[Dshield] He thinks he is bulletproof, is he?

Al Reust areust at comcast.net
Sun Dec 7 04:44:07 GMT 2003


Sorry All, for the delay in the reply

I remember a couple things that are important. I remember removing the 
Virus from a blind users machine that had a very similar setup. It was 
running DOS, or more exactly windows for WorkGroups that allowed TCP/IP (or 
can we say an Internet connection. He Used the Lnyx browser to and that was 
piped to a program that spoke (crudely) was on the web page. During that 
Same time I was invited to an IBM Sales for OS 2. I clearly remember in a 
room with about 400 people  One individual asking the question how Secure 
is OS 2? The presenter attempted to answer the specifics as he understood 
how the question was phrased. After about 10 minutes of question/answer 
rephrase the question and then rephrase the answer, rephrase the question 
and the answer, the crowd was starting to get annoyed. The presenter was 
not smart enough to say that I can not provide the answer that you want. 
Please give your business card to one of the ushers (and wave his hand 
madly) and we will get you the answer that you need. What did happen was I 
stood up and stated, If you want a Secure computer then install the OS, 
after that is complete install the applications that you want to run. When 
that is complete, shut the computer down. Pick it up and go to a Bank where 
they have a Safety Deposit Box large enough to hold the computer. Pay and 
Annual Fee for the Box and put the computer inside the Deposit Box. AS you 
leave the Bank drive to bridge over a fast running River and throw the key 
into the water. Please insure that you pay the Annual Fee's for the deposit 
box. Then you have the assurity of the Bank for the Security of the PC! Not 
to mention their Insurance.

I guess the History Lesson would be, during that time frame was when IBM 
and Microsoft parted ways for OS 2. IBM Delivered and Microsoft delivered 
Win95 if you look in the *.ini or *.inf files it states the project name of 
"Chicago" or the joint name of the project. I liked OS 2 except for the 
"single" DOS Penalty Box or the lack of developers that provided programs. 
But then I was one of the few people that could setup a clone (non-IBM box) 
that would support required drivers.

So this whole thing is absurd, you do what you can with what you have! It 
is called Mitigating Risks. You decide what is acceptable and what is not. 
Dos is susceptible to Virus, Dos has port 135 Open potentially to Blaster. 
If he has any program that installs a TCP/IP or any Network Stack, which is 
stated as it is Win95 Box less IE. I do have one of the programs to install 
it in that fashion, he is at risk.

So Yes Pine is not susceptible to most viruses (yes that is on a Nix 
system), there are things that the person can carry in on a Floppy or a CD. 
It does not mean that the person does not have something that they do not 
know is there. Esp.. if they do not have an AntiVirus software installed. I 
would drop a Norton System Works 2003 Cd (or AntiVirus) in and let it go 
scan his system to see what might be there.. That would be the proof.

The ATM people love it too, see previous threads.

Over the years I have told many people to purchase the computer and install 
what you need to use.  Backup up your data off the machine. When You get a 
notice about a newer versions of the software purchase upgrades.Buy them, 
do not install them. When the computer falls on its side go buy a new. 
Install the upgraded software and go get your data and you are back to 
business..

I guess the bottom line is Win95 is At Risk! Irrespective of the users 
Education level.
You could explain that a a Win 2K pro with proper security patches and 
antivirus and Office would make his life Faster and Easier. It would save 
him Time and Effort! Explain what his Time is worth.

But then, I remember, when I could open a Shell Session at 1,200 baud, It 
was Great! I also remember when SlackWare was only 19 Floppies. 
http://www.slackware.com/


R/

Al

At 01:01 AM 12/4/2003 -0500, you wrote:
>I belong to a group that occasionally sends emails containing proprietary 
>commercial information from person to person for comment.  Recently while 
>seeking evaluations of a data base program I learned we have a person in 
>the group who uses a machine with only 16 megs or RAM and who removed 
>(more or less completely) Internet Explorer from his Windows 95 machine 
>seven or eight years ago and he has no AV and no firewall.  Since MS 
>alerted us to the RPC vulnerability 
>(http://www.microsoft.com/technet/security/bulletin/MS03-026.asp) I have 
>been trying to get him to upgrade his machine, obtain anti virus software 
>and firewalls, or at least get any required patches.  This is his latest reply.
>
>"I rarely do Windows.  I do them at times when I need to view
>an MS-Word document with all its pretty fonts and formatting
>and/or lines and and boxes and images.  If I just need to know
>only what the document says I use a program named Antiword to take
>a look at it.  Antiword does a great job of converting MS-Word to
>plain text.  Antiword is free and you can download versions of it
>for almost all operating systems including even DOS.
>
>Other times when I do Windows are those times when it is really
>important for me to take a look at web pages infested with lots
>of JavaScript and requiring a browser capable of handling it in
>order to get any information from them.  None of my DOS-based browsers
>can deal with JavaScript.  They just ignore it.  A DOS ported version
>of the Unix text browser known as "Lynx" does a great job of getting
>into https SSL web pages.  I have it installed on my machine.  For
>doing web-browsing to display inline graphics I use a DOS browser known
>as Arachne.  It displays web pages just as well as MSIE and NetScape
>as long as the web pages don't make use of JavaScript and/or
>browser-specific proprietary HTML tags.  Also Arachne doesn't do SSL.
>Lynx does SSL but it doesn't handle JavaScript.  I have successfully
>used the Lynx browser on several occasions for doing online shopping
>and ordering merchandise by using a secure web page.
>
>I have the understanding that as long as I am using a DOS-only machine
>there is no way a hacker could invade my machine while I am online
>without my noticing that something very bizarre and fishy is happening
>inside my system.
>
>For going to web pages with my Windows 95 machine I use the Opera
>browser.  It isn't as bloated as the current versions of MSIE and
>NetScape and it runs fine on systems having only 16MB of memory.
>
>I never use a Windows machine for doing email.  When I am at a public
>terminal running a Windows machine I do my email by running Pine on
>my Unixish shell account.  I can get into my shell account on the remote
>computer by running a Java Applet that does SSH which I can access from
>a web browser.  When I finish my session the Java Applet self-destructs,
>supposedly.
>
>BTW, I have never received from anyplace on the internet a virus or
>a worm capable of infecting a DOS system.  I have received thousands of
>viruses and worms that are capable of infecting Windows 32 bit systems
>only.  That is why I don't do my email with a Windows system."
>
>I suspect he is very vulnerable to something, but lack enough root 
>knowledge of TCP/IP and DOS to speak with certainty.  I agree he is safer 
>than many, even safer than some with firewalls and AV software in that 
>most virus writers these days don't seem to be expecting a DOS based 
>machine, but I suspect he isn't as malware proof as he thinks.  He on the 
>other hand believes he is completly bullet proof to all forms of malware 
>and probe/infection attempts.  I'd like a second opinion.
>
>
>
>_______________________________________________
>list mailing list
>list at dshield.org
>To change your subscription options (or unsubscribe), see: 
>http://www.dshield.org/mailman/listinfo/list




More information about the list mailing list