95/98/ME

• Not a network OS

  • limited remote admin features, no native telnet, remote execution, and most applications graphical, not command prompt

• Remote exploits: direct connection to shared resources

  • file sharing: e.g. use Legion to find, then use brute force (BF), also Network Neighborhood Cracker.
    • countermeasures: turn off file sharing, or use password with eight characters, alpha plus meta characters. Add $ to the share name, e,g. share$ -- to hide from net view, Legion scan, Network Neighborhood.
  • Win 9x Dial-up server: users can attach modem and allow dial in.
    • countermeasure: do not use Dial-up and do not allow modems in user machines (VPN discussed in another class).
  • Win 9x registry is not accessible remotely, unless the Remote Registry Service is installed (don’t).
  • Use Policy Editor to turn off resource share globally.

Previous slide

Next slide

Back to first slide

View graphic version