A Windows 98 & ME forum. Win98banter

If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below.

Go Back   Home » Win98banter forum » Windows 98 » General
Site Map Home Authors List Search Today's Posts Mark Forums Read Web Partners

Does the RPC Attack affect Win 98?



 
 
Thread Tools Display Modes
  #1  
Old October 25th 08, 10:29 AM posted to microsoft.public.win98.gen_discussion
smith
External Usenet User
 
Posts: 18
Default Does the RPC Attack affect Win 98?

Does the RPC attack affect Win 98?


M$ Security Bulletin:
http://www.microsoft.com/technet/sec.../MS08-067.mspx


The Bulletin states:

Customers who require custom support for older releases must
contact their Microsoft account team representative, their
Technical Account Manager, or the appropriate Microsoft partner
representative for custom support options

Does this mean M$ is still supporting 98 for people with
custom contracts?

The bulletin also states in the FAQs"

What systems are primarily at risk from the vulnerability?

While all workstations and servers are at risk regarding this
issue, systems running Microsoft Windows 2000, Windows XP, or
Windows Server 2003 are primarily at risk due to the unique
characteristics of the vulnerability and affected code path.

Does Win 98 share these "unique characteristics?"

What is the difference between "all workstations and servers"
being at risk but just some being "primarily" at risk because of
"unique characteristics."

Normally I do not log on and have the browser available, i.e., I
can't look at other systems on my local network. Does that leave
me safe?


  #2  
Old October 25th 08, 04:12 PM posted to microsoft.public.win98.gen_discussion
98 Guy
External Usenet User
 
Posts: 2,951
Default Does the RPC Attack affect Win 98?

smith wrote:

Does the RPC attack affect Win 98?

M$ Security Bulletin:
http://www.microsoft.com/technet/sec.../MS08-067.mspx


I would bet that the problem (which required a very rare emergency
update a couple of days ago for NT-based systems) is with the "server"
service, possibly performed by the file rpcss.exe. I would bet that
win-9x is not vulnerable to the exploit being addresses in that
bulletin.

Furthermore, isin't Dcom related to (or required to be installed /
running) for RPC to function on win-9x?

If you're connected to the internet via a NAT-router, then you won't see
any port 135 connection attempts anyways.

---------------
http://technet.microsoft.com/en-us/l.../cc750828.aspx

RPC Port Closures

Many services by default are listening on network interfaces, including
the local loopback interface. For example, the Microsoft remote
procedure call (RPC) port mapper listens on TCP/135, UDP/135, TCP/1027,
and TCP/1028. Three of these services — the RPC client, RPC server, and
RPC end-point mapper — can be configured to close all open ports.
However, these changes must be carefully tested because they can break
functionality, not only with remote hosts, but also between local
services.

Microsoft Exchange and Microsoft SQL Server™ are the most commonly
deployed applications that require RPC. Additionally, RPC calls are used
during remote management of servers. The common built-in utilities that
are dependent on RPC services a

DHCP Manager
DNS Administrator
WINS Manager
Performance Monitor
Event Viewer
Registry Editor
Server Manager
User Manager
----------------
  #3  
Old October 25th 08, 10:28 PM posted to microsoft.public.win98.gen_discussion
PA Bear [MS MVP]
External Usenet User
 
Posts: 549
Default Does the RPC Attack affect Win 98?

Support for Win98 ended in early July 2006. Is Win98 vulnerable to this
exploit? Possibly, but MS isn't going to tell you or issue a patch for any
non-supported OSS.

Many but certainly not all AV apps can detect the exploit addressed by
MS08-067:
http://www.virustotal.com/analisis/4...f4df341ab3515a

If you're behind a firewall *and* file/printer sharing is disabled, you
should be OK.
--
~Robear Dyer (PA Bear)
MS MVP-IE, Mail, Security, Windows Desktop Experience - since 2002
AumHa VSOP & Admin http://aumha.net
DTS-L http://dts-l.net/

smith wrote:
Does the RPC attack affect Win 98?


M$ Security Bulletin:
http://www.microsoft.com/technet/sec.../MS08-067.mspx


The Bulletin states:

Customers who require custom support for older releases must
contact their Microsoft account team representative, their
Technical Account Manager, or the appropriate Microsoft partner
representative for custom support options

Does this mean M$ is still supporting 98 for people with
custom contracts?

The bulletin also states in the FAQs"

What systems are primarily at risk from the vulnerability?

While all workstations and servers are at risk regarding this
issue, systems running Microsoft Windows 2000, Windows XP, or
Windows Server 2003 are primarily at risk due to the unique
characteristics of the vulnerability and affected code path.

Does Win 98 share these "unique characteristics?"

What is the difference between "all workstations and servers"
being at risk but just some being "primarily" at risk because of
"unique characteristics."

Normally I do not log on and have the browser available, i.e., I
can't look at other systems on my local network. Does that leave
me safe?


  #4  
Old October 25th 08, 10:58 PM posted to microsoft.public.win98.gen_discussion
98 Guy
External Usenet User
 
Posts: 2,951
Default Does the RPC Attack affect Win 98?

"PA Bear [MS MVP]" wrote:

If you're behind a firewall *and* file/printer sharing is disabled,
you should be OK.


Even with file/print sharing enabled, how would an RPC packet get past a
firewall (ie - NAT router) ?
  #5  
Old October 26th 08, 04:59 AM posted to microsoft.public.win98.gen_discussion
Dan
External Usenet User
 
Posts: 1,089
Default Does the RPC Attack affect Win 98?

I would be surprised if remote procedure call (rpc) affects Windows 98 since
that is one of the great things that I enjoy about Windows 98 is that it does
not have the ability to allow another os to easily connect to Windows 98 like
Windows XP has. In Windows XP, Microsoft can use Easy Assist in order to
remotely try and work on your system from their end. I have not seen this
procedure ever used in Windows 98.

The thing is that with less there is more in some cases especially with
their being less services in Windows 98 compared to Windows XP and this has
the affect of their being less attack vectors to compromise a user's system.
If you put an unpatched XP system on the 'Net and an unpatched 98 system on
the 'Net I would be surprised if the 98 system was compromised before the XP
system. I found this by researching with Google and it appears RPC is not a
component of Windows 98.

http://www.microsoft.com/technet/sec.../MS04-012.mspx

Sometimes, it seems you go backwards with progress because RPC according to
this Microsoft bulletin does not affect Windows NT or Windows 98 but
certainly affects Windows 2000, Windows XP and Windows Server 2003. Long
Live Windows 98.

"smith" wrote:

Does the RPC attack affect Win 98?


M$ Security Bulletin:
http://www.microsoft.com/technet/sec.../MS08-067.mspx


The Bulletin states:

Customers who require custom support for older releases must
contact their Microsoft account team representative, their
Technical Account Manager, or the appropriate Microsoft partner
representative for custom support options

Does this mean M$ is still supporting 98 for people with
custom contracts?

The bulletin also states in the FAQs"

What systems are primarily at risk from the vulnerability?

While all workstations and servers are at risk regarding this
issue, systems running Microsoft Windows 2000, Windows XP, or
Windows Server 2003 are primarily at risk due to the unique
characteristics of the vulnerability and affected code path.

Does Win 98 share these "unique characteristics?"

What is the difference between "all workstations and servers"
being at risk but just some being "primarily" at risk because of
"unique characteristics."

Normally I do not log on and have the browser available, i.e., I
can't look at other systems on my local network. Does that leave
me safe?



 




Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
DoS attack tools [email protected] General 6 August 5th 07 01:28 PM
Spyware and Adware affect every internet user [email protected] General 2 December 7th 06 04:05 AM
Spyware and Adware affect every internet user thomas hoffman General 0 November 24th 06 11:49 AM
Remnants of attack PAT (Paul) General 11 May 8th 05 01:00 AM
Keylogger can affect 98SE as well Dan General 0 March 22nd 05 10:31 AM


All times are GMT +1. The time now is 09:26 AM.


Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Copyright ©2004-2024 Win98banter.
The comments are property of their posters.