Old Windows and the Internet

Xavier Russell
Xavier Russell

Just how dangerous would it be to connect an old Windows 98 or XP machine to the Internet these days? I've heard there are remote code execution exploits that you're vulnerable to by just being connected to the Internet at all; is there any truth to that? I'm interested to know the details of exactly how these vulnerabilities work.

Anthony Richardson
Anthony Richardson

It probably depends on what ports are open in your firewall/router. If all inbound traffic is blocked then it can't get infected unless you deliberately download something to infect it. If you don't have vulnerable ports opened or forwarded to your machine nothing will happen so it's pretty safe to put it on the internet, assuming you don't immediately download RAM upgrade, browser enhancer or "performance booster".

Gavin Lopez
Gavin Lopez

XP unofficially supports embedded security updates which will continue through April 2019

Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SYSTEM\WPA\PosReady]
"Installed"=dword:00000001

Juan Green
Juan Green

I guess it depends on what is dangerous for you. Is it being spied on, viruses or having data stolen or encrypted?

Ryder Cox
Ryder Cox

This. All this "OMG can I connect a PC to the Internet that has not been updated since 12hrs" paranoia. And this is even with normies. And they call US paranoid. There shure is something wrong with this world.

Brandon Nguyen
Brandon Nguyen

Turn the firewall off on your router and connect a Windows 95-XP machine to the Internet. It doesn't take long to go round the horn on ipv4 anymore. If you've ever hosted a server and seen all the failed attempts on the authentication logs, you should be paranoid. Chinks are like the raptors in Jurassic Park testing that electrical fence 24/7. Never let your guard down.

Nathaniel Nguyen
Nathaniel Nguyen

You would probably be ok with an old 386 running DOS + Windows 3 without any of the Win32 shit. You just need Trumpet Winsock for TCP/IP. Mosaic is great btw.

Dominic Bailey
Dominic Bailey

Exploits can still work in some cases

Isaac Johnson
Isaac Johnson

this guys is right, i ran a server once for a project and the next day i looked at the fail2ban log: full with chinese, indians and russians

Evan Nguyen
Evan Nguyen

About 130 seconds. This is the average time a Windows XP or Windows 2000 (even the server edition) gets infected when connected to the internet without any additional protection.

If you really need Windows XP, just run it in a virtual machine ffs.

Cooper Robinson
Cooper Robinson

If all inbound traffic is blocked then it can't get infected unless you deliberately download something to infect it.
Stupidest thing I've ever seen. Just send a single HTTP request with IE6 across multiple borders and you will get a different response back.

Charles Peterson
Charles Peterson

Elaborate.

Liam Reyes
Liam Reyes

Just send a single HTTP request with IE6 across multiple borders and you will get a different response back.
Sending a single HTTP request is downloading something. I was trying to explain that, if you block all non-requested inbound traffic to your PC, it can't get infected just sitting there doing nothing as OP was concerned about. Also I don't quite understand your statement. You meant sending your packet through different routes? Someone modifying content during the transit between server and you? Content changing due to different location? IP changing because CDN?

Jaxson Russell
Jaxson Russell

PozReady

Jason Mitchell
Jason Mitchell

Yes, but *why* is that?

Parker Johnson
Parker Johnson

The botnet searches for vulnerable systems, and tries to infect it with a literal botnet.

Brandon Rodriguez
Brandon Rodriguez

But how can random incoming requests get a computer to do anything the attacker wants?

Juan Price
Juan Price

this, and it's been like that for a good 12+ years, Had an FTP server in the good old days (gene6 ftp on windows 95 on my first real computer, an AST Advantage 812 with a Pentium 100) and even back then the logs were megabyte-sized with failed attempts and autobans. Never thought to look up subnets but figured it must be chinks

Kevin Scott
Kevin Scott

About 130 seconds. This is the average time a Windows XP or Windows 2000 (even the server edition) gets infected when connected to the internet without any additional protection.

got any sources? interesting if true

Alexander Carter
Alexander Carter

Exploits in the software. Remember WannaCry? That used flaws in old SMB code to infect any other Windows PC on the same network. The same vulnerabilities could be used to spread other types of malware beside ransomware.

Mason Gomez
Mason Gomez

it would be extremely painful
4U

Lincoln Sullivan
Lincoln Sullivan

I've been running XP on a regular basis up until a couple months ago now. I regularly avoided Microsoft updates unless there was something specific I thought was important. Not a single virus in my ~12 years of using the operating system.

Lincoln Edwards
Lincoln Edwards

If your ISP is semi competent they will drop inbound packets unless they were requested by you.

Chase Morgan
Chase Morgan

How do you host a server then? Your ISP would drop everyone who wanted to connect since you didn't initiate the connection. What a terrible idea.

Brandon Collins
Brandon Collins

That's what dyn-dns is needed for.

Matthew Gomez
Matthew Gomez

I just don't see the risk connecting an old 9x/2k/XP box to the net if you take the proper precautions: disable windows updates, IE, netbios, smb etc etc

Caleb Wood
Caleb Wood

This has been a helpful and informative thread, thank you all who have contributed.

I'm offering and adjunct professor position at the university if you are interested.

Gabriel Cox
Gabriel Cox

If it's a well made virus, you won't know it's there.

Parker Phillips
Parker Phillips

whats your favorite virus developer environment?

David James
David James

Most ISPs don't give a shit what you host as long as you aren't doing it for business or doing something otherwise illegal. I've never had issues with roadrunner/timewarner.

Alexander Ortiz
Alexander Ortiz

1) When you connect something to the internet it gets an IP address.
2) Bots are constantly scanning the internet.

Best case scenario: you don't start any outgoing connection.
Botnet probes your IP address and gets a response, or botnet finds out there has been an activity from your IP address.
Hey, there is a device on this IP!
The botnet thinks.
let's see what type of device is this!
Botnet tries on telnet, botnet tries on ssh, botnet tries a lot of things.
Hey, this device responds to my requests like Windows XP machines do. I believe it is a Windows XP.
Botnet tries Window XP remote exploit...

Worst case scenario: you advertise your machine by pointing a DNS record to it. Thousands of bad guy operated DNS servers get an update that something just came online and the botnet race to infect your machine begins.

I don't know a specific source, but the "2 minutes rule" is widely used in the IT security industry. There are people who claim you can't even get Windows 7 updates fast enough to not get infected. (with public, unprotected IP address)

My ISP (an independent "utility" as we know it) doesn't interfere with my traffic. My semi competent ISP doesn't inspect my packets either.
drop inbound packets unless they were requested by you
A connection requested by me is outbound. A connection requested by others is inbound. I can't request inbound traffic. :)
drop all inbound packets
Inbound and outbound have no meaning in stateless protocols like UDP. If my ISP did what you say, I wouldn't be able to use UDP connections at all.

You really misunderstood something pal, using dyndns has nothing to do with opening ports.

I am interested.

Ryder Clark
Ryder Clark

I ran an ftp server for about a year, first time I ever ran one. Imagine my surprise when I saw the year's worth of failed login attempts. I think I had it configured to refuse attempts from a user after 3 tries, but then I only allowed 1 connection at a time as well.

Jaxson Gomez
Jaxson Gomez

Do you remember when you went to display settings and your options for the background screen were various colours. OP, your pic is the same colour I always chose. Good memories.

Owen Williams
Owen Williams

That's literally the default desktop color (#008080) of Windows 95/98 as displayed on anything but 16 color VGA (which had a slightly lighter tone of teal for compability reasons).

Elijah Diaz
Elijah Diaz

I've heard there are remote code execution exploits that you're vulnerable to by just being connected to the Internet at all; is there any truth to that? I'm interested to know the details of exactly how these vulnerabilities work.

Yeah no

1. You need to visit a website that has an exploit it the first place
2. The exploit must work on your dated browser
3. The exploit must work on your dated OS. Windows 98 not likely, win XP likely.

All these if's, nothing bad will happen by visiting normal websites at all. Most will probably not load correctly and others will be to fucking slow anyway.

Noah Ross
Noah Ross

1) When you connect something to the internet it gets an IP address.

2) Bots are constantly scanning the internet.

what is NAT

GTFO

Zachary Davis
Zachary Davis

What he is talking about is connecting an unpatched operating to the internet with no firewall so that all the unpatched services that are running are able to be accessed by anyone. Some of these services have flaws which allow RCE.

Alexander Martin
Alexander Martin

Wow this thread is definitive proof that Holla Forums is filled with larpers

Jacob Long
Jacob Long

what is NAT?
It is a complementary technology to BGP for routing packets from the public internet to private internet addresses.

GTFO
What exactly are you mad about?

Joseph Young
Joseph Young

ISPs
competent

Bentley Perez
Bentley Perez

But are you willing to accept the risk? How do you know for sure you've patched every hole there is? How do you know there aren't holes you don't know about?

Bentley Rivera
Bentley Rivera

If an OS has a network stack and running network card drivers, it's vulnerable.

David Flores
David Flores

This is true, as only trivial code is bug-free, but it's also true that not all OS and hardware are equal, or even targetted similarly.

Justin Bailey
Justin Bailey

If you had any services open on any of the ports you would get owned after few minutes.

Ethan Clark
Ethan Clark

any program with a buffer is vulnerable to buffer overflow
tell us something more inane please

Dominic Rodriguez
Dominic Rodriguez

ISPs firewalls caring about safety of their users
firewalls work on principle of "handshakes have to be started by you or communication isn't valid"
LOL
You have no idea about how computers actually work, right?

Ethan Allen
Ethan Allen

You may not believe me but I just awoke from a twenty-one year coma and have returned to my bedroom almost as exactly as my parents left it. My computer has Windows 95 installed just as I left it. Would it be okay if I left it installed to connect to the internet to retrieve information from my old accounts (if they still exist)?

Jack Morales
Jack Morales

what is NAT
not a substitute for an actual firewall, and a piece of shit that would have remained in obscurity if we had migrated to IPv6 in time.

Charles Harris
Charles Harris

Bullcrap

Juan Clark
Juan Clark

Just put a sshd on the default port for a few hours and the Hail Mary botnet will find it. Then you will have non-stop failed logins spamming your authlog 24/7/365.

Tyler Gonzalez
Tyler Gonzalez

I had to turn logging off on my home router because it was collapsing under the load.

Aiden Price
Aiden Price

I don't think I would be able to bear the shock of going straight from 1996 internet to 2017 internet.
Preemptive suicide might be your best option at this point. Spare yourself the horror.

Easton Hernandez
Easton Hernandez

in coma for 21 years
knows about fullchan
I call bullshit.

Isaiah Roberts
Isaiah Roberts

with IE6
this was retarded even back when those OSes were new.

Kevin Thomas
Kevin Thomas

I know the fucking feeling user. Turn back and abandon hope, all is lost. Go buy some land somewhere quiet and stay the fuck away from technology.

Jaxon Evans
Jaxon Evans

All windows is backdoored as is the law for proprietary software that is sold in the US of A.
Apparently they keep using the same old backdoors until those get busted so just look at recently discovered windows backdoors and how to abuse them.

sage for silly troll thread

Christian Thomas
Christian Thomas

I run an IBM Thinkpad 600E- PII, 164MB RAM, 80GB HDD. Windows 98SE+, with the latest version of Firefox that it will run(3? 6? Can't recall). I also route my Internet traffic through a PII HP Vectra server, which uses Windows 2K Server. Set up a decent firewall and allow only the ports you need to access the outside world. A strong Intranet is important as well.

Jonathan Hernandez
Jonathan Hernandez

You know the drill: BonziBuddis or gtfo

Jacob Ward
Jacob Ward

honestly the only website that fits that scenario, since it's full of neo nazi gen x fags

Jaxon Roberts
Jaxon Roberts

why would you subject yourself to that?

Ayden Anderson
Ayden Anderson

can someone supply me with a good winxp iso? i have one but VM says there is no boot able file found, i cant remember but i think its a repair disc

Jayden Bailey
Jayden Bailey

and yes im asking for a cracked xp iso that works in VM aka-no license key needed

Logan Thompson
Logan Thompson

bumping for link

Lincoln Gutierrez
Lincoln Gutierrez

nasm + objdump

Zachary Moore
Zachary Moore

for weird distros like POSReady '09, not dangerous at all; still receiving security updates, even.

Justin Walker
Justin Walker

Well, you'd get haxd right away.

Ethan Collins
Ethan Collins

Just how dangerous would it be to connect an old Windows 98 or XP machine to the Internet these days?
Penis-in-blue-waffle dangerous.

Juan Peterson
Juan Peterson

Intel ME has a network stack and is running all the time even with no actual OS loaded.

Easton Roberts
Easton Roberts

kill yourself, both for memeing about russian hackers and for using fail2ban

Dominic Taylor
Dominic Taylor

well there were a bunch of exploits in default services of XP. of course they wont work if the adversary can't get through your NAT. if you use the unpatched web browser you will be 100% vulnerable, it simply depends whether some site out of the 10s of thousands you visit feels like exploiting you
i mean networks are supposed to do ingress/egress/whatever they call it but almost all ISPs will let anyone connect to anything you host over TCP or UDP

Nathan Jenkins
Nathan Jenkins

Only after Windows 95. NSA Backdoor wasn't added until NT4/98.

Nathan Lineback has been doing it for years and nothing bad ever happens to him. You are probably safe unless an active exploit targets Windows 9X. Not XP though, XP is constantly being exploited.

Michael Nelson
Michael Nelson

turn of the firewall

Now why in the world would anyone do that.
I took a few courses on ethical hacking a few years ago and it always took some bullshit steps to get into a system.

Lets turn the firewall off
Lets open these ports that are off by default
Lets remove the root password
SQL injections

Why would anyone do that. Its like going to a 7-11 on martin luther king blvd and leaving your car running with your keys in the ignition with the vehicle title in the glove compartment and your cell phone charging.

Carson Gutierrez
Carson Gutierrez

i run a small raspberry pi server with an html website. I didnt install fail2ban right away thought. Is there a way to know I am infected by chinese botnet?

Thomas Mitchell
Thomas Mitchell

Every new "EPIC VULNERABILITY FOUND"
step 1, have physical access to the machine and admin credentials

Liam Reyes
Liam Reyes

bump

Julian Martin
Julian Martin

firewalls work on principle of "handshakes have to be started by you or communication isn't valid"
[code]
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -j REJECT
[code]
It's a sensible default for internet connected machine, nothing wrong with it.

Connor Bennett
Connor Bennett

Attached: 1464487997756.jpg (95.18 KB, 660x880)

Zachary Collins
Zachary Collins

Considering nobody launches worms for any Windows PC pre-2002 you'd be fine on the internet without downloading anything.

Wyatt Collins
Wyatt Collins

REJECT
fucking DROPped

Ethan Sanders
Ethan Sanders

full with chinese, indians and russians
IP's.

Do you know how to computer or did you came here to spread more propaganda mister CIA nigger?

Blake Reyes
Blake Reyes

because the chinese are so free with internet access and vpn's, and russia hasn't recently banned vpn's

William Lewis
William Lewis

what are bots

Hudson Gutierrez
Hudson Gutierrez

yeah, bots designed to scour the internet and find weaknesses in networks to hijack them. i understand.

William Cruz
William Cruz

spin up vbox
run pirated_windows.iso

didn't need a thread

Brayden Jones
Brayden Jones

90% of people in this thread are retarded larpers.
NAT and firewalls are a thing. Which means exploit vector is going to require you make the first move but, that move can be as simple as requesting a webpage from a webserver.

If anyone on your localnet is a threat (IE. cofeeshop [without AP isolation], open wireless, etc) your fucked.

If you are not subject to an APT, you maybe actually be more secure in a ridiculous way than many people inasmuch as automated exploit kits may not be looking for Windows 98, but your betting on that. If you interact exclusively with trusted input (IE. Your own intranent web servers), you might be 100% okay.

TLDR: Local becomes a huge threat. Internet is more ambiguous. Don't be on safety.