Old Windows and the Internet

Just how dangerous would it be to connect an old Windows 98 or XP machine to the Internet these days? I've heard there are remote code execution exploits that you're vulnerable to by just being connected to the Internet at all; is there any truth to that? I'm interested to know the details of exactly how these vulnerabilities work.

It probably depends on what ports are open in your firewall/router. If all inbound traffic is blocked then it can't get infected unless you deliberately download something to infect it. If you don't have vulnerable ports opened or forwarded to your machine nothing will happen so it's pretty safe to put it on the internet, assuming you don't immediately download RAM upgrade, browser enhancer or "performance booster".

XP unofficially supports embedded security updates which will continue through April 2019
Windows Registry Editor Version 5.00[HKEY_LOCAL_MACHINE\SYSTEM\WPA\PosReady]"Installed"=dword:00000001

I guess it depends on what is dangerous for you. Is it being spied on, viruses or having data stolen or encrypted?

This. All this "OMG can I connect a PC to the Internet that has not been updated since 12hrs" paranoia. And this is even with normies. And they call US paranoid. There shure is something wrong with this world.

Turn the firewall off on your router and connect a Windows 95-XP machine to the Internet. It doesn't take long to go round the horn on ipv4 anymore. If you've ever hosted a server and seen all the failed attempts on the authentication logs, you should be paranoid. Chinks are like the raptors in Jurassic Park testing that electrical fence 24/7. Never let your guard down.

You would probably be ok with an old 386 running DOS + Windows 3 without any of the Win32 shit. You just need Trumpet Winsock for TCP/IP. Mosaic is great btw.

Exploits can still work in some cases

this guys is right, i ran a server once for a project and the next day i looked at the fail2ban log: full with chinese, indians and russians

About 130 seconds. This is the average time a Windows XP or Windows 2000 (even the server edition) gets infected when connected to the internet without any additional protection.

If you really need Windows XP, just run it in a virtual machine ffs.

Stupidest thing I've ever seen. Just send a single HTTP request with IE6 across multiple borders and you will get a different response back.

Elaborate.

Sending a single HTTP request is downloading something. I was trying to explain that, if you block all non-requested inbound traffic to your PC, it can't get infected just sitting there doing nothing as OP was concerned about. Also I don't quite understand your statement. You meant sending your packet through different routes? Someone modifying content during the transit between server and you? Content changing due to different location? IP changing because CDN?

...

Yes, but *why* is that?

The botnet searches for vulnerable systems, and tries to infect it with a literal botnet.

But how can random incoming requests get a computer to do anything the attacker wants?

this, and it's been like that for a good 12+ years, Had an FTP server in the good old days (gene6 ftp on windows 95 on my first real computer, an AST Advantage 812 with a Pentium 100) and even back then the logs were megabyte-sized with failed attempts and autobans. Never thought to look up subnets but figured it must be chinks

got any sources? interesting if true

Exploits in the software. Remember WannaCry? That used flaws in old SMB code to infect any other Windows PC on the same network. The same vulnerabilities could be used to spread other types of malware beside ransomware.

it would be extremely painful
4U

I've been running XP on a regular basis up until a couple months ago now. I regularly avoided Microsoft updates unless there was something specific I thought was important. Not a single virus in my ~12 years of using the operating system.

If your ISP is semi competent they will drop inbound packets unless they were requested by you.

How do you host a server then? Your ISP would drop everyone who wanted to connect since you didn't initiate the connection. What a terrible idea.

That's what dyn-dns is needed for.

I just don't see the risk connecting an old 9x/2k/XP box to the net if you take the proper precautions: disable windows updates, IE, netbios, smb etc etc

This has been a helpful and informative thread, thank you all who have contributed.

I'm offering and adjunct professor position at the university if you are interested.

If it's a well made virus, you won't know it's there.

whats your favorite virus developer environment?

Most ISPs don't give a shit what you host as long as you aren't doing it for business or doing something otherwise illegal. I've never had issues with roadrunner/timewarner.

1) When you connect something to the internet it gets an IP address.
2) Bots are constantly scanning the internet.

Best case scenario: you don't start any outgoing connection.
Botnet probes your IP address and gets a response, or botnet finds out there has been an activity from your IP address.
The botnet thinks.
Botnet tries on telnet, botnet tries on ssh, botnet tries a lot of things.
Botnet tries Window XP remote exploit...

Worst case scenario: you advertise your machine by pointing a DNS record to it. Thousands of bad guy operated DNS servers get an update that something just came online and the botnet race to infect your machine begins.

I don't know a specific source, but the "2 minutes rule" is widely used in the IT security industry. There are people who claim you can't even get Windows 7 updates fast enough to not get infected. (with public, unprotected IP address)

My ISP (an independent "utility" as we know it) doesn't interfere with my traffic. My semi competent ISP doesn't inspect my packets either.
A connection requested by me is outbound. A connection requested by others is inbound. I can't request inbound traffic. :)
Inbound and outbound have no meaning in stateless protocols like UDP. If my ISP did what you say, I wouldn't be able to use UDP connections at all.

You really misunderstood something pal, using dyndns has nothing to do with opening ports.

I am interested.

I ran an ftp server for about a year, first time I ever ran one. Imagine my surprise when I saw the year's worth of failed login attempts. I think I had it configured to refuse attempts from a user after 3 tries, but then I only allowed 1 connection at a time as well.

Do you remember when you went to display settings and your options for the background screen were various colours. OP, your pic is the same colour I always chose. Good memories.

That's literally the default desktop color (#008080) of Windows 95/98 as displayed on anything but 16 color VGA (which had a slightly lighter tone of teal for compability reasons).

Yeah no

1. You need to visit a website that has an exploit it the first place
2. The exploit must work on your dated browser
3. The exploit must work on your dated OS. Windows 98 not likely, win XP likely.

All these if's, nothing bad will happen by visiting normal websites at all. Most will probably not load correctly and others will be to fucking slow anyway.

GTFO

What he is talking about is connecting an unpatched operating to the internet with no firewall so that all the unpatched services that are running are able to be accessed by anyone. Some of these services have flaws which allow RCE.

...

Wow this thread is definitive proof that Holla Forums is filled with larpers

It is a complementary technology to BGP for routing packets from the public internet to private internet addresses.

What exactly are you mad about?

...

But are you willing to accept the risk? How do you know for sure you've patched every hole there is? How do you know there aren't holes you don't know about?

If an OS has a network stack and running network card drivers, it's vulnerable.

This is true, as only trivial code is bug-free, but it's also true that not all OS and hardware are equal, or even targetted similarly.

If you had any services open on any of the ports you would get owned after few minutes.

tell us something more inane please

LOL
You have no idea about how computers actually work, right?

You may not believe me but I just awoke from a twenty-one year coma and have returned to my bedroom almost as exactly as my parents left it. My computer has Windows 95 installed just as I left it. Would it be okay if I left it installed to connect to the internet to retrieve information from my old accounts (if they still exist)?

not a substitute for an actual firewall, and a piece of shit that would have remained in obscurity if we had migrated to IPv6 in time.

Bullcrap

Just put a sshd on the default port for a few hours and the Hail Mary botnet will find it. Then you will have non-stop failed logins spamming your authlog 24/7/365.

I had to turn logging off on my home router because it was collapsing under the load.

I don't think I would be able to bear the shock of going straight from 1996 internet to 2017 internet.
Preemptive suicide might be your best option at this point. Spare yourself the horror.

I call bullshit.

this was retarded even back when those OSes were new.

I know the fucking feeling user. Turn back and abandon hope, all is lost. Go buy some land somewhere quiet and stay the fuck away from technology.

All windows is backdoored as is the law for proprietary software that is sold in the US of A.
Apparently they keep using the same old backdoors until those get busted so just look at recently discovered windows backdoors and how to abuse them.

sage for silly troll thread

I run an IBM Thinkpad 600E- PII, 164MB RAM, 80GB HDD. Windows 98SE+, with the latest version of Firefox that it will run(3? 6? Can't recall). I also route my Internet traffic through a PII HP Vectra server, which uses Windows 2K Server. Set up a decent firewall and allow only the ports you need to access the outside world. A strong Intranet is important as well.

You know the drill: BonziBuddis or gtfo

honestly the only website that fits that scenario, since it's full of neo nazi gen x fags

why would you subject yourself to that?

can someone supply me with a good winxp iso? i have one but VM says there is no boot able file found, i cant remember but i think its a repair disc

and yes im asking for a cracked xp iso that works in VM aka-no license key needed

bumping for link

nasm + objdump

for weird distros like POSReady '09, not dangerous at all; still receiving security updates, even.

Well, you'd get haxd right away.

Penis-in-blue-waffle dangerous.

Intel ME has a network stack and is running all the time even with no actual OS loaded.

kill yourself, both for memeing about russian hackers and for using fail2ban

well there were a bunch of exploits in default services of XP. of course they wont work if the adversary can't get through your NAT. if you use the unpatched web browser you will be 100% vulnerable, it simply depends whether some site out of the 10s of thousands you visit feels like exploiting you

i mean networks are supposed to do ingress/egress/whatever they call it but almost all ISPs will let anyone connect to anything you host over TCP or UDP

Only after Windows 95. NSA Backdoor wasn't added until NT4/98.

Nathan Lineback has been doing it for years and nothing bad ever happens to him. You are probably safe unless an active exploit targets Windows 9X. Not XP though, XP is constantly being exploited.

Now why in the world would anyone do that.
I took a few courses on ethical hacking a few years ago and it always took some bullshit steps to get into a system.

Why would anyone do that. Its like going to a 7-11 on martin luther king blvd and leaving your car running with your keys in the ignition with the vehicle title in the glove compartment and your cell phone charging.

i run a small raspberry pi server with an html website. I didnt install fail2ban right away thought. Is there a way to know I am infected by chinese botnet?

Every new "EPIC VULNERABILITY FOUND"

bump

[code]
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -j REJECT
[code]
It's a sensible default for internet connected machine, nothing wrong with it.

Attached: 1464487997756.jpg (660x880, 95.18K)

Considering nobody launches worms for any Windows PC pre-2002 you'd be fine on the internet without downloading anything.

>REJECT
fucking DROPped