tries a lot of things.
Botnet tries Window XP remote exploit...

Worst case scenario: you advertise your machine by pointing a DNS record to it. Thousands of bad guy operated DNS servers get an update that something just came online and the botnet race to infect your machine begins.


I don't know a specific source, but the "2 minutes rule" is widely used in the IT security industry. There are people who claim you can't even get Windows 7 updates fast enough to not get infected. (with public, unprotected IP address)


My ISP (an independent "utility" as we know it) doesn't interfere with my traffic. My semi competent ISP doesn't inspect my packets either.
A connection requested by me is outbound. A connection requested by others is inbound. I can't request inbound traffic. :)
Inbound and outbound have no meaning in stateless protocols like UDP. If my ISP did what you say, I wouldn't be able to use UDP connections at all.


You really misunderstood something pal, using dyndns has nothing to do with opening ports.


I am interested.

I ran an ftp server for about a year, first time I ever ran one. Imagine my surprise when I saw the year's worth of failed login attempts. I think I had it configured to refuse attempts from a user after 3 tries, but then I only allowed 1 connection at a time as well.

Attached: 1344605682191.jpg (431x352, 12.63K)

Do you remember when you went to display settings and your options for the background screen were various colours. OP, your pic is the same colour I always chose. Good memories.

That's literally the default desktop color (#008080) of Windows 95/98 as displayed on anything but 16 color VGA (which had a slightly lighter tone of teal for compability reasons).

Yeah no

1. You need to visit a website that has an exploit it the first place
2. The exploit must work on your dated browser
3. The exploit must work on your dated OS. Windows 98 not likely, win XP likely.


All these if's, nothing bad will happen by visiting normal websites at all. Most will probably not load correctly and others will be to fucking slow anyway.

GTFO

What he is talking about is connecting an unpatched operating to the internet with no firewall so that all the unpatched services that are running are able to be accessed by anyone. Some of these services have flaws which allow RCE.

Attached: topkek_who.webm (720x480, 279K)

Wow this thread is definitive proof that Zig Forums is filled with larpers

It is a complementary technology to BGP for routing packets from the public internet to private internet addresses.

What exactly are you mad about?

Attached: Thanks fam _b2fc2a7b903939f4678873a7d76048fa.jpg (300x168, 13.07K)

But are you willing to accept the risk? How do you know for sure you've patched every hole there is? How do you know there aren't holes you don't know about?

If an OS has a network stack and running network card drivers, it's vulnerable.

This is true, as only trivial code is bug-free, but it's also true that not all OS and hardware are equal, or even targetted similarly.

If you had any services open on any of the ports you would get owned after few minutes.

tell us something more inane please

LOL
You have no idea about how computers actually work, right?

You may not believe me but I just awoke from a twenty-one year coma and have returned to my bedroom almost as exactly as my parents left it. My computer has Windows 95 installed just as I left it. Would it be okay if I left it installed to connect to the internet to retrieve information from my old accounts (if they still exist)?

not a substitute for an actual firewall, and a piece of shit that would have remained in obscurity if we had migrated to IPv6 in time.

Bullcrap

Just put a sshd on the default port for a few hours and the Hail Mary botnet will find it. Then you will have non-stop failed logins spamming your authlog 24/7/365.

I had to turn logging off on my home router because it was collapsing under the load.

I don't think I would be able to bear the shock of going straight from 1996 internet to 2017 internet.
Preemptive suicide might be your best option at this point. Spare yourself the horror.

I call bullshit.

this was retarded even back when those OSes were new.

I know the fucking feeling user. Turn back and abandon hope, all is lost. Go buy some land somewhere quiet and stay the fuck away from technology.

All windows is backdoored as is the law for proprietary software that is sold in the US of A.
Apparently they keep using the same old backdoors until those get busted so just look at recently discovered windows backdoors and how to abuse them.

sage for silly troll thread

I run an IBM Thinkpad 600E- PII, 164MB RAM, 80GB HDD. Windows 98SE+, with the latest version of Firefox that it will run(3? 6? Can't recall). I also route my Internet traffic through a PII HP Vectra server, which uses Windows 2K Server. Set up a decent firewall and allow only the ports you need to access the outside world. A strong Intranet is important as well.

You know the drill: BonziBuddis or gtfo

Attached: pomf.png (1366x768, 370.04K)

honestly the only website that fits that scenario, since it's full of neo nazi gen x fags

why would you subject yourself to that?

nasm + objdump

for weird distros like POSReady '09, not dangerous at all; still receiving security updates, even.

Attached: reflecto [email protected] (1242x1478, 550.79K)

Well, you'd get haxd right away.

Penis-in-blue-waffle dangerous.

Attached: openme.jpeg (1280x800, 430.31K)

Intel ME has a network stack and is running all the time even with no actual OS loaded.

kill yourself, both for memeing about russian hackers and for using fail2ban

well there were a bunch of exploits in default services of XP. of course they wont work if the adversary can't get through your NAT. if you use the unpatched web browser you will be 100% vulnerable, it simply depends whether some site out of the 10s of thousands you visit feels like exploiting you

i mean networks are supposed to do ingress/egress/whatever they call it but almost all ISPs will let anyone connect to anything you host over TCP or UDP

Only after Windows 95. NSA Backdoor wasn't added until NT4/98.


Nathan Lineback has been doing it for years and nothing bad ever happens to him. You are probably safe unless an active exploit targets Windows 9X. Not XP though, XP is constantly being exploited.

Now why in the world would anyone do that.
I took a few courses on ethical hacking a few years ago and it always took some bullshit steps to get into a system.


Why would anyone do that. Its like going to a 7-11 on martin luther king blvd and leaving your car running with your keys in the ignition with the vehicle title in the glove compartment and your cell phone charging.

i run a small raspberry pi server with an html website. I didnt install fail2ban right away thought. Is there a way to know I am infected by chinese botnet?

Every new "EPIC VULNERABILITY FOUND"

[code]
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -j REJECT
[code]
It's a sensible default for internet connected machine, nothing wrong with it.

Attached: 1464487997756.jpg (660x880, 95.18K)

Considering nobody launches worms for any Windows PC pre-2002 you'd be fine on the internet without downloading anything.

>REJECT
fucking DROPped

IP's.

Do you know how to computer or did you came here to spread more propaganda mister CIA nigger?

because the chinese are so free with internet access and vpn's, and russia hasn't recently banned vpn's

...

yeah, bots designed to scour the internet and find weaknesses in networks to hijack them. i understand.

didn't need a thread

90% of people in this thread are retarded larpers.
NAT and firewalls are a thing. Which means exploit vector is going to require you make the first move but, that move can be as simple as requesting a webpage from a webserver.

If anyone on your localnet is a threat (IE. cofeeshop [without AP isolation], open wireless, etc) your fucked.

If you are not subject to an APT, you maybe actually be more secure in a ridiculous way than many people inasmuch as automated exploit kits may not be looking for Windows 98, but your betting on that. If you interact exclusively with trusted input (IE. Your own intranent web servers), you might be 100% okay.

TLDR: Local becomes a huge threat. Internet is more ambiguous. Don't be on safety.

vimeo.com/65856694

Why would anyone use an operating system which hasn't been supported in decades? I wanna say XP didn't even have a firewall until the first or second service pack. Why even have a machine exposed like this on your LAN? It isn't very smart.

How to spot a reddit LARPer.

Problem is you can't really expose a VM directly to the public internet while its host stays safe behind a NAT. At least I don't know of such a way.
winworldpc is a legit (or at least semi-legit) place to get any Windows version that is older than XP RTM, so if you need 98 or 2k to mess around with you can get them there easily.

It's not primarily a security feature, but it improves security of the hosts on the internal network in that they aren't directly reachable from the ouside.

Usually it's mostly such IPs, but not exclusively. For instance today we have some britbong IP scanning ports.
Uh and yea, those are all unsolicited connection attempt to the WAN interface within 15 minutes or so (those coming from seemingly legit ports like http or snmp are some chinks/skids/bots too, possibly trying to dodge a firewall that way), so connecting hosts which expose possibly vulnerable services directly to the public internet definitely isn't a good idea.

Attached: untitled.PNG (802x897, 96.56K)

The last FF version natively supported (i.e. without employing things like KernelEx) is 2.0 which I think is about 10 years old. Most post-2010 pages probably don't work properly, and with a Pentium II you can basically forget about enabling Javascript (Pentium 4 machines and Atom netbooks tend to struggle quite a bit nowadays with JS-heavy """modern""" sites, and a Pentium II would basically just be brought to a halt).

So what's the option if you actually need to ssh into your local network from the outside? Use non-standard port? Or VPN into local network, then ssh?

Well that's "net neutrality", isn't it. If an ISP blocks/filters certain traffic then there sure should be some who'd be complaining about it.

wew, what an """upgrade"""

What software firewall would be recommended for an XP machine these days? Kerio was nice and all but the version is ancient (2002 I think) and the driver tends to crash and cause bluescreens at times.

You mean to say you'd need 4U of rackspace to protect an old Windows OS from painful experiences?

Disable password logins, accept public key auth only. Then the botnets can spam you all they want.

mah nigga. Do you understand how NAT works? Which computer are you even exploiting? Imagine a university with 1 Windows XP computer behind a NAT, 1k Hosts sharing 1 IP - how do you "scan ips" and "remote exploit a service". You hit the router, port scan, it responds like a router, unless ports are forwarded to XP machine the XP nodes network services are isolated from internet. You can't exploit it that way. There is no way to address it. The IP address could represent any of the 1k hosts, and unless there is an established session your not getting through, not that you will even know its their, because your port scanning a router not the XP machine.

Now, of course, an XP machine could make a connection to the internet and be exploited, trivially. It could be MITM'd and exploited (QAUNTUM) by a state adversery / ISP. It could be attacked locally. No one is saying its safe against an APT. But the idea that it will be instantly port scanned and virus infected is commical. If you believe tihs, try it. Work in IT for 2 weeks, and you will see there are still people using XP machines connected to the internet.

NAT wasn't designed as a security mechanism, but its property of isolating machines from the network does reduce attack surface, and provide some network security nonetheless. Without NAT worms would spread far faster, and this is one of the criticisms of IP6 (despite nat existing for IP6).

TLDR: Your retarded and don't understand NAT.

Set default host on router port forward, although all communications will be routed by hypervisor, and if that input is untrusted, your hypervisor is potentially vulnerable.

WTF no. Comcast doesn't want to block your shitty self hosted blog, they want to force you to upgrade to business class service, but tolerate some traffic. Comcast wants to block netflix because its a competes with their other business intrests. Net Neautrality isn't about decentralized network, its about ISPs mangling traffic they don't like.

this is legit

This, and disable root login and password. You'll use sudo once you're inside.