I Exposed a Windows 2000 Machine to the Internet... Here’s What Happened
ฝัง
- เผยแพร่เมื่อ 5 ก.ย. 2024
- All of this was done for scientific purposes, of course.
Here's how I managed to expose the computer:
fsturmat.net/b...
Here's a professional analysis of "C:\installed2.exe":
www.bitdefende...
Special thanks to Fornax Void for letting me use some of his tracks:
Cyberspace Database - Rāmen Multinode
Cyberspace Database - Cyberspace Database
Hey there, thanks for ending up in here! I managed to create a similar piece of content.
I managed to install DOOM on a DOS machine... but without floppies, CDs, network devices, serial cables or disk-swapping. If you want to know how, feel free to check it out!
th-cam.com/video/Ysjoh1hoIr8/w-d-xo.html
I've been looking everywhere but I can't find any advice on how to stop viruses from infecting windows 2000 do you have any firewalls or antivirus software you can suggest? If I connect through a regular router with Ethernet will the system be fine? Thank you for making this video.
Also which virus scanner did you use in the video?
@@mrdrzebraman694 I had been using ClamAV (open source scanning utility, primarily for non-Windows systems) and VirusTotal's website in order to scan individual files.
@@mrdrzebraman694 It all depends on the stuff that you are doing. First, don't use third-party antivirus. Like, never. Luckily, there is no recent or modern one available for Windows 2000. If this machine is hooked up to a router and the machine's IP is something like 192.168.x.x, you won't have to worry about external intruders (as to be seen in this video)
I can´t believe nobody mentioned it: It is very immersive and authentic to have this video in 4:3 format.
wait wtf... how did i not even notice that till you mentioned it?! 🤨
I didn't even notice that's awesome LOL
I really liked this on my Galaxy Fold 4
I'm so used to 4:3 stuff I always fail to realise when a youtuber does it intentionally lol
Watching on TV, 4:3. Commenting on my phone, video not 4:3.
The burp left in the edit, the "certain disease that escaped" conspiracy reference, the whole premise of the video, the V-neck-by-force... there is so much unsettling stuff in this video. I love it. This guy is deranged. Subscribed.
Well, wearing those exact specific white shirts with that particular V-neck has been an essential trait of mine for quite some time. I think the microphone that was stuck to my shirt might have expanded my cleavage a bit, so I totally get what you mean. Thank you for the heartwarming comment!
Ditto!
Felix: *burp*
TH-cam's auto-captioning: "[Music]"
@@app0the
That burp really was a [music] moment
I fucking lost it at the burp, absolutely incredible content
Anyone who spends any amount of time checking router or server logs for connection attempts knows all too well how the net is swarming bots that endlessly scan for systems and devices to exploit.
my netgear router hasn't been updated in a year, this is where I worry. I had a D-Link before that went like 10 years without an update
When i actually had Win 2k, XP back in their era that was also true back then, because if i connected to the internet after a fresh install with no firewall, AV etc setup, id get a bunch of malwate via exploits
I learned this the hard way when my server was hit with ransomware because of SMB vulnerability.
@@Athirilman that takes me back. I had the same shit happen.
Tempts me to toss a win 3.51 machine online.
I’m willing to bet even the hornets would get pissed off.
Back when win2k was new, I was setting up a fresh install and got hacked before I even finished setting it up. Back then, during install, it would bring up SMB before even setting the admin password and allowed logging in with no password over SMB to the admin account. Very secure stuff there.
bruh moment
some web apps still work like this today, exposing a first run set up form for stuff like admin password etc. if you set up public web access with your domain etc before doing the initial setup, a bot could take over.
when i was trying out nextcloud i shared screenshots with my friends and then found they did the initial setup and stole my server so i had to delete it and start over lol
Indeed. I watched a machine get compromised _while in the installer!_ NEVER connect anything from M$ directly to the internet. Don't even expose a single port to the internet.
Bruh lmao
Reminds me of my first real computer. I got it all set up with a fresh copy of XP, plugged it in to the phone line, dialed in to AOL, and immediately got hit by the Blaster worm. I didn't even load up a browser.
Years ago (maybe 10 years ago now?) I exposed a Windows 98 machine to the internet, and absolutely nothing happened. My theory was that nobody was exploiting such an old OS any more.
Edit: I meant exposed directly to the internet - directly connected to a modem, no router or NAT, no firewall, all ports opened.
Hey there, before getting started with my reply... I just wanted to let you know that your subscription list is an absolute goldmine!
I'd say that there's a combination of reasons why that might be the case. While my Win2K machine has started to show some really weird behaviour within a couple of minutes, I actually left my 486 with Win95 (+ file and printer sharing enabled) exposed for quite some time, which didn't seem to affect it at all. I later found out that the suspicious pings I mentioned in my video have actually been echo replies coming back from my machine. Windows 9x somehow manages to be one of the most attack-proof operating systems out there.
The security of NT (especially end-user systems like 2000 and XP) used to have more holes than swiss cheese... especially during active lifespan. Self-spreading worms like Sasser and Blaster were able to propagate without any user interaction. Even having a fully updated system on some kind of network could get you infected. For some reason, such devastating vulnerabilties have never been discovered on the 9x platform. My theory is that the simplicity and straightforwardness of the project allowed engineers to be more careful during development. Considering what's known about it, NT must have been a corporate hellscape during its early development phase.
But Win9x has four network-driven flaws that I know of: NinNuke, Ping of Death, badly configured network drives and EternalBlue. The first two vulnerabilities are DoS-based attacks - one causes the computer to completely freeze, the other one will make it display a bluescreen. So that's nothing that a reboot couldn't fix. While not being a 9x-exclusive thing, the attack schemes and self-replicating worms from back then heavily relied on users' mistakes of sharing local drives to the outside world. See here: th-cam.com/video/IVYg8ob0HT8/w-d-xo.html
I spent quite a bit of time lecturing myself about EternalBlue since this video. The code causing it to be must have been written somewhere in the early-to-mid 90s. Some of the functions involved still carry references to OS/2 in their name. I assume that throth WinNT, Win9x and OS/2 were using the same 32-bit code for their vulnerable CIFS implementation. That's why I'm quite convinced that the remote code execution we've seen in the video might also work on Win9x, assuming someone really wants to make that happen.
But here's the thing: Before Windows 2000 was a thing, CIFS was being provided on top of the NBT protocol via port 139. With Windows 2000 and anything that came after, CIFS had become an independent protocol in the form of SMBv1 and its default port of 445. Since EternalBlue is a relatively recent discovery, all of the exploit source codes that are publicly available don't seem to care about exploiting the old NBT-reliant implementation. So you are completely right with your theory.
I just realized... you are the guy who made "Everything is (Google) Chrome" back in 2013. I feel absolutely honored to have you as a viewer! You are a prophet.
People are more exploiting Windows Vista/7 now
Bad theory.
The thing with Windows 9x is that there's no permission model in place, so if you do get a RCE vulnerability, it can literally do anything on the machine, including installing VxDs to access kernel mode.
i feel like a hacker was so confused to see a windows 2000 machine on the internet
Not surprising given though most offices and other work environments use older software, so whoever (or whatever) hacked his pc might as well thought he was getting inside a really old company/office pc.
OP did mention that it was more likely a bot than an actual human.
@@ViroRadsyou missed the point. A windows machine sitting on a public ip NOT behind NAT with smb ports open 😂
The humor in this video is so good. It's the first video of yours I've seen, and I see it's a year old. I hope to see more videos closer to the current moment when I visit your channel.
EDIT: I'm devastated, Felix. You must resume uploading videos at once!
Thank you for letting me know about your devastation! I have been quite busy with all kinds of stuff besides TH-cam, a legal battle and marriage being one of them. Since that video got hit by the algorithm, I have a strong urge to re-satisfy my subscribers. Once again, thank you for your kind words. I'll definitely keep you all updated.
By the way, I have scrolled across your very own content. Maybe your philosophical insights will help me get closer to my goal.
@@fsturmat I also found this thanks to my autism being decoded by the algorithm, and I support new uploads! Got yourself a subscriber my friend,; godspeed with your life troubles, hope to see you soon! FTL
@@Snipa127"...thanks to my autism being decoded by the algorithm..."
Thank you for giving us a way to express that sentiment!
Here in Brazil it is very common seeing small business with Windows XP or 7. Luckily most routers automatically protect them by not exposing them directly.
Any small percentage of users with old systems is big if we think about the total: billions of PCs worldwide. So there are thousands or even millions of machines running old software.
you mean windows 10 or 7
@@decotheepicguy
He means XP or 7
@@RetroDsk i know but i corrected the operating systems, not the names
@@decotheepicguybut you're still wrong because he meant Windows XP or 7.
still wrong@@decotheepicguy
Out of everything they choose to bitcoin mine on a freakin' dinosaur ...
Likely it's a bot that is looking for anything that is vulnerable to any of the exploits it is familiar with (EternalBlue is very common) and tries to install the crypto miner on it. There is apparently no logic to determine how useful the infected machine will be at mining said crypto.
Mining on one dinosaur might be shit, but every little bit helps and it's all free anyway, so who cares?
This brings back memories. Back in the early-to-mid 2000s I used to work in a computer store. We had a pile of test phone lines, and internal 56k modems were the standard at the time. Sometimes we'd have races to see how long it would take an unpatched, fresh install of Windows to get a virus.
Even in the days before Eternal Blue, it didn't take long at all.
As a network engineer I already knew what was going to happen before I clicked on the video. Windows 2000 was a very good OS...for it's time. However, it was a nightmare to secure. As was Windows XP, but at least WinXP got better with SP2.
It looks like your Windows 2000 PC was hacked almost immediately after getting online. I expected as much. Anything running default settings usually gets hacked almost instantly when directly exposed to the Internet. It's the settings the hackers know best after all. :)
Nice little experiment though. I'll have to check your other videos when I get a chance. ;)
Hi. Quick question; considering that the system is legacy and no longer being supported by Windows, and therefore no security patches for today’s threats, could this be a reason the system was hacked as well? Thanks.
@@Intell1s Yes, definitely. There is still code from Windows 2000 present in Windows 11. While Windows 11 gets patches, they are not fixed on Windows 2000. It is common practice for hackers to find holes they can exploit from this old code in modern Windows systems. That's why headlines like, "Microsoft patches 20 year old security flaw", get made.
In addition to that, back in the day when Windows 2000 was all the rage and we all wanted to run it instead of Windows ME and before Windows XP came around, Windows 2000 was still very hackable. We learned a lot of hard lessons like the importance of installing a firewall (it didn't come with one) and making sure to not directly expose it to the internet. It was common place for people to plug into their cable modem and get a public IP back then whereas now the box from your ISP hands out private IPs by default in most cases. Some setups will still hand out public IPs (they still do if you put it in "bridge mode" to use your own router), but it's not very common for people to be using a public IP directly on their PC anymore.
Windows 2000 was loved by many in the IT community for being reliable (when it wasn't directly exposed to the Internet). It didn't crash nearly as often as Windows 9x, Windows ME was so bad that 99% of us skipped it, and it ran the latest games surprisingly well (most games had moved to Win32 instead of DOS by then).
This is why my xp build is, and shall forever remain, airgapped.
why my computer dont get any virus? i use windows 2000 too and i search for virus everyday
I remember that it was tight and sweet except for driver issues for audio/video because it wasn't for average home users and I assumed, more professional applications but I ended up always seeing XP as just 2000+.
I had a Windows XP machine set up to run a Garry's Mod server one time. It was meant to run 24/7 on our home network so I wouldn't need to pay the $20 a month for a remote server.
Machine lasted about 18 hours before it got hit with probably the same exploit and had its BIOS flashed over - someone likely sent the CIH virus over. Its IP was publicly hosted on server listings and the game can report back what OS the server runs, and it was port forwarded.
damn tho u did a good job hosting it tho
Lol same with my windows xp setup for minecraft back in the alpha days
@@drudiggerwas xp even supported by m$ during Mc alpha days? Im pretty sure win 7 was out by then
@@M8Military I played 1.9 in XP.
@@M8Militaryyes, xp was supported until 2014, by 2014 1.6 (maybe even 1.7) was already released
The difference of a "direct connection" through the internet such as over Dialup or sitting behind a router, is massive. If you have the first one your 100% guaranteed to be hit with a worm exploiting the living snot out of your 2000/xp machine. The 2nd one pretty much blocks most common exploits, but still no guarantee for a safe experience.
that's interesting I've never considered that. it makes sense. but wouldn't a worm just wait for the slow responses from the dial-up connections? do they use timeouts to ignore slow connectsion?
@@xenostim If i'm correct it was super easy to be hit by that blaster worm, if you where "unprotected" on the internet. Dialup or not - you could have a worm that would gather personal stuff, collect logins and once in a while send it to the master. it could also infect your home network, it was quite the issue back then.
When you where behind a router, most ports where standard blocked unless you specified them to be open. The biggest culprit of downloading over P2P for example was the obvious hidden malware.
*you're 100% guaranteed
@@vanderlinde4you *most ports were blocked by default
*When you were behind a router
@vanderlinde4you I used to put my PS3 into the DMZ on my router because UPNP and port forwarding just didn't work well for every game.
I found Nat type 1 worked well, and so it was, I kept my PS3 in the DMZ.
Even when I used other OS to run Linux, then used Windows emulator to install a lightweight version of Windows XP!
It ran so slow that I never really used it much, because the PS3 just didn't allocate much ram to Linux, and the GPU was completely cut off from the other OS feature also.
So I had hardly any memory, no Graphics accelerator, and God knows how much left over CPU power.
Never seen Windows XPboot so slow 😂😂
Having been working with and repairing PCs for decades, the 9x/2000/XP era BSODs are forever ingrained into my nightmares.
I remember years ago putting a Win2k computer on the internet via dial up and getting messenger spam. That wasn't fun. It was also the start of a journey learning about these things, and how horrendously badly configured Windows was out of the box back then. I still occasionally get bouts of paranoia and run port scans on my network, though with firewalling on the network and OS side it is less likely to ever be a problem. If only Windows 2000 had a firewall like XP did.
zonealarm
I think Windows 2000 SP4 addressed that.
@@russ254 I used to use that on my XP rig and other peoples rigs too. Kept the system safe, I have it on here, too. Not sure if its doing much now lol.
I'm pretty sure they added a firewall when they released sp4.
NetBIOS dialog boxes **shudder**. If you were on dialup it was a plague. 😂. There was no way to stop it without a third party firewall or knowing how to shut the service off.
I remember installing Windows XP without any service pack and having loads of vulnerabilities with the netsend service and you could get worms just by connecting to the internet without Service Pack 1 or no firewall.
I got a worm within 2 minutes once on 56k
You just unlocked a memory for me... In my high school computer lab, kids would use net send to send offensive pop-up messages to each other.
SP2 Then?
SMB was always fun back in the day. Sometime in the days between 2001 and 2003, it was often used to trigger a pop-up dialog box with a custom message. It was a feature that was supposed to be used to send short messages across an internal network, but it worked fine over the open internet, provided (iirc) port 135 was open on the target system.
i remember doing this experiment accidentally a couple of decades ago. i and my dad helped a family member setup a new computer in their new apartment. so we installed windows using a cd and connected it directly to the internet without a router or firewall in between, so we could run windows update on it. in like 15 minutes or so it was already smock full of viruses and we had to start over from the beginning. it was quite shocking how quickly it happened!
Sorry but how do you “connect to the internet” without a router? Are you just in every subnet all at once? You must of had one hell of a layer-2 link.
@@o0Donuts0o i mean, yeah, of course there are plenty of routers in the way, what i meant is no home router with built in firewall and NAT, so the computer gets a public IPv4 address and anyone on the internet can connect to it. i believe it had win XP or 2000 without service pack 1 and 2, which had some major well known vulnerability that allowed worms to infect the computer without any interaction needed
this might be my favourite video of you thus far, simply because of all the references and jokes and just things in it that i love, it really made my night. thank you so much. you're awesome.
...but the rebooting noise still triggered some vietnam flashbacks in me xD
Completely understandable. I haven't touched this computer ever since, as I'd somehow expect it to jumpscare me at any possible time.
And thank you very much for this heartwarming comment!
@@fsturmat yeah, waking up to it is basically like waking up to the default ringtone of those old plastic alarm clocks, only 1 million times worse lmao
@@fsturmat and no problem :3
Ive got mac os system 7.5.3 on the internet with Netscape 2.0 @@fsturmat
Another fun exercise is to expose an unsecured FTP server to the unfiltered internet. I did this years ago just to see what happened. Within less that 2 minutes, login attempts started from all manner of exotic places. It was quite interesting to watch the "attacks" expand and files being uploaded...
What happens with SSH and no password..
I always find it funny how people try to upload files to something unsecured. Like maybe hack something worth of value instead of an old PC. LOL Like you going to be a thief be a good thief. LOL
@@boo62919every device is worth attempting to exploit when you can write a script once to try on every device it finds and then run it forever
or maybe theyre trying to take over stuff for fun. who knows
@@LiEnby not a whole lot but if you're curious there are a bunch of neat SSH honeypots you can deploy in cygwin/docker/jails/pyenv with realtime logging so you can watch.
@@boo62919like he said they’re probably bots
I've never experienced an ISP sharing an IP address among multiple customers... I've been with Comcast for my home internet for decades and my public IP address with them has always been mine alone. Granted that IP is not a static IP, meaning it's not guaranteed to stay the same forever, and has changed occasionally, but it's not shared among other ISP customers...
Same, i'm guessing Felix is in Germany or a country that does not have the same IPv4 address to population ratio as the US.
It's called CGNAT. Quite common these days.
My ISP gives me up to 8 public IPs per circuit on gpon fibre. I also happen to work on the fibre side of my ISP supporting gpon config issues. We're in talk to lower this to 4 per circuit soon.
@@curtheisler1200 *fiber
What mobile carrier do you have? You probably share one there
Regarding the miner: Never attribute to malice that which is adequately explained by stupidity
Just stumbled upon this. Love everything about it, Felix. Those were the days of the Pentium. Crazy
I suppose if you publicize your server on Reddit, you are kind of asking to be attacked. I'd expect Linux from 1999 would also be quite vulnerable too. Mac OS 8 and Win 3.11 would be interesting. As i expect they'll have issues but someone is going to need to be motivated to get attacking it. Great video.
Well dirtyCOW and shellshock were a thing....
He did mention the attacks started before he could even make the reddit post.
About 15 years back, I was upgrading my father-in-law's computer to Win XP. The computer was connected to the Internet at the time. By the time, it booted, it was already infected and came up with tons of porn browser windows popping up. Shutdown, disconnect from Internet, formatted HDD, re-installed, booted, loaded up an antivirus, deep scan then connected to the Internet and spent the next two hours downloading the latest updates.
That burp was just perfect! Tied the whole video together
Oh wow... I like the music you played in the background, it makes it very interesting - like a documentary. Thanks for the education!
This takes me back to the Blaster and Sasser days. I also remember the Messenger Service (not MSN) message box spam. XP had a firewall (ICF) from the start but it was disabled by default before SP2.
Oh yeah, dialing-up from WinXP SP1 box and in 3 minutes you have msblast. I had Russian OS which was attacked by the exploits written for other versions which contain different offsets, so in my case lsass had usually just crashed.
Ayo, this video got you popping off. Keep up the content my dude!
Thank you for recording in 4:3 so I can fullscreen without black bars in my CRT monitor.
plays WipeOut, enjoys quiet New Age music as background for video: clearly a man of taste.
clearly the European i should be learning about obsolete machines from!
i enjoy the exploit's name. i wonder if it was also a Lunar reference (the game series.)
Thank you for your nice comment! I really like your theory regarding the exploit's name. I wouldn't be that surprised if one of these NSA employees would have happened to be a Lunar fan...
New subscriber. Awesome to see what old systems can do once again.
Fascinating! Very nice to see what actually happened. I understand your fascination and enjoyment of going down a rabbit hole, so to speak. Going to look at your other videos as well.
Well any 2000 or XP system without SP2 did that even when it was not outdated and EternalBlue hasn’t yet leaked. There was a bug in RPC and back then people would use USB-Modems and Windows would crash. SP2 had the firewall improved and enabled by default mitigating the issue.
i’m totally blown away by the quality of your content!
@@SandyPole thank you!
Until 2016 I was still regularly online with Win98SE (AMD K6-3@550MHz 768MB RAM). But I had ZoneAlarm and Opera 12 browser installed and unused networking disabled, so it never made trouble. Finally ClamWin AntiVirus failed to update on a that old system (and took >10 minutes to load), and the browser got too incompatible, so I eventually had to install an additional modern mainboard (with Ryzen 2400G) inside my Colani bigtower to run modern software.
Wow, an AMD K6... I fitted mine with a Voodoo 5 PCI gfx card. Gave that thing away and it eventually got tossed in the garbage. Unfortunately, that very Voodoo 5 graphics card is now worth $700 CAD.... effin nuts
@@guidancefromjah The K6-3+ mainboard is still inside. As a working horse I had clogged the 160GB FAT32 harddrive with data (downloaded schematics, eBay pages about synths etc.) until it got too slow to work well. Now that stuff is on the modern PC side (8TB HDD) and the Win98SE system can run games again. GPU is GeForce 3 TI220 (formerly a TNT2) + 3Dfx Voodoo 1 addon, and it has 2 real ISA sound cards (SB AWE64 and Gravis UltraSound), Unfortunately the UltraSound runs only in DOS because the Windows driver fails to communicate by the too fast CPU.
This is a perfect example on why someone shouldn’t use obsolete operating systems as a everyday computer. Thanks for uploading this video
I still use windows XP on my Dell Inspiron 570 and Mac OS X Snow Leopard on my early 2009 MacBook daily
Came here from Dan's comment section, liked this one, chuckled a bit too.
Thank you for letting me know! 🤗
Really fascinating video. Also I love the 4:3 aspect ratio
Brilliant! You were probably not even alive in 1995, but catched the vibe perfectly. You Sir, are now my favourite TH-camr.
Heh, thanks. I hope I was able to catch the vibe somewhat similarly in my recent piece of content.
great video, you really never actually know truely how fast malware spreads unless you do things like this. although I am curious, was there any recorded attempts at exploitation that weren't abusing MS17-010? and was there any other weird network oddities that you recorded while the machine was online?
After unplugging the machine, I did invest quite some time reading the traffic I captured using Wireshark. To my relief, my machine has not attempted to infect any other computers. I saw a bit of SIP-related traffic come in, for obvious reasons without any effect. But unfortunately, all of the attacks relied on MS17-010. I actually hoped for something more "creative" to happen.
@@fsturmat "to my relief, [it didn't try] to infect any other computers."
You didn't isolate it with a VLAN or take the others offline? That's super risky.
@@Ck87JF He connected it directly to the internet via a RasPi VPN box. Isolating the Pi to a separate VLAN (if possible) might have added an extra layer of obscurity, but VLANs aren't security, just logical separation and are trivial to overcome. The VPN did FAR more to isolate the box than any VLAN could do.
One of my friend is working in the IT, and he and his colleagues had some fun setting up an un-patched Windows XP one day, while checking if anything happened.
From what I remember, he told me that in the 7 first minutes the XP was connected to the internet, it was infected. Dunno the details, but that's pretty crazy.
I love that 4Chan hacker reference
I once found a long forgotten Windows 2000 machine under a desk in a business when troubleshooting network issues for the new building owner. It was completely infested with many old viruses. Trying to remove them ( for entertainment purposes ) resulted in the machine no longer booting with a registry related BSOD.
I'm not even sure what I just stumbled upon, but boy am I already subscribed for it.
Very nice tryout, thanks. I have always thought what could happen if you plug old stuff like this to the internet nowadays.
Hey Felix! I just found you on my for you page. You’re in the algorithm man! That intro is slamming and you’re very funny! Time for more content❤
Being hit by the algorithm all of a sudden was something I didn't really expect, but I'm glad that my last video has found so many viewers. I'll make sure to provide more content to all of you. Thank you for your heartwarming comment!
Amazing video, got lot's of pleasure, very interesting! Thank you!
So sad you don't do more in the last year :(
Thank you for your kind comment! As I've mentioned in a previous comment, I had quite a few personal clusterfucks to resolve during this year. Since the amount of subscribers has increased substantially, I definitely need to come up with something new.
I've seen that there are many channels that we are both subscribed to. Considering your name and content, I really hope that you are safe and well. Все буде Україна!
I had a purple screen of death on a Linux machine when I was 9 years old and was trying to play runescape during lunch break... Most terrifying computer experience Ive ever had. It rebooted and stated "initializing memory dump" to which I threw the mains switch out of terror :'D
Sounds like a hardware failure. Linux doesn’t have colored crash screens.
@@desertfish74 VMware purple screen of death, might've been hardware yeah.
My brother once did an experiment with a laptop he was about to format kind of like this, but this was way back like over 10 years ago. He connected this laptop, with a fresh, unpatched WinXP, directly to the internet via a USB 3G dongle, and tried to download a firewall app. It didn't finish downloading before the machine was compromised and did all sorts of colourful things.
Back in 2001 (ish) my roommate installed W2K Server on a box while it was connected directly to the internet. The box was infected with malware from first boot… 😂
I wonder how an old mac, like an old Performa or Powermac would do exposed to the net.
If it’s a PowerMac or iMac G3 It would probably get a virus if running classic Mac OS if it’s running MAC OS X (10.X.X) it would probably Do just fine
as far as I am aware they don't expose very exploitable services (like windows messenger) to the open internet so they don't fare as badly. Though, I'd still make sure anything like AppleTalk was switched off. Before XP SP2 there was a whole bunch of service ports that you had to lock down before connecting to the internet, or you were in for a fun time. 135-139 is a good place to start.
Having Apple talk enabled is probably no big deal anyway, because nothing even talks that now and getting it through firewalls and NAT would be a pain even if you wanted external access...
486 pc? Windows ‘95 and 2000? You brought to me childhood memories!
Idk why, but the very professional burp followed by picking back up nonchalantly made me laugh. I have my parents' WinXP machine I've cleaned out & used to play SWB2 (2005) on it and wondered what would happen to it if I tried something similar. Thank you😂
Fun fact: The YT Studio app has these buttons that allow me to instantly reply with an AI-generated response. In your case, the suggested options were: "Oh no!" and "Oh my", both followed by "Sorry to hear that"
this video quality and theme and stylization and the jokes are all amazing
Liked and subscribed. It's been a year since your last video and I'd love to see more Felix shenanigans. All the best.
heh, thanks
the only time i ever got a computer virus was when i accidently allowed a fresh install of win2k to connect direct to the internet on an ADSL modem (so it had a public IP with no NAT) before i had installed zoneminder. The machine was infected in seconds. This was late 2005 i think.
I love the aspect ratio on this video. Amazing... It's like I'm living in 2001 again!!
My last windows that I liked was windows 98. Since then I've been watching the dystopia that is the Windows ecosystem descend further and further. Now that windows 11 is coming out with so much online nonsense and windows 10 (despite being nearly unmanageable itself) will not be maintained, I am migrating fully into Linux distros. Bye microsoft 😢
Yes this guy called 4Chan is very infamous.
I recently got my hands on an old IBM think pad from 2003 (win XP), and I've been using it to write floppies for my older collection of computers. I did not know about that security exploit, so you bet your ass I'm gonna get that fixed.
I should note that I only ever connect to the internet when I get impatient and can't find a USB drive, and the computer's old Norton anti-virus still seems to work oddly enough. I only leave it connected long enough to download one file, then disconnect it. Only ever have it on the internet for 15-20 minutes. Damn thing is quite slow.
"Don't expose old crap to the internet"
Not necessarily. Windows 2000 was generally not built to be on the internet directly.
Lots could be said, but I have time to write the book, but putting some complex stuff simply, just because it's newer doesn't mean it's more secure. In fact very often the newer mainstream OSes are less secure. The era of always improving in the technology world ended well over a decade ago.
Beautiful video! 💜 Those bots might need some assistance from their Sub7 equipped ancestors :-)
If they would've found out about Eternalblue back then, those apocalyptic events that were expected to take place at 01/01/19100 might actually have become a real thing... lol
man your intro is perfection
thank you!
I remember that era of machines quit well. I remember working on a customer's computer that had just purchased a Windows XP machine and I think it had SP1 or possibly SP2 and within 10 minutes of being online, it was infected. SP2 and SP3 fixed a lot of problems after that but of course there were many other publicly unknown vulnerabilities still there as you demonstrated. I love the nostalgia of old machines but hate the hardware
issues (physical space, hardware failures, etc.) so I generally use VMs but even now some malware is very sophisticated so that isn't enough protection either. Thanks for the video.
My whole career was installing broadband internet in peoples homes. I remember helping a customer setup his brand new XP machine. This was Dec 2003. Within seconds of connecting it to the modem the PC was bricked. What was the name of that exploit back then? It was that one that had the shutdown timer on the screen.
I remember it. I set up three machines in an office I was tempting in around 2002. All of them got that message within minutes. The solution was to install Service Pack 1 before connecting to the internet.
sasser?
Might have been Sasser or Sobig perhaps. That's very likely why Windows XP SP2 and later ship w/ a firewall.
Blaster or Sasser. Happened to me as well, almost identical to how you said. That was my first real computer. I miss it sometimes...
Transition at 05:51 was top notch!
Wow! this is actually a really good video! You deserve way more subscribers man!
For some unknown reason, this video has been hit by le algorithm during the last few weeks. It's quite rewarding to see those subscribers flood in. Thank you for your kind comment!
@@fsturmatyeah man I ringed the bell. Make a community post with your plans on this channel. All the best!
Hope you make more videos. Your content is great and humour is perfect
Just did!
you are truly a master at making learning fun and memorable!
heh, thanks ^~^
Mate, you were born to make this kind of content! Subscribed in hopes that I will see you again someday.
I remember helping a friend of the family who lost his work computer. We went to Best buy, purchased a new computer, I hooked it up. Went on the Internet to update to the new service pack and it already had gotten a virus. I had to reformat and start over. I burned the windows update to a CD and installed it offline. What a mess!
I haven't had something like this happen before, but to be fair, it was in a virtual machine where my host OS and router's firewall were both in the way anyhow. Very interesting to see how unsafe these old systems can actually be.
P.S. what's your favorite ship? :) i'm an ag-sys enjoyer myself
A colleague of mine referred to all the active highjacking traffic on a unprotected internet IP address (no firewall, no nat) as Internet Background Radiation.
I love the way this comment section has 2009 youtube feeling, not sure why. Nice video, would be fun to see how fast windows 2000 computer would get compromised with the best security you can get for it
Well, just putting a NAT / Router in front of it would basically fix the entire issue.
Maybe my most recent video will also achieve this kind of unique comment section
I actually used those exact systems back in the 90s. In fact, I set up the little All-In_One for my kids to use for games. Great stuff!
Technically, many old machines can be connected to the internet as they will just get an IP4 address (it is in many cases still default to use IP4). The only problem is that the supported protocols are outdated so if you want to try to browse to Google, you will be denied as you can't establish a secure connection using TLS1.2 or higher. And if you finally find a place which does allow an older SSL version, your hardware specs probably will not be able to keep up given that a modern chrome tab already requires more RAM than these machines had installed in total.
That said, Windows 2000 and XP are kind of alike but not totally. 2k comes from the NT line of Windows. The professional edition was to basically be used within the corporate environment where the active directory and network was comprised of Windows 2000 Server editions. It was however stable as a brick and a real joy to use (especially if your reference was Windows ME). I've ran it for many years. XP came slightly after and was initially riddled with bugs. After a certain service pack, XP performance improved dramatically.
The system you start out this video describing is a thing called carrier-grade NAT and it's not terribly common in the United States - there are a couple of prominent ISPs who run CGNAT for their customers, but most of them provide at least one ipv4 address to eyeball customers even on residential plans.
Exactly, most legit residential ISPs do not use CGNAT. Yes, I am giving you the evil stare T-Mobile. If you want to compete with the big boys you need to provide a publicly routable IPv4 address.
Thank you for pointing that out. In Germany, it's somewhat common, especially when having to deal with mobile carriers.
In 2004 during my second year of tech school, we were instructed to create a windows 2000 server with certain functionality parameters. One of the parameters required us to update to the latest patch via Windows Update. 5 minutes after exposing it to internet, the school district frantically called us explaining that several machines in our lab had tens of thousands of open ports, and seemed to be infected. 😂
Are there still dialup providers in the developed world? That'd be a really sketchy and even more painful way of exposing an ancient machine directly to the internet.
Well, even dial-up can be NATed. And it actually is being NATed, I believe.
Good work. SUBSCRIBED can't wait to see where this goes, excellent stuff.
This is amazing. I had no idea these old systems were THAT vulnerable. I grew up learning that you would be fine and not get viruses as long as you stayed on "safe" sites. Ha!
Turns out, all my old Windows machines (including Windows 2000 running on a Dell Dimension 2400) simply have the best possible shield, which I now realize is ten times more effective than I initially realized.
Never being connected to the internet at all.
Ever.
In fact, I'm not sure, but I think for my Win2k it's physically impossible unless I get specific equipment; I'm not computer savvy, I dunno.
pardon the somewhat late reply. To be fair, keeping the machine behind a firewall is good enough to make it Internet-proof. But the question remains: What for? Without having a downgrading proxy in between, no modern website will display properly. The only practical purpose is sharing files across a local network or online multiplayer.
Thank you for rescuing (and tormenting) that old Vectra!
Mom: we have a public IP at home.
The public IP at home:
So this is what happened to my Win98 machine that I kept for cable internet repair guys. You know the "I have to install this spywa- err.... I mean ISP Software so that your internet works. It REQUIRES IT!" And I would let them try to install it on a severely outdated rig while swearing up and down that any other computer in the house is a mac, which isn't supported by that software.
At least it kept bluescreening when the comcast guy was there and I got to accuse them of bricking my computer with their "REQUIRED" software.
came here from reddit; I keep my win95 pc behind my win10 pc(router wifi to win10 -> ethernet from win10 to win95), would it be safer?anyway I am using SMB1 for file transfer between the two.
Hey there, thank you for your comment. As your Win10 machine is the only computer your Win95 machine can be accessed by, you don't have really much to worry about. If someone would theoretically manage to "hack" into it, I'd be more worried about your main computer.
As long as you don't do some explicit forwarding or tunneling on your network (like I did), the only thing you might have to worry about are "computer illiterates" using the same Wi-Fi as you do, since those people could manage to accidentally spread malicious stuff across your devices and shared folders.
(You know, the kind of user that has 30 toolbars stacked on top of eachother and makes sure to run every email attachment at least twice)
And even if that might happen, legacy systems like Windows 9x are far out of the scope today's malware authors have, as there isn't any money to be made with computers like this.
Hewlett Packard: Enraging Printer owners***
There is no such thing as a "Windows 2000 machine."
There is a machine with Windows 2000 installed.
I remember fondly getting net send messages on my Windows 2000 machine in the early 2000s until Microsoft removed that feature some time later. But they disturbed some really intense Counter Strike 1.1 wars.
So, do I get this right? You went into a CS battle and people were trying to "rip you out of the flow" by performing NET sends?
6:13 - Well spoken, sir.
I believe a fork of eternal blue was used to send erroneous pop ups to the infected machine as part of a scareware scam. Affected OS Win 2000.
Does anyone remember this?
absolute gem of a video
something feels so right seeing a video in 4:3
maybe it was a misstep moving to 16:9 on home video...
Nice work! Not obsolete, but absolutely cool. Ever worked with a TI 994A? Was my first coding love.affair, when I was a teeny-tiny coder, only 14 y of age. Golden, innocent days...
It's actually the first time that I read about the TI 994A, but I happened to own a portable TI machine for quite some time. Even though I really like 1980s home computers due to their nostalgic qualities, dealing with BASIC or 6502 Assembly still feels quite "staubig" to me.
6:13 best part of the video
If it only took a few hours for your computer to get every virus in existance, then just how much of the internet traffic are spam packets that will never arrive anywhere?
He literally posted the info on r/hacking
You've re-discovered what some of us experienced back in 2000; HP hardware was crap, Windows was and still is a sh*t OS and PC's in general are pretty hopeless. Microsoft set the world of computing back by at least 20 years with its poor quality core architecture. Bill was maybe too busy visiting certain islands to focus on the business.
About your disclaimer about public personal IPs. It depends on the ISP. In my country they do give you one, but it's dynamic.
Exactly, I have not had CGNAT on any home internet service ever.
So, the newer router security protocols were developed with the intent of protecting older OS's that cannot protect themselves against today's malware.
Actually no. The presence of a router simply "condoms" the internet connection and prevents the older machine from being contacted passively.