Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Can XP be hacked if I am logged off from the internet?


  • Please log in to reply
4 replies to this topic

#1 Richardski

Richardski

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:12:12 AM

Posted 28 July 2014 - 09:49 AM

I have Windows XP, Word 2003, and Excel 2003. I am adept with these programs and don't wish to install Windows 7 or 8. I want to partition my hard drive and install Ubuntu so I can safely access the internet and email. I will boot both XP and Ubuntu.

 

However, my local computer store technician tells me that if my computer is hard-wired by an Ethernet wire connected to the internet, my computer can still be hacked and a hacker can get into XP even though I do not log onto the internet with XP.

 

Is that even possible, and what is the actual risk of that happening? I want continue doing internet banking. 


Edited by hamluis, 28 July 2014 - 10:01 AM.
Moved from XP to Gen Security - Hamluis.


BC AdBot (Login to Remove)

 


#2 AngryRaisin

AngryRaisin

  • Members
  • 234 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Orange County, CA, US
  • Local time:08:12 PM

Posted 28 July 2014 - 09:55 AM

If you disable your internet adapter in the device mananger there is almost no chance of getting hacked except for you turning the adapter back on and forgetting that you turned it back on.



#3 morris88

morris88

  • Members
  • 79 posts
  • OFFLINE
  •  
  • Local time:04:12 AM

Posted 29 July 2014 - 06:23 AM

If you have no connection to the outside world then of course it will be impossible for the outside world to connect to you.

 

However removing your connection does remove a lot of the things that you may want to do on a PC.



#4 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,767 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:06:12 AM

Posted 30 July 2014 - 06:49 AM

Hi,

it depends on what you understand by "log onto the internet". If you mean "access internet" then your computer store technician is right. You can get infected just be being connected to the internet, without accessnig it with a browser or anything else. If you mean you physically cut all access to the XP from the internet, then it's harder.
If you have an ethernet cable plugged into machine, it will automatically connect to the internet during the boot up. It doesn't matter whether you don't use it, the connection will be there and attacks can be delivered against your machine. (And hopefully fended off by your firewall)
If you disable the lan adapter in XP, then you should be safe from hackers, however there are still ways your XP could get infected:
  • Assume you borrow an infected USB drive to transfer files onto your XP machine, upon connecting the flash drive in XP, the malware will get executed and infect your XP
  • Assume you download and transfer a "free game" or "crack" that only works on XP, that isn't really what it claims to be. You launch it on your XP and thereby infect the OS
If you just want to keep excel and word 2003, you might want to look into using wine to run these programs on ubuntu and forego Windows completely.

regards
myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#5 rp88

rp88

  • Members
  • 2,965 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:04:12 AM

Posted 30 July 2014 - 11:44 AM

windows xp(still perhaps the best OS ever designed) became somewhat a security risk when microsoft stopped providing updates earlier this year. technically there is a chance that a supercareful user who locked down almost everything could use it quite safely online but any existing or yet to be discovered flaws will never be fixed so as time goes by xp becomes more and more vulnerable. infections can arrive in many ways but they almost all come under the following classes.

1. from a downloaded file. a downloaded file can carry a virus, you deliberately download it from somewhere either using your xp machine or as myrti mentions on another machine then transferring it by usb/cd.

2. via infected "hardware". usbs can carry viruses as can cds dvds and other removable media. the viruses in these may occasionally be pre-installed by a criminal manufacturer or more likely get onto them when plugged into an infected computer. unless it's brand new from a manufacturer you trust, or has only ever been plugged into computers you absolutely trust and never had an exe file written to it then don't put any removable media into your xp machine.

3. via drive-bys,ads and dirty tricks. this is what xp is becoming more vulnerable to since support finished, it's also one of the most common means for viruses to spread. the user doesn't need to make any deliberate action just visiting certain pages, seeing certain ads(sometimes on pages of a legit site, a criminal can design an infectious advert, spread it through an ad network who then places that ad on all sites(major software sites,news sites,forums,etc) they provide ads for), or pure bad luck can lead to these infections. the only "defence" is keeping your antivirus, OS, browsers, plugins,flash,java,etc up to date, even then you can be infected via newly discovered routes before updates are ready to prevent those attacks. 

 

if at all possible the safest thing to do is keep the xp machine offline entirely, fully "air gapped" from any other machine but if you are very careful about doing multiple scans with antivirus on a second machine then you might be alright to transfer files via usb from this second machine to the xp one and back(as long as the second machine isn't infected and you are very careful about what files go onto the usb). windows 8 and 7 may have less intuitive interfaces but running one of those OS s on a second machine would be best for security, or running linux or mac operating systems on the second machine. with this air gap setup you will also want to have an antivirus on the xp machine scan every usb you plug into it when you want to put more files on it (you downloaded an image on the second machine that you want to use as an illustration in a word doc you are working on), but the antivirus on the xp machine will quickly have it's definitions become outdated so it can only protect against obsolete viruses.

if you want to keep using the xp machine here is the solution i would come up with...

 

you will need two machines( a far more secure setup than trying to get one piece of hardware to run two operating systems), the current one with xp and another with a more secure OS. make sure this second machine: runs the best antivirus protection you can give it, never has a new program installed onto it, always has it's current programs kept up to date, does not run java, avoids flash where possible, keeps all plugins in it's browsers either totally disabled or click to play,never downloads an exe file,never browses with internet explorer,has several on demand second opinion antivirus scanners (malwarebytes is a great one, this site also some other good ones in it's downloads section), uses "noscript"( a plugin which provides a first line of defence against advert malware and drivebys) in it's browser. then with this second machine set up you can use it to download a file from the internet(and do internet surfing), save this file(do NOT open it), scan it with your main antivirus, scan it with malwarebytes,then open it on your secure operating system machine, check that the extension is one for a safe file type, then save it to a usb. scan the usb with as many scanners as you have on the secure machine. then you can plug the usb into the xp machine and copy the files off it onto the xp machine. it would be nice to use a scanner on the xp machine to scan them again at this point but as i said earlier an antivirus on the xp machine will soon become outdated if the machine itself never goes online(you might be able to transfer new definitions across by usb but that brings another infection hazard as they would probably be exe files and other types which are dangerous if tampered with). the only way to be sure the xp machine can never get infected though is to not even do this, any type of internet connection into it can be vulnerable to driveby like attacks even if the browser on the xp machine is never opened or used to surf anywhere, and if ,despite the many efforts described above, the "secure" machine get's infected then the xp machine is sure to follow. the two machine set up lets you benefit from some aspects of the internet without the full risks and will probably soon be replaced by you just learning to do everything with the secure machine and leave the xp machine as a reminder of "the good old days" and a memorial to the software we all loved, that is what has happened with mine.


Back on this site, for a while anyway, been so busy the last year.

My systems:2 laptops, intel i3 processors, windows 8.1 installed on the hard-drive and linux mint 17.3 MATE installed to USB




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users