Re: Secure Win98 SE?
From: Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] (sbradcpa_at_pacbell.net)
Date: 07/15/04
- Next message: Travis: "Connect to the Internet Wizard"
- Previous message: Roger: "Secure Win98 SE?"
- In reply to: Roger: "Secure Win98 SE?"
- Next in thread: Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]: "Re: Secure Win98 SE?"
- Reply: Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]: "Re: Secure Win98 SE?"
- Messages sorted by: [ date ] [ thread ]
Date: Wed, 14 Jul 2004 23:10:14 -0700
SALIVATING!!!!!!
1. When logging on ... hit cancel. You still can get into that
workstation right? Got any sensitive documents on that machine?
2. Lanmanhash. 98 based machines require a lower authentication
protocol to connect to a network. This lower authentication leaves
behind a "hash" of the passwords on a place on the server. Take LC4 or
John the Ripper program and run in on a network that runs 98's and it
can break that hash... less than 7 character password that is a
dictionary word gets broken my lc4 faster than I can find the icon on
the desktop.
3. User mode. XP/2k have three levels of security. User mode, Power
users mode, Local administrator. 98s has one level. Local admin. That
means that your employees can load on that machine ANYTHING they want.
4. Going to Windows 2000/XP is considered by my friends who work in the
defense contractor industry to be a downgrade. Why? Because of 3 above.
5. Services running as different levels. Even in windows 2000 versus
2003 you can see the impact of security.. many of the patches released
today didn't affect Windows 2003, or there is mitigating factors.
6. Hold onto your hats because right around the corner and within 90
days in the OEM channel XP sp2 will be released in August. XP sp2 is
very solid. All of the recent attacks affecting IE ... are all fully
protected in XP sp2. It's almost like a new OS, it's that good.
7. Group policy. Oh man this is where is really gets good. You want
to control the interior firewall on the XP sp2 machines INSIDE your
network, well get ready to. SBS2003 will be getting an update to our
Group policy to adjust so that the firewall is on inside our networks
better protecting us.
8. Group policy. If you have 98's you have no idea of the power you
can from that server. From locking down the screen saver to controlling
what programs are loaded, one of the advantage we SBSers have is we are
already on Active Directory.
9. 98's have no security. That's an oxymoron. It doesn't exist.
10. No blue screens of death. I honestly have never had one, don't
know what they look like on XP
11. System restore, load a driver that would normally BSOD a 98, and
you can easily recover on XP
12. SUS or Shavlik. You can't do a Patch management program on a 98.
You need XP....
How many more do you want?
C S R C - Systems Administration:
http://csrc.nist.gov/itsec/guidance_WinXP.html
See that? You can't do anything like that on 98s.
Roger wrote:
> I've read that WIN98 SE systems can't be locked down and
> aren't secure. Comparitively speaking...
>
> I want to convince a client of mine of this... but I'm
> looking for some guidance on some specific reasons why
> they need to fork out a little cash to upgrade to Win XP
> Pro...
>
> The stand-by "It's not supported anymore" isn't working
> with them...
>
> So... what are the security risks staying with an out-
> dated legacy system running Win98 SE?
>
> Regards...
> -R.
-- http://www.sbslinks.com/really.htm
- Next message: Travis: "Connect to the Internet Wizard"
- Previous message: Roger: "Secure Win98 SE?"
- In reply to: Roger: "Secure Win98 SE?"
- Next in thread: Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]: "Re: Secure Win98 SE?"
- Reply: Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]: "Re: Secure Win98 SE?"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
