95/98/ME
Not a network OS
- limited remote admin features, no native telnet, remote execution, and most applications graphical, not command prompt
Remote exploits: direct connection to shared resources
- file sharing: e.g. use Legion to find, then use brute force (BF), also Network Neighborhood Cracker.
- countermeasures: turn off file sharing, or use password with eight characters, alpha plus meta characters. Add $ to the share name, e,g. share$ -- to hide from net view, Legion scan, Network Neighborhood.
- Win 9x Dial-up server: users can attach modem and allow dial in.
- countermeasure: do not use Dial-up and do not allow modems in user machines (VPN discussed in another class).
- Win 9x registry is not accessible remotely, unless the Remote Registry Service is installed (don’t).
- Use Policy Editor to turn off resource share globally.