[LUAU] MS to EOL Win98 and WinMe - July 11

Eric Hattemer hattenator at imapmail.org
Thu Jul 6 02:37:08 PDT 2006


Jim Thompson wrote:
>
> I told him to not connect it to the Internet, because it would be
> rooted in minutes.
> http://www.realtechnews.com/posts/1511
>
> Its ugly out there...

I haven't found a link to the original article or anything, but this
sounds largely absurd.  A statement like this requires many
qualifications. 

First, Windows ME by some definitions can't be rooted, since it only has
one user. 

Second, any worms that might do any sort of automatic "rooting" almost
certainly do NOT apply to the dos-based versions of windows.  From
sarc.com about blaster worm:

*Systems Affected
<http://securityresponse.symantec.com/avcenter/refa.html#systemsaffected>:*
	Windows 2000, Windows NT, Windows Server 2003, Windows XP
*Systems Not Affected
<http://securityresponse.symantec.com/avcenter/refa.html#systemsnotaffected>:*
	Linux, Macintosh, OS/2, UNIX, Windows 95, Windows 98, Windows Me


This is true of most if not all non-self-inflicted and
non-browser-related worms.  If you can find me a worm capable of
automatically infecting a windows ME machine without user input, I will
be extremely surprised.  The best I've ever found is one that will
propagate to shared drives on the network that have manually turned on
read/write sharing on the root of the hard drive regardless of whether
they set a password on the share.  No sharing is enabled on windows ME
by default. 

If you turn on sharing to the root of your hard drive with read/write
without ever going to windowsupdate.microsoft.com , then you do deserve
what you get.  Otherwise, a default install of windows ME is relatively
safe. 

This article is surely very specific to a certain class of computers
that came out before 2004, computers running a a copy of Windows NT4
(any) Windows 2000 SP0-SP3 or Windows XP SP0-SP1 with no security
patches slipstreamed onto the installation media, with no software nor
hardware firewall.  I don't think Windows 2000 or NT with the latest
service pack and all recent security patches slipstreamed into the
installation CD is common, although you used to be able to order a free
CD from microsoft with all the security patches for the price of
shipping at http://www.microsoft.com/security/protect/cd/order.asp . 

Windows NT/2000/XP all were vulnerable to several classes of network
worms because they had retarded default security settings with open
ports for running services normal people would never need.  All of these
ports are firewalled by default in XP SP2, and almost all computers that
have been built since August 2004 have SP2 built into the
installation/restoral CD.  Until a worm comes out that hacks the
firewall itself (hasn't happened yet, but isn't impossible), all of
these XP SP2 machines are safe by default, and can only be hacked via
self-inflicted security holes (running randomly obtained exe files,
turning off the firewall, etc). 


Furthermore, a windows machine of any sort that is alone behind a
hardware firewall won't have any hackable open ports either.  It seems
like almost all broadband ISPs give their customers NAT firewall
routers/modems nowadays, so this mostly just leaves dialup and static IP
users of windows NT-2000-XPSP1, who either haven't been to windowsupdate
before the viruses came out, or who managed to find an installation CD
for one of those old OSes, which is an increasingly small segment of
windows users. 

So I contend that to say that all windows machines are hackable in 12
minutes is more absurd than to say that all linux machines are hackable
in 12 minutes just because redhat 7 was (
http://xforce.iss.net/xforce/alerts/id/advise71 ). 

The only people who have it right are OSX and a few linux
distributions.  OSX has no open ports by default.  Almost all Linux
distributions have ssh enabled by default, which has had a few
exploits.  I strongly believe that ALL open ports should be an opt-in
policy and not an opt-out/firewall policy. 

-Eric Hattemer





More information about the LUAU mailing list