Anyone know if Windows XP Embedded POSReady 2009 will be patched?

dr_st wrote:

[…]
Show full quote

• If your network contains only Win2K machines and newer, you can disable NetBIOS altogether and use direct TCP/IP for sharing
• If your network contains only WinXP machines and older, you can disable NetBIOS over TCP/IP and use NetBEUI
• If your network contains a mix of pre-2K and post-XP machines, and you want to have open sharing between them, you must use NetBIOS over TCP/IP

Is there any means of sharing (via Windows Network) between XP and Win7? Say you disable NETBIOS over TCP/IP and use NetBEUI to share between Win3.11, W9x, NT4, W2K, and XP. And if you only needed to share Win7 with the XP machines, is there another protocol which can do this?

feipoa wrote:

Anyone know if Windows XP Embedded POSReady 2009 will be patched?

Probably, but like all updates it gets it will be delayed a few days.

feipoa wrote:

And if you only needed to share Win7 with the XP machines, is there another protocol which can do this?

That would just be SMB (port 445), if I'm not mistaken.

Kreshna Aryaguna Nurzaman wrote:

And isn't "hardware firewall" basically software firewall with lighter weight O/S and more specialized hardware?

Yes, but...
- I've never seen any hardware firewall running Windows (straight or embedded).
- Hardware firewalls usually operate on lower layers, so they don't really know what a SMB connection is (I mean, they can allow it or block it but don't get into it).
- Most firewalls won't allow incoming SMB connections by default (hint: they won't allow any incoming connection by default).

That doesn't mean that they are immune to attacks (network hardware have their own share of bugs / hacks / exploits), but they're usually not affected by the same exploits found on Windows. Also, every brand applies their own patches to their OS so exploits usually don't get a big share of devices.

The point is that if you got a vulnerable Windows that trust in that protocol and you install a software firewall on that Windows, it is very likely that you won't get protected (because that connection will be trusted by the OS and bypass the software firewall). If the firewall is on a non-vulnerable machine (i.e.: the hardware firewall, a linux machine configured as firewall, your own cable modem or router if it has firewall capabilities), that connection won't be trusted and your device will be protected.

Keep in mind that a hardware firewall will protect you from attacks from other networks. I mean that if any hacker want to get into your network it will be blocked (=he will have to find another mean to hack), but if anyone gets a hacked machine into your network (i.e.: a friend connect a infected laptop into your network, someone hacks your wifi, etc), your machine will be still vulnerable.

Jorpho wrote:

That depends on the version of Windows. As per Wikipedia, non-NetBIOS, port-445 SMB was only introduced in Windows 2000.

So if I want to share files between Windows 7 and Linux, it should be OK to disable NetBIOS, right?

Now, with older versions of Windows, I wonder if this vulnerability could be overcome using some sort of a networking sandbox.

mr_bigmouth_502 wrote:

So if I want to share files between Windows 7 and Linux, it should be OK to disable NetBIOS, right?

Yes, Samba can be configured not to use NetBIOS.

Now, with older versions of Windows, I wonder if this vulnerability could be overcome using some sort of a networking sandbox.

There's always tunneling over SSH, as I mentioned before. The cygwin version of smbclient will also run under older versions of Windows, but since it doesn't exactly allow streaming, one would probably be better off ditching Microsoft Networking altogether and using SSH if it came to that.

I have a P4 Windows 98SE system connected to internet (using a D-Link USB Wifi adapter) via the XP partition. It's a purely gaming machine and is not connected to the home network. I connect online to download old Win9x games patches, game demos and other nostalgic Win9x era file downloads like CD speed control, WIndows 9x themes, etc. No passwords entering sites are used, and obviously no monetary based websites are ever used.

Now, I would like to know what a hacker would be interested to do with my system via the WinXP partition which connects to the internet? Anyone has any ideas, what is the maximum damage that can be done in this system with a 120GB XP drive + 80GB Win98SE drive with the above activities?

I have since removed the XP and installed Linux Mint, but still wonder what the hacker will do to my above system, if XP remained. (Win98SE is not connected - driver not available for the wifi adapter.)

Or shall I add, what will the hacker achieve by hacking this system...and if it will be worth his while by doing this in this system?

Offhand: wipe the drive, encrypt the drive and hold it for ransom, hijack any personal information or passwords you might have stored somewhere, and install various malware programs. In the latter case, keyloggers are one possibility, or they might just add the machine to some kind of zombie-botnet useful for attacking other machines or sending out spam.

Yeah, my first thought was to add it to their botnet force to attack others. Even if there's nothing of value on the machine, having control of a machine in your LAN is useful because they get to use your bandwidth and they get to do it anonymously.