Exetools  

Go Back   Exetools > General > General Discussion

Notices

Reply
 
Thread Tools Display Modes
  #16  
Old 06-10-2017, 03:55
TechLord TechLord is offline
Banned User
 
Join Date: Mar 2005
Location: 10 Steps Ahead of You
Posts: 761
Rept. Given: 384
Rept. Rcvd 247 Times in 112 Posts
Thanks Given: 789
Thanks Rcvd at 2,021 Times in 570 Posts
TechLord Reputation: 200-299 TechLord Reputation: 200-299 TechLord Reputation: 200-299
As a professional in this field, would like to say that if anyone does use XP anymore, it should be only on computers that are OFFLINE.

We do have a few nodes running XP but they are all stand-alone. It's not advised to even connect them to the LAN if possible. We use them only for testing purposes.

My advice regarding the updates :
Its generally a bad idea to use updates meant for one version of the OS (Embedded here in this case) for a Desktop PC.

The Embedded Version fundamentally is a HIGHLY stripped down version of the full OS and hence would obviously be lacking a number of features that would be available in the full OS.

SO obviously, there would be far fewer patches needed/released for the embedded versions compared to the full versions and once should not rest with a false re-assurance that he has "patched" his OS

Thank you to @CyberCoder for the tip

Yet what Kerlingen says is right. Using the patches meant for Embedded on a desktop version of the OS would not be sufficient.
Reply With Quote
The Following User Says Thank You to TechLord For This Useful Post:
Indigo (07-19-2019)
  #17  
Old 06-13-2017, 16:08
Fyyre's Avatar
Fyyre Fyyre is offline
Fyyre
 
Join Date: Dec 2009
Location: 0°N 0°E / 0°N 0°E / 0; 0
Posts: 259
Rept. Given: 75
Rept. Rcvd 85 Times in 38 Posts
Thanks Given: 141
Thanks Rcvd at 335 Times in 113 Posts
Fyyre Reputation: 85
Quote:
Originally Posted by TechLord View Post
Yet what Kerlingen says is right. Using the patches meant for Embedded on a desktop version of the OS would not be sufficient.
Agree.. it make no sense.

XP created, 1999. No reason anyone using (pls not say SoftIce..)
__________________
Best Wishes,

Fyyre

--

https://github.com/Fyyre
Reply With Quote
The Following User Says Thank You to Fyyre For This Useful Post:
Indigo (07-19-2019)
  #18  
Old 06-14-2017, 23:57
mm6840 mm6840 is offline
Friend
 
Join Date: May 2016
Posts: 31
Rept. Given: 0
Rept. Rcvd 0 Times in 0 Posts
Thanks Given: 16
Thanks Rcvd at 45 Times in 27 Posts
mm6840 Reputation: 0
Microsoft decided to provide a patch for Widnows XP

https://blogs.technet.microsoft.com/msrc/2017/06/13/june-2017-security-update-release/
Reply With Quote
The Following 3 Users Say Thank You to mm6840 For This Useful Post:
Indigo (07-19-2019), niculaita (06-15-2017), wilson bibe (06-15-2017)
  #19  
Old 06-15-2017, 12:28
psgama psgama is offline
Friend
 
Join Date: Jul 2014
Posts: 100
Rept. Given: 0
Rept. Rcvd 6 Times in 6 Posts
Thanks Given: 12
Thanks Rcvd at 75 Times in 44 Posts
psgama Reputation: 6
You know it's serious when Microsoft Patches non supported software :P
This ransomware is really beginning to become an issue. Just goes to show that there is something to be said about a good online backup, or changing permissions on shares after you are done!
Reply With Quote
The Following User Says Thank You to psgama For This Useful Post:
Indigo (07-19-2019)
  #20  
Old 06-15-2017, 15:16
pp2 pp2 is offline
Friend
 
Join Date: Jan 2002
Posts: 59
Rept. Given: 1
Rept. Rcvd 2 Times in 2 Posts
Thanks Given: 1
Thanks Rcvd at 16 Times in 12 Posts
pp2 Reputation: 2
If you are running Windows (even XP) after any modern router with NAT - it will help you to mitigate cryptor, since router will not accept connections to 139 and 445 ports, even if Windows (without any firewall) will.
Reply With Quote
The Following User Says Thank You to pp2 For This Useful Post:
Indigo (07-19-2019)
  #21  
Old 06-15-2017, 17:30
Kerlingen Kerlingen is offline
VIP
 
Join Date: Feb 2011
Posts: 324
Rept. Given: 0
Rept. Rcvd 276 Times in 98 Posts
Thanks Given: 0
Thanks Rcvd at 308 Times in 95 Posts
Kerlingen Reputation: 200-299 Kerlingen Reputation: 200-299 Kerlingen Reputation: 200-299
If you have a very old ISP contract or are using a mobile modem (SIM card) to access the internet you might be running in an IPv4-only environment behind a NAT. But in pretty much every other situation you have IPv6 without NAT and all your network PCs are accessible directly from the internet.
Reply With Quote
The Following User Says Thank You to Kerlingen For This Useful Post:
Indigo (07-19-2019)
  #22  
Old 06-16-2017, 04:16
TechLord TechLord is offline
Banned User
 
Join Date: Mar 2005
Location: 10 Steps Ahead of You
Posts: 761
Rept. Given: 384
Rept. Rcvd 247 Times in 112 Posts
Thanks Given: 789
Thanks Rcvd at 2,021 Times in 570 Posts
TechLord Reputation: 200-299 TechLord Reputation: 200-299 TechLord Reputation: 200-299
Quote:
Originally Posted by Kerlingen View Post
If you have a very old ISP contract or are using a mobile modem (SIM card) to access the internet you might be running in an IPv4-only environment behind a NAT. But in pretty much every other situation you have IPv6 without NAT and all your network PCs are accessible directly from the internet.
For many of the home users and even office PCs, NAT is switched on by default in the router through which they access the internet, so this should not be a problem.

At least, for many of the routers in the US, I see that the NAT is already enabled...
Reply With Quote
The Following User Says Thank You to TechLord For This Useful Post:
Indigo (07-19-2019)
  #23  
Old 06-16-2017, 19:29
Kerlingen Kerlingen is offline
VIP
 
Join Date: Feb 2011
Posts: 324
Rept. Given: 0
Rept. Rcvd 276 Times in 98 Posts
Thanks Given: 0
Thanks Rcvd at 308 Times in 95 Posts
Kerlingen Reputation: 200-299 Kerlingen Reputation: 200-299 Kerlingen Reputation: 200-299
NAT is no security feature. You can't just turn it on or off as you like, you either require it or can't use it at all depending on your setup.

NAT for IPv6 doesn't exist, so no, not a single IPv6 router in the US (or elsewhere) has NAT enabled (or an option to turn it on).

If you find some NAT settings in your router configuration these are IPv4 settings.

If your ISP supports IPv6, then all your local network computers are accessible directly by IPv6, no matter what settings you choose for IPv4 connections.
Reply With Quote
The Following 2 Users Say Thank You to Kerlingen For This Useful Post:
Indigo (07-19-2019), TechLord (06-17-2017)
  #24  
Old 06-16-2017, 20:34
cybercoder cybercoder is offline
Friend
 
Join Date: Aug 2005
Posts: 114
Rept. Given: 2
Rept. Rcvd 11 Times in 8 Posts
Thanks Given: 22
Thanks Rcvd at 46 Times in 31 Posts
cybercoder Reputation: 11
so turning it off would be a good option till you can control settings.. Some registry settings will do it...
You can run any os you like and be secure if you configure it right
Reply With Quote
The Following 2 Users Say Thank You to cybercoder For This Useful Post:
Indigo (07-19-2019), TechLord (06-17-2017)
  #25  
Old 06-17-2017, 01:15
TechLord TechLord is offline
Banned User
 
Join Date: Mar 2005
Location: 10 Steps Ahead of You
Posts: 761
Rept. Given: 384
Rept. Rcvd 247 Times in 112 Posts
Thanks Given: 789
Thanks Rcvd at 2,021 Times in 570 Posts
TechLord Reputation: 200-299 TechLord Reputation: 200-299 TechLord Reputation: 200-299
Talking

Quote:
Originally Posted by Kerlingen View Post
NAT is no security feature. You can't just turn it on or off as you like, you either require it or can't use it at all depending on your setup.
...
Its not a security feature I agree, but you can turn it on or off at various levels (the OS level, commercial Cisco Routers level, Hardware Firewall level etc).

I'm sure you know this bro Kerlingen, but for the sake of some of the others who are following this discussion, would like to highlight an important fact :

Many use VPNs etc and stay smug thinking that they are now more or less anonymous on the internet. All the while keeping their IPv6 Address enabled

When my team is called for an investigation to identify some [cyber] miscreant(s) and we find that the perpetrator used a VPN but kept the IPv6 address enabled, my team guys go out for a beer

Because our job is more or less done and we would have uniquely identified the guy (of course assuming that he didn't spoof it).

SO the take-home lesson from this post :
You cannot assume that you are anonymous online if your IPv6 address is kept enabled !

Cheers
Reply With Quote
The Following User Says Thank You to TechLord For This Useful Post:
Indigo (07-19-2019)
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Visual Protect Spotted Horse General Discussion 10 09-17-2004 14:58


All times are GMT +8. The time now is 17:36.


Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX, chessgod101
( 1998 - 2024 )