AW: [Dshield] He thinks he is bulletproof, is he?

Graham Dodd g.dodd at falk-ross.de
Thu Dec 4 15:18:34 GMT 2003


I would say "give the guy a beer and a pat on the back"

I think he would still be vunerable to a DoS if he's not behind a router /
firewall with basic protection.
As long as he doesn't leave a floppy in the drive then the chances of a
virus are nil.
While he's using a DOS based TCP/IP stack then he will be fine (apart from
DoS), and he rarely starts Win95.

As Johannes pointed out - a candidate for Linux

Graham Dodd

> -----Ursprungliche Nachricht-----
> Von: list-bounces at dshield.org [mailto:list-bounces at dshield.org]Im
> Auftrag von Kenneth Coney
> Gesendet: Donnerstag, 4. Dezember 2003 07:02
> An: "mailt?????????????
> Betreff: [Dshield] He thinks he is bulletproof, is he?
>
>
> I belong to a group that occasionally sends emails containing proprietary
> commercial information from person to person for comment.  Recently while
> seeking evaluations of a data base program I learned we have a person in
> the group who uses a machine with only 16 megs or RAM and who
> removed (more
> or less completely) Internet Explorer from his Windows 95 machine
> seven or
> eight years ago and he has no AV and no firewall.  Since MS alerted us to
> the RPC vulnerability
> (http://www.microsoft.com/technet/security/bulletin/MS03-026.asp) I have
> been trying to get him to upgrade his machine, obtain anti virus software
> and firewalls, or at least get any required patches.  This is his
> latest reply.
>
> "I rarely do Windows.  I do them at times when I need to view
> an MS-Word document with all its pretty fonts and formatting
> and/or lines and and boxes and images.  If I just need to know
> only what the document says I use a program named Antiword to take
> a look at it.  Antiword does a great job of converting MS-Word to
> plain text.  Antiword is free and you can download versions of it
> for almost all operating systems including even DOS.
>
> Other times when I do Windows are those times when it is really
> important for me to take a look at web pages infested with lots
> of JavaScript and requiring a browser capable of handling it in
> order to get any information from them.  None of my DOS-based browsers
> can deal with JavaScript.  They just ignore it.  A DOS ported version
> of the Unix text browser known as "Lynx" does a great job of getting
> into https SSL web pages.  I have it installed on my machine.  For
> doing web-browsing to display inline graphics I use a DOS browser known
> as Arachne.  It displays web pages just as well as MSIE and NetScape
> as long as the web pages don't make use of JavaScript and/or
> browser-specific proprietary HTML tags.  Also Arachne doesn't do SSL.
> Lynx does SSL but it doesn't handle JavaScript.  I have successfully
> used the Lynx browser on several occasions for doing online shopping
> and ordering merchandise by using a secure web page.
>
> I have the understanding that as long as I am using a DOS-only machine
> there is no way a hacker could invade my machine while I am online
> without my noticing that something very bizarre and fishy is happening
> inside my system.
>
> For going to web pages with my Windows 95 machine I use the Opera
> browser.  It isn't as bloated as the current versions of MSIE and
> NetScape and it runs fine on systems having only 16MB of memory.
>
> I never use a Windows machine for doing email.  When I am at a public
> terminal running a Windows machine I do my email by running Pine on
> my Unixish shell account.  I can get into my shell account on the remote
> computer by running a Java Applet that does SSH which I can access from
> a web browser.  When I finish my session the Java Applet self-destructs,
> supposedly.
>
> BTW, I have never received from anyplace on the internet a virus or
> a worm capable of infecting a DOS system.  I have received thousands of
> viruses and worms that are capable of infecting Windows 32 bit systems
> only.  That is why I don't do my email with a Windows system."
>
> I suspect he is very vulnerable to something, but lack enough root
> knowledge of TCP/IP and DOS to speak with certainty.  I agree he is safer
> than many, even safer than some with firewalls and AV software in
> that most
> virus writers these days don't seem to be expecting a DOS based machine,
> but I suspect he isn't as malware proof as he thinks.  He on the
> other hand
> believes he is completly bullet proof to all forms of malware and
> probe/infection attempts.  I'd like a second opinion.
>
>
>
> _______________________________________________
> list mailing list
> list at dshield.org
> To change your subscription options (or unsubscribe), see:
> http://www.dshield.org/mailman/listinfo/list
>




More information about the list mailing list