Reply 20 of 56, by creepingnet
- Rank
- Oldbie
VivienM wrote on 2024-01-30, 03:10:creepingnet wrote on 2024-01-30, 02:57:But you'd be amazed how much hate I've had in the past by armchair infosec dweebs who think that a connected DOS system is a security risk.
There might be more of a risk if you're putting a retro system directly on the IPv4 Internet without a NAT, e.g. on a university network or something (not sure who other than universities would have plentiful IPv4 IPs and a non-NAT setup in 2024). Not sure what ports would be opened by default on, say, a Win2000 system... and how exploitable that might be.
That being said, I would agree with you and presume the bad guys are being pragmatic. Why focus on Windows 9x exploits when the Internet is full of Windows 7 machines running unpatched web browsers?
Yeah, the truth is, I'm not running with a direct address. I'm running through a router almost all the time, or a gateway/router combo. Lately, I think I have the most secure setup I've had in years, because I started using an 802.11 a/b/g/n Wireless Bridge for my retro-machines so I don't need to be running miles of Ethernet all over the apartment. I've noticed my router does not even see my vintage boxes at all - it j ust sees the Wireless Bridge(s) and that's it. Has me thinking there might be an extra layer in security by doing this. All are protected behind a complex WPA2 PSK password - which is funny because I have NEWER stuff like a Wii that does not even have that level of security, 🤣.
I only have one machine that faces the internet that might be any sort of a risk, a Plex Media Server, which runs Linux and is frequently updated. I'm always checking that thing for exploits. So far so good. But I don't really have anything personal on that machine either, just movies and video games mostly. It has an internal FTP I use for my retro-boxes to download software from over FTP from DOS.
TBH, I really question the risk on a regular, home LAN with an ISP presented Gateway and Router setup like I've had since 2005 though. I've been running legacy clients that old on this kind of setup for 15 years, and in that time, I've only had ONE machine contract any sort of malicious software, and it was a Windows 7 machine when Windows 7 was still considered current. It got that software from a "friend" sneaking on it to surf porn I figured out (internet cache), and found out about it when it started spamming people in my hotmail address list including a boss and a former room mate (which I dumped at that time as I was no longer using it).
One new thing I've started doing just in case since this hobby has gotten more popular, is making them not full-time connected, and moving to running my Win9x/older games on Linux in virtual machines or compatibility layers, while keeping the Tandy, 386, and 486 (mostly) Pure DOS. I only have networking enabled when I want to telnet a BBS, surf the web in Links (the only browser worth a crap on a vintage PC IMHO), access my server via FTP (though I might play with that new thing Brutman added).
~The Creeping Network~
My Youtube Channel - https://www.youtube.com/creepingnet
Creepingnet's World - https://creepingnet.neocities.org/
The Creeping Network Repo - https://www.geocities.ws/creepingnet2019/