[Dshield] He thinks he is bulletproof, is he?

Chris Brenton cbrenton at chrisbrenton.org
Thu Dec 4 14:24:22 GMT 2003


Greets dude,

On Thu, 2003-12-04 at 01:01, Kenneth Coney wrote:

> Recently while 
> seeking evaluations of a data base program I learned we have a person in 
> the group who uses a machine with only 16 megs or RAM and who removed (more 
> or less completely) Internet Explorer from his Windows 95 machine

LOL! I *really* like this guy! :)

> I suspect he is very vulnerable to something, but lack enough root 
> knowledge of TCP/IP and DOS to speak with certainty.

A couple of things:
When he runs Win95, has he unbound NetBIOS from IP? If so he has a
system with no open ports so the machine is not remotely exploitable. I
guessing some oldie but goodie DoS attacks will work against him (Ping
of Death and land come to mind), but all that will do is knock him
off-line. 

He reads e-mail via Pine and a shell account so MS based viruses can't
touch him. He could pick up a Macro based Word document virus, but
Anti-Word will kill that. He's only vulnerable if he actually runs true
MS Word.

Lynx and Arachne will keep him safe on the browser side. What version of
Opera is he running? 6 and prior is cool. 7 has had a lot of Java
vulnerabilities. 

So he does have a point of vulnerability when he's actually running
Windows, but its pretty minor and it sounds like he's paranoid enough to
stay relatively safe. My guess is you probably have plenty of other
users that are a bigger security threat. 

HTH,
C





More information about the list mailing list