Jump to content
Strawberry Orange Banana Lime Leaf Slate Sky Blueberry Grape Watermelon Chocolate Marble
Strawberry Orange Banana Lime Leaf Slate Sky Blueberry Grape Watermelon Chocolate Marble

MSFN is made available via donations, subscriptions and advertising revenue. The use of ad-blocking software hurts the site. Please disable ad-blocking software or set an exception for MSFN. Alternatively, register and become a site sponsor/subscriber and ads will be disabled automatically. 


Sampei.Nihira

End of POSReady 2009 patches, what to do?

Recommended Posts

For security reasons I will probably proceed to block the downloadable executable files (exe, msi ....) with I.E.8 by changing the Registry Key 1803.

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3]
"1803"=dword:00000003

0AAhHyEF_o.jpg

Or I will enable the following rule in my OSArmor software:

rbYP33bQ_o.jpg

 

Will you make any changes?

Edited by Sampei.Nihira

Share this post


Link to post
Share on other sites

I have been using the linux distro Q4OS to go online with for about three years now. At first I only used it occasionally and XP the rest of the time but now I use Q4OS 75% of the time and XP 25% of the time. In addition to a 11 year old desktop I have Q4OS installed on a 14 year old Dell Inspiron 8600 laptop where it runs fine and is rock solid stable, more stable than XP ever was which is the OS that shipped with the 8600.

I will probably always have at least one computer with XP running on it but not use it to go online with. That is a job for linux.

 

 

  • Like 1

Share this post


Link to post
Share on other sites

I mainly use XP still but eventually I'll probably transition to Q4.
 

  • Like 1

Share this post


Link to post
Share on other sites

I have Windows XP and Fedora. Windows XP is protected by Avast Premier and I'll keep using it for simple stuff like listening to music and so on. For production I'm gonna use Windows Server 2019 and for other things that don't involve encoding or coding and that don't run on XP, I'm gonna use Fedora.

Just a reminder to those who are blindly using Linux: although viruses for Linux are way less than the Windows ones, it doesn't mean that you can do whatever you want without being infected. I have ESET Nod32 as antivirus on my Linux box (running Fedora). Also remember to keep the kernel updated as well as the OS: you don't have to install every single kernel update that is rolled out (as I do for testing), but you should keep it updated at least every two-three month or so.

Share this post


Link to post
Share on other sites

At the risk of repeating myself:

On 1/3/2019 at 5:17 PM, Mathwiz said:

Well, it won't become less secure ... the risk, as always, is that someone will discover and exploit a vulnerability that was always there.

So I'd keep an eye on security fixes for the nearest supported OS (probably Server 2008). Any vulnerabilities discovered in that are probably in XP also. Usually M$ gives an assessment of what it would take for an attacker to successfully exploit a new vulnerability. A lot of times it turns out to require physical access to the PC; most of us needn't worry about those (unless we're using XP machines at work!)

If an over-the-network vulnerability is discovered, we could probably just block the affected port with Windows Firewall, unless it's something we really need.

Perhaps these two threads should be merged, since they both seem to cover the same topic.

Share this post


Link to post
Share on other sites

I've used Q4OS many times and quite honestly, it's a great Linux distro. The control panel seems a bit lacking for my liking but you can really configure it to look like Windows. XPQ4 can be downloaded and you can then choose whatever Windows skin you want it to look like such as 2000, XP, Vista, 7, 8, or 10. The sky is almost the limit but it's a very light OS and I recommend it to anyone who needs a solution for web browsing. I've used many Linux distros and I always seem to return to Q4OS after a while as the other ones either get messed up by me tweaking them or they're just not for me.

I love the idea of going to Linux in general and whatnot but it's not always easy to get answers on certain questions. I always feel that the Linux community acts a bit snarky towards new Linux users. If you want a larger userbase, don't chase the newcomers away but help them out when they ask questions. I think some of it has to do with the fact that there are user guides out there for different distros, but at the same time, some people don't always want to read a big, fat manual just to get the answer to something simple. For me, I fit into that group. I'm not stupid when it comes to computing but Linux is still quite foreign to me and command line isn't always my strong point, especially when it is completely different from Windows. Yes, Linux isn't Windows. That's why if you have users who need a little help understanding something, help them, don't mock them. The Q4OS community seems to be a bit more easy going though which is why I think it's a great choice for anyone looking to come off of Windows after your favorite version is unsupported such as XP or 7.

Share this post


Link to post
Share on other sites

So long as they are still in working condition, I'll leave it on my 2 machines with New Moon browser and use them for my games mostly and do only cautious browsing with them. I made the jump to Windows 10, and while there are many things that put me off about the OS, at least its secure and up-to-date. I guess all things must change, and since windows 7 will soon be past it prime, I couldn't see investing time and money in that OS.

I think XP was by far the best OS I've even used and enjoyed.

Share this post


Link to post
Share on other sites

I will stay on newmoon and XP.

Linux is great but in 2013 I moved from kUbuntu and I don't wanna go back.

Linux is slowly becoming windows 10.

Gnome is now bloated like hell and KDE plasma is heavy.

I only have hope on LxQt

 

Share this post


Link to post
Share on other sites

So I'd keep an eye on security fixes for the nearest supported OS (probably Server 2008).

Hope you'll be sharing info :)

Personally, I'll harden my winows even more, possibly by putting browser and/or Office in some sandboxed software and disabling more points of attack via manual modifying system settings or using some software like hardentools.

Apart from EternalBlue, there was no major bug in Windows XP that was used for large-scale attack, and it looks like people are now usually via attack vectors that require action on victim's end - phishing, ransomware, macroviruses... Spyware is not that much value in the days of Facebook and Snapchat ;) So I'd rather look for problems in Malspam and highly-positioned fake websites looks like a threat for someone, who is not a HVT him or herself.

So I know that there is a danger coming from end-of-updates and it will be growing over time, but switching to modern OS will not be a panacea.

 

  • Upvote 1

Share this post


Link to post
Share on other sites

^Thank you for your suggestion of hardentools - I wasn't aware of it until now :)

Edited by sal here
typos

Share this post


Link to post
Share on other sites

Hardentools is poor compared to the features of OSArmor.

@Mcinwwl

You should have disabled the SMB protocol.

Check if it is active:

netstat -na | find "LISTENING" | find ":445 "

If no output is returned by this command, you're OK.

MDelgAha_o.jpg

hlIZPqYi_o.jpg

 

GmGhwvWH_o.jpg

Edited by Sampei.Nihira
  • Like 1
  • Upvote 1

Share this post


Link to post
Share on other sites
12 hours ago, Sampei.Nihira said:

You should have disabled the SMB protocol.

Check if it is active:

netstat -na | find "LISTENING" | find ":445 "

If no output is returned by this command, you're OK.

GmGhwvWH_o.jpg

 

Just did that check and 445 is listening on my system. Appreciate that advice :)

Edited by sal here
edit

Share this post


Link to post
Share on other sites

@Sampei.Nihira

OSArmor is not for me, as it would duplicate with my COMODO HIPS functionality. Hardentools and similar are a way to disable elements of an OS, that might have yet-undiscovered bugs and that I will not need, plus some more security restrictions.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

×