Jump to content

End of POSReady 2009 Patches: What to Do?


Sampei.Nihira

Recommended Posts

For security reasons I will probably proceed to block the downloadable executable files (exe, msi ....) with I.E.8 by changing the Registry Key 1803.

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3]
"1803"=dword:00000003

0AAhHyEF_o.jpg

Or I will enable the following rule in my OSArmor software:

rbYP33bQ_o.jpg

 

Will you make any changes?

Edited by Sampei.Nihira
Link to comment
Share on other sites


I have been using the linux distro Q4OS to go online with for about three years now. At first I only used it occasionally and XP the rest of the time but now I use Q4OS 75% of the time and XP 25% of the time. In addition to a 11 year old desktop I have Q4OS installed on a 14 year old Dell Inspiron 8600 laptop where it runs fine and is rock solid stable, more stable than XP ever was which is the OS that shipped with the 8600.

I will probably always have at least one computer with XP running on it but not use it to go online with. That is a job for linux.

 

 

Link to comment
Share on other sites

I have Windows XP and Fedora. Windows XP is protected by Avast Premier and I'll keep using it for simple stuff like listening to music and so on. For production I'm gonna use Windows Server 2019 and for other things that don't involve encoding or coding and that don't run on XP, I'm gonna use Fedora.

Just a reminder to those who are blindly using Linux: although viruses for Linux are way less than the Windows ones, it doesn't mean that you can do whatever you want without being infected. I have ESET Nod32 as antivirus on my Linux box (running Fedora). Also remember to keep the kernel updated as well as the OS: you don't have to install every single kernel update that is rolled out (as I do for testing), but you should keep it updated at least every two-three month or so.

Link to comment
Share on other sites

At the risk of repeating myself:

On 1/3/2019 at 5:17 PM, Mathwiz said:

Well, it won't become less secure ... the risk, as always, is that someone will discover and exploit a vulnerability that was always there.

So I'd keep an eye on security fixes for the nearest supported OS (probably Server 2008). Any vulnerabilities discovered in that are probably in XP also. Usually M$ gives an assessment of what it would take for an attacker to successfully exploit a new vulnerability. A lot of times it turns out to require physical access to the PC; most of us needn't worry about those (unless we're using XP machines at work!)

If an over-the-network vulnerability is discovered, we could probably just block the affected port with Windows Firewall, unless it's something we really need.

Perhaps these two threads should be merged, since they both seem to cover the same topic.

Link to comment
Share on other sites

I've used Q4OS many times and quite honestly, it's a great Linux distro. The control panel seems a bit lacking for my liking but you can really configure it to look like Windows. XPQ4 can be downloaded and you can then choose whatever Windows skin you want it to look like such as 2000, XP, Vista, 7, 8, or 10. The sky is almost the limit but it's a very light OS and I recommend it to anyone who needs a solution for web browsing. I've used many Linux distros and I always seem to return to Q4OS after a while as the other ones either get messed up by me tweaking them or they're just not for me.

I love the idea of going to Linux in general and whatnot but it's not always easy to get answers on certain questions. I always feel that the Linux community acts a bit snarky towards new Linux users. If you want a larger userbase, don't chase the newcomers away but help them out when they ask questions. I think some of it has to do with the fact that there are user guides out there for different distros, but at the same time, some people don't always want to read a big, fat manual just to get the answer to something simple. For me, I fit into that group. I'm not stupid when it comes to computing but Linux is still quite foreign to me and command line isn't always my strong point, especially when it is completely different from Windows. Yes, Linux isn't Windows. That's why if you have users who need a little help understanding something, help them, don't mock them. The Q4OS community seems to be a bit more easy going though which is why I think it's a great choice for anyone looking to come off of Windows after your favorite version is unsupported such as XP or 7.

Link to comment
Share on other sites

So long as they are still in working condition, I'll leave it on my 2 machines with New Moon browser and use them for my games mostly and do only cautious browsing with them. I made the jump to Windows 10, and while there are many things that put me off about the OS, at least its secure and up-to-date. I guess all things must change, and since windows 7 will soon be past it prime, I couldn't see investing time and money in that OS.

I think XP was by far the best OS I've even used and enjoyed.

Link to comment
Share on other sites

I will stay on newmoon and XP.

Linux is great but in 2013 I moved from kUbuntu and I don't wanna go back.

Linux is slowly becoming windows 10.

Gnome is now bloated like hell and KDE plasma is heavy.

I only have hope on LxQt

 

Link to comment
Share on other sites

So I'd keep an eye on security fixes for the nearest supported OS (probably Server 2008).

Hope you'll be sharing info :)

Personally, I'll harden my winows even more, possibly by putting browser and/or Office in some sandboxed software and disabling more points of attack via manual modifying system settings or using some software like hardentools.

Apart from EternalBlue, there was no major bug in Windows XP that was used for large-scale attack, and it looks like people are now usually via attack vectors that require action on victim's end - phishing, ransomware, macroviruses... Spyware is not that much value in the days of Facebook and Snapchat ;) So I'd rather look for problems in Malspam and highly-positioned fake websites looks like a threat for someone, who is not a HVT him or herself.

So I know that there is a danger coming from end-of-updates and it will be growing over time, but switching to modern OS will not be a panacea.

 

Link to comment
Share on other sites

Hardentools is poor compared to the features of OSArmor.

@Mcinwwl

You should have disabled the SMB protocol.

Check if it is active:

netstat -na | find "LISTENING" | find ":445 "

If no output is returned by this command, you're OK.

MDelgAha_o.jpg

hlIZPqYi_o.jpg

 

GmGhwvWH_o.jpg

Edited by Sampei.Nihira
Link to comment
Share on other sites

12 hours ago, Sampei.Nihira said:

You should have disabled the SMB protocol.

Check if it is active:

netstat -na | find "LISTENING" | find ":445 "

If no output is returned by this command, you're OK.

GmGhwvWH_o.jpg

 

Just did that check and 445 is listening on my system. Appreciate that advice :)

Edited by sal here
edit
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...