I own two legit copies of XP; I used to keep two PCs running. One copy was an original Windows XP disc, the second one included SP2, and I can only find the original disk.
I remember hearing stories about how unpatched XP machines would get totally h4x0red if seconds if they were online. Was that an exaggeration, or is it really unsafe to reformat, install my old copy, and patch up from there?
If you’re behind a linksys/dlink/etc router, you should be good to go – just don’t hit any sites other than Microsoft Update until you’re all patched up.
I think it’s gotten better thanks to a lot of the zombie networks going down, but you should definitely plug the machine in behind a router if you’re pre-SP2. If you turn the thing on and your subnet is getting hit by RPC calls at that time, your machine can get hit.
Yeah, that sounds like what I was thinking of. Are you saying I should be safe from RPC problems from behind the router? And if I’m not, what exactly is the RPC problem? Is it something that will be obvious if it happens?
IIRC (and it’s been too long and I have too shitty of a long term memory), your PC would begin to shut down whenever it was compromised.
I don’t think RPC commands translate very well through a NAT router, unless you’ve got the router set up to port-forward RPC commands to a specific machine, which it’s pretty unlikely that you have.
You can also slipstream SP2 in – it’s really not hard, and the nlite utility mentioned earlier takes most of the work out of it. Doing so means that when you install your newly minted XP disc, it has SP2 included (like your missing disc).
Another vote for nlite. I feel it necessary to mention, however, that I tried to add the cd key and slipstream the whole installation and now said cd key no longer works. Other than that, nlite works reallly well.
That story you heard is true for directly accessible internet PC’s. It’s fairly true on large corporate internal networks as well. If pre-downloading SP2 and patches is too much of a pain for you before loading, having it behind your router should be semi-safe enough until you get patched up. If you are really worried, turn off your OTHER PC’s inside your home, since that’s probably where any infection would come from if all you are doing is downloading windows updates.
If I reload a PC I pre-download windows SP’s and updates. Then load and update, and only then plug into the network. Then I load a virus scanner and updates, and proceed to other items from there.
Yeah, if you’re concerned that your router’s firewall isn’t good enough, either slipstream SP2 onto a custom WinXP install CD or burn SP2 to a separate disc or USB flash drive and install it manually after installing WinXP. The Windows Firewall in SP2 is good enough, unless you decide to use a “real” software firewall. Don’t forget to unplug your PC from your router until you’ve finished installation.
EDIT: it’s probably unnecessary, but why take the extra risk?