I own two legit copies of XP; I used to keep two PCs running. One copy was an original Windows XP disc, the second one included SP2, and I can only find the original disk.
I remember hearing stories about how unpatched XP machines would get totally h4x0red if seconds if they were online. Was that an exaggeration, or is it really unsafe to reformat, install my old copy, and patch up from there?
Do you connect directly to the internet or is there a router between your PC and the cable modem?
The router adds a great deal of safety.
Not using IE doesn’t hurt, either.
There is a router, it’s running exactly as it was set up out of the box other than changing the password to access it.
Go for it. You want to live (without being hacked) forever?
use nlite to merge in your service pack 2 and updates.
If you’re behind a linksys/dlink/etc router, you should be good to go – just don’t hit any sites other than Microsoft Update until you’re all patched up.
It wasn’t an IE problem, it was an RPC problem.
I think it’s gotten better thanks to a lot of the zombie networks going down, but you should definitely plug the machine in behind a router if you’re pre-SP2. If you turn the thing on and your subnet is getting hit by RPC calls at that time, your machine can get hit.
Better safe than sorry.
Yeah, that sounds like what I was thinking of. Are you saying I should be safe from RPC problems from behind the router? And if I’m not, what exactly is the RPC problem? Is it something that will be obvious if it happens?
IIRC (and it’s been too long and I have too shitty of a long term memory), your PC would begin to shut down whenever it was compromised.
I don’t think RPC commands translate very well through a NAT router, unless you’ve got the router set up to port-forward RPC commands to a specific machine, which it’s pretty unlikely that you have.
Just download SP2 and put it on a CD in advance, then when you install XP patch it with SP2 right away.
Wise words.
You can also slipstream SP2 in – it’s really not hard, and the nlite utility mentioned earlier takes most of the work out of it. Doing so means that when you install your newly minted XP disc, it has SP2 included (like your missing disc).
Another vote for nlite. I feel it necessary to mention, however, that I tried to add the cd key and slipstream the whole installation and now said cd key no longer works. Other than that, nlite works reallly well.
That story you heard is true for directly accessible internet PC’s. It’s fairly true on large corporate internal networks as well. If pre-downloading SP2 and patches is too much of a pain for you before loading, having it behind your router should be semi-safe enough until you get patched up. If you are really worried, turn off your OTHER PC’s inside your home, since that’s probably where any infection would come from if all you are doing is downloading windows updates.
If I reload a PC I pre-download windows SP’s and updates. Then load and update, and only then plug into the network. Then I load a virus scanner and updates, and proceed to other items from there.
Yeah, if you’re concerned that your router’s firewall isn’t good enough, either slipstream SP2 onto a custom WinXP install CD or burn SP2 to a separate disc or USB flash drive and install it manually after installing WinXP. The Windows Firewall in SP2 is good enough, unless you decide to use a “real” software firewall. Don’t forget to unplug your PC from your router until you’ve finished installation.
EDIT: it’s probably unnecessary, but why take the extra risk?
Alright, thanks for the tips, I’ll probably just download the stuff in advance.
Has anyone made a bundle of all patches since SP2 that is easily slipstreamed?
This guy keeps a list of links to all of the official hotfixes and other updates, and a bundle you can use with his tool to update a CD image.
(Edit: Whoops, missed the full bundle link at the bottom.)
Cheers, that’s perfect :)