Jump to content

Windows XP is still king


Dibya

Recommended Posts

1 hour ago, dencorso said:

OK. But what router (== maker and model) ?

D-Link DIR-816 Wireless AC750 Dual Band Router

D-Link DSL-2877AL Dual Band Wireless AC750 ADSL2

This two second one is somewhat broken wifi doesnot work only act as modem second one do the the job as wifi signal provider

Link to comment
Share on other sites


1 hour ago, NoelC said:

What are you thinking about, dencorso?  That the router could be compromised?

I always believe in and have multiple levels of protection, but I admit that I have long wondered whether common home routers, whose software rarely gets patches, could be compromised, and if so, how most folks could even tell.

-Noel

Just saying ...

https://www.exploit-db.com/exploits/38707/

An "overview" by manufacturer:
http://www.cvedetails.com/vendor/899/D-link.html

jaclaz


 

Link to comment
Share on other sites

17 hours ago, dencorso said:

OK. But what router (== maker and model) ?

It doesn't really matter.

@Dibya

You clearly don't know what you're talking about. Just having a consumer grade router between your PC and the internet doesn't mean you have a hardware firewall, because in these devices all network traffic goes down the kernel path which is purely software. Also, running the official firmware is even more of a privacy concern as it rarely gets updated, leaving vulnerabilities open. Please see various CVE's that surfaced after D-Link released the firmware for your devices: https://cve.mitre.org/data/downloads/allitems.html. A hardware firewall on the other hand is a separate device that you hook up between your PC and the router that connects you to the internet. Please do some reading before posting non-sense: http://bfy.tw/9NbI

nitroshift

Link to comment
Share on other sites

@NoelC @jaclaz

It's not only about the quantity of the vulnerabilities discovered, but quality as well:

https://www.exploit-db.com/exploits/40889/

Does not seem to be hard to use, isn't it?

As for the ways to know your home router was compromised - colleague at work told me once, that he couldn't enter any website from any device, after ISP provided him a new router. Instead, he was being given a site telling him, that his device was most probably hacked and is used in spam campaigns, and thus it was forbidden access to the internet by ISP. However, I couldn't verify this story.

Link to comment
Share on other sites

As for the ways to know your home router was compromised - colleague at work told me once, that he couldn't enter any website from any device, after ISP provided him a new router. Instead, he was being given a site telling him, that his device was most probably hacked and is used in spam campaigns, and thus it was forbidden access to the internet by ISP. However, I couldn't verify this story.

Well, it is possible, you get a router from ISP, with *standard* Admin/Admin (or similar password).

In theory you should connect it ONLY to a PC (NOT to the DSL line) and configure it, including changing the access password).

In practice most people (sometimes even the instructions from the ISP say so) will connect it to both network and DSL, leaving the standard password and start fiddling with it (and besides very often ISP issued routers will have remote connection enabled by default).

If the device is "scanned" by some bot, it may well become infected in no time (do you remember the infamous "unpatched XP" before SP2 issues?).

I wouldn't be surprised if an ISP put up some "external defense".
But not everythng that comes from outside is bad, there has been also a "benevolent" router patching virus around, fiwatch/ifwatch JFYI:

https://lootmyself.wordpress.com/2014/11/09/ifwatch-malware-part-1/

http://www.securityweek.com/developers-mysterious-wifatch-malware-come-forward
 

https://gitlab.com/rav7teif/linux.wifatch


 

jaclaz



 

Link to comment
Share on other sites

5 hours ago, jaclaz said:

In theory you should connect it ONLY to a PC (NOT to the DSL line) and configure it, including changing the access password).

In practice most people (sometimes even the instructions from the ISP say so) will connect it to both network and DSL, leaving the standard password and start fiddling with it (and besides very often ISP issued routers will have remote connection enabled by default).

Some even prohibit to change these and say that the router is configured via external staff.

5 hours ago, jaclaz said:

If the device is "scanned" by some bot, it may well become infected in no time (do you remember the infamous "unpatched XP" before SP2 issues?).

As for the first, yes - I've read blog posts, where people left their routers for limited time with remote control enabled, set difficult password and enabled full tracking of logging attempts. Daily log form such a device has... hmm, high educational value :)

As for the second, no - I didn't use XP before SP 2, I had Windows 98 and Windows 2000  previously. What's more, I had no DSL internet connection, only 56k Modem that was used once a year due to enormous bills. Personally, I only remember nasty malwares that were taking down friends' Win 95 and win 98 machines down, transferred via FDD, just because, no income from ransomware or spamming included. I've only read about early XP problems.

Link to comment
Share on other sites

48 minutes ago, Mcinwwl said:

As for the second, no - I didn't use XP before SP 2, I had Windows 98 and Windows 2000  previously. What's more, I had no DSL internet connection, only 56k Modem that was used once a year due to enormous bills. Personally, I only remember nasty malwares that were taking down friends' Win 95 and win 98 machines down, transferred via FDD, just because, no income from ransomware or spamming included. I've only read about early XP problems.

Then, JFYI:

http://usatoday30.usatoday.com/money/industries/technology/2004-11-29-honeypot_x.htm
 

http://www.theregister.co.uk/2004/08/19/infected_in20_minutes/

The Sans paper you can get via Wayback Machine:

http://web.archive.org/web/20050117145027/http://isc.sans.org/presentations/xpsurvivalguide.pdf

jaclaz


 

Link to comment
Share on other sites

First and foremost, turn OFF the ability to control the router remotely.  Having the thing present a web interface to anyone in the world is just asking for trouble.

Then protect it better from access on the LAN/wifi side using a custom account name, a strong password.  Disabling the broadcast of the SSID might discourage opportunists, though nowadays, with Software Defined Radio - based gear and sophisticated sotware, if someone wants to know what's happening on your wifi, a determined radio hacker can do quite a lot.  Then it really comes down to physical security - i.e., if you really don't want your wifi hacked, do/offer no radio comms at all.  You always trade convenience for security.

-Noel

Link to comment
Share on other sites

Well, thanks.

I think I've read about attack on the XP, if the machine is connected to the internet while installing. Mentioned at the end of this article http://www.fixitpc.pl/topic/49-zabezpieczenia-robaczywe-ataki-poslaniec/ but I'm nearly  sure there was separate article by picassa about it (she's MVP - Consumer Security 2014, 2015, just to give her justice).

Just to end this little OT with a bit of sentiment, looking at the first screenshot of the article I've linked reminds me of when we first connected Pc to DSL network (by ISP provided ***** USB modem, no router). It was win 2K, and it started throwing such errors minutes after connecting the net. Hopefully, there were some paranoinds among us, so we formatted the whole drive, reinstalled Windows, brought Keiro personal firewall and a configuration tutorial with lots of 'denies' provided by a geeky friend I've never met, some early avira home instalment was pushed to the system, then we connected to he internet and the whole think started being usable. Not to mention that we had separate HDD for internet and for the regular use, and they were never connected simultaneously :>

Link to comment
Share on other sites

With care and intelligent application of protection (e.g., firewalls, blacklists, behind router, etc.), virtually any operating system can be safe online.  Whether it would be safe in the hands of someone who doesn't know their XP from an Android system is another story.  And at some level, we are all naïve.

Define "King" in the context of this discussion.  Practically impossible.

Some might say a 1969 Ford Mustang Boss 429 is still King.  It simply can't be refuted because it's a meaningless statement.

Maybe "I like Windows xxx best because..." would be the best way to roll forward with this thread.

Friday the 13th or no, in the wee hours I opted to install the latest Windows Updates for my Windows 8.1 workstation - the main system on which I do work.  Guess what?  It didn't release any magic smoke.  It still works perfectly, based on an entire day's work since.  It's still private and - according to the benchmarks I run after every system change - still efficient.  I don't believe in superstition.  I believe in facts, and I had vetted those updates for more than a month in a virtual machine, as well as read all about them and researched whether others have had any problems that could affect me, as well as having a full backup.  As payment for all that effort I have been rewarded with a system that continues to work fine.

In my opinion, I prefer (a heavily tweaked and augmented) Windows 8.1, and an intelligently maintained system of any era is still King.

Meanwhile, it's hard not to like Windows 7 too...  On my small business server humming in the corner, running Windows 7 x64 Ultimate, "trouble free" has literal meaning.  Note the uptime in Task Manager.

Win7Reliability.png

-Noel

Edited by NoelC
Link to comment
Share on other sites

As we all know, Microsoft did psychological terrorism about Windows XP in 2014 in order to persuade users to move to newer OS. Then, they easily got rid of Vista as it wasn't widely used, and now they are applying the exact same terrorism to Windows 7, using the exact same words used 3 years ago about XP. 

"Care about your security? Then leave Windows 7 says Microsoft"

"The old OS suffers from ‘long-outdated’ security architecture"

"Microsoft is highlighting the security strengths of Windows 10 as the company waves an ‘early goodbye’ to Windows 7"

"Windows 7 is no longer capable of keeping up with the increased security requirements applicable to the PCs of today, and it’s based on long-outdated security architectures"

"Many hardware manufacturers no longer provide drivers for Windows 7, which means that modern peripherals such as printers are no longer recognised."

Ridiculous... just ridiculous... (except for drivers).

Edited by FranceBB
Link to comment
Share on other sites

4 minutes ago, FranceBB said:

"Many hardware manufacturers no longer provide drivers for Windows 7, which means that modern peripherals such as printers are no longer recognised."

Ridiculous... just ridiculous... (except for drivers).

What printer manufacturer in their right mind would refuse to provide drivers for what is by far the world's most popular operating system? :huh:

Link to comment
Share on other sites

5 hours ago, vwestlife said:

What printer manufacturer in their right mind would refuse to provide drivers for what is by far the world's most popular operating system? :huh:

Be a microsofts partner then grab some money . You will also not support 7

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...