[Full-Disclosure] Windows 98 vulnerable to ASN.1
Hello List, i fixed the Win98 systems fine, renaming the dll and there were no problems even on production system (programming, database etc). Thanks Dan But i have two benighted lusers on Win Me and the msasn1.dll is obviously in use. Any ideas how to secure Win Me would be appreciated. Thanks tom /\ \ /ASCII Ribbon Campaign X against HTML email / \ -- GMX ProMail (250 MB Mailbox, 50 FreeSMS, Virenschutz, 2,99 EUR/Monat...) jetzt 3 Monate GRATIS + 3x DER SPIEGEL +++ http://www.gmx.net/derspiegel +++ ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Re: [Full-Disclosure] Windows 98 vulnerable to ASN.1
Tom Koehler [EMAIL PROTECTED] wrote: Any ideas how to secure Win Me would be appreciated. Sure -- there are two basic options: 1. Unplug it's Ethernet cable, remove any WiFi and other network interface devices. Limit its functionality to tasks that do not involve handling sensitive or valuable data, etc. 2. Replace it with Win 2K or XP. secure and Win ME are phrases that do not belong in the same sentence without an appropriately-placed negation. Anything else is delusion... Thanks You're welcome. Regards, Nick FitzGerald ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Re: [Full-Disclosure] Windows 98 vulnerable to ASN.1
On Fri, 2004-02-20 at 14:01, Nick FitzGerald wrote: Tom Koehler [EMAIL PROTECTED] wrote: Any ideas how to secure Win Me would be appreciated. Sure -- there are two basic options: 1. Unplug it's Ethernet cable, remove any WiFi and other network interface devices. Limit its functionality to tasks that do not involve handling sensitive or valuable data, etc. 2. Replace it with Win 2K or XP. Win2k and XP have vulnerabilities, but Win ME is a vulnerability. secure and Win ME are phrases that do not belong in the same sentence without an appropriately-placed negation. Anything else is delusion... Thanks You're welcome. Regards, Nick FitzGerald ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Re: [Full-Disclosure] Windows 98 vulnerable to ASN.1
the tips for winme security also apply to 2k and xp..:) In all actuality put a firewall in front of any windows OS..keep it patched and move laong...:) Nick FitzGerald wrote: Tom Koehler [EMAIL PROTECTED] wrote: Any ideas how to secure Win Me would be appreciated. Sure -- there are two basic options: 1. Unplug it's Ethernet cable, remove any WiFi and other network interface devices. Limit its functionality to tasks that do not involve handling sensitive or valuable data, etc. 2. Replace it with Win 2K or XP. secure and Win ME are phrases that do not belong in the same sentence without an appropriately-placed negation. Anything else is delusion... Thanks You're welcome. Regards, Nick FitzGerald ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html -- May God Bless you and everything you touch. My foundation verse: Isaiah 54:17 No weapon that is formed against thee shall prosper; and every tongue that shall rise against thee in judgment thou shalt condemn. This is the heritage of the servants of the LORD, and their righteousness is of me, saith the LORD. ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
RE: [Full-Disclosure] Windows 98 vulnerable to ASN.1
Where do you call in to to get it? Thanks, Jos -Original Message- From: Joshua Levitsky [mailto:[EMAIL PROTECTED] Sent: 18 February 2004 16:54 To: [EMAIL PROTECTED] Subject: Re: [Full-Disclosure] Windows 98 vulnerable to ASN.1 - Original Message - From: Daniel H. Renner [EMAIL PROTECTED] Sent: Wednesday, February 18, 2004 3:33 AM Subject: Re: [Full-Disclosure] Windows 98 vulnerable to ASN.1 _Most_ Win98 users can also simply rename the file (%WINDIR%\system\msasn1.dll) without repercusions. This is true unless you use 98 in a business and have the AD client... which many of my colegues still have... sadly... I just found out today that the patch will not be on Windows Update ever, and you have to call in for it. It's free but you have to call in. I'm deploying it at work since yesterday. -- Joshua Levitsky, MCSE, CISSP http://www.foist.org/ [5957 F27C 9C71 E9A7 274A 0447 C9B9 75A4 9B41 D4D1] ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Re: [Full-Disclosure] Windows 98 vulnerable to ASN.1
Josh, _Most_ Win98 users can also simply rename the file (%WINDIR%\system\msasn1.dll) without repercusions. Don't try that on a WinXP system however... -- Cheers, Dan Renner President Los Angeles Computerhelp http://losangelescomputerhelp.com 818.352.8700 On Tue, 2004-02-17 at 12:58, Joshua Levitsky wrote: Huray! Windows 98 is vulnerable to ASN.1, and there is a patch. It's not on Windows Update as of yet, but it was finished today at Microsoft. If you don't believe me... ask your TAM. -- Joshua Levitsky, MCSE, CISSP http://www.foist.org/ [5957 F27C 9C71 E9A7 274A 0447 C9B9 75A4 9B41 D4D1] ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Re: [Full-Disclosure] Windows 98 vulnerable to ASN.1
- Original Message - From: Daniel H. Renner [EMAIL PROTECTED] Sent: Wednesday, February 18, 2004 3:33 AM Subject: Re: [Full-Disclosure] Windows 98 vulnerable to ASN.1 _Most_ Win98 users can also simply rename the file (%WINDIR%\system\msasn1.dll) without repercusions. This is true unless you use 98 in a business and have the AD client... which many of my colegues still have... sadly... I just found out today that the patch will not be on Windows Update ever, and you have to call in for it. It's free but you have to call in. I'm deploying it at work since yesterday. -- Joshua Levitsky, MCSE, CISSP http://www.foist.org/ [5957 F27C 9C71 E9A7 274A 0447 C9B9 75A4 9B41 D4D1] ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
RE: [Full-Disclosure] Windows 98 vulnerable to ASN.1
I just found out today that the patch will not be on Windows Update ever, and you have to call in for it. It's free but you have to call in. I'm deploying it at work since yesterday. So much for Microsoft's new commitment to security. Phil - Phil Randal Network Engineer Herefordshire Council Hereford, UK ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
[Full-Disclosure] Windows 98 vulnerable to ASN.1
Huray! Windows 98 is vulnerable to ASN.1, and there is a patch. It's not on Windows Update as of yet, but it was finished today at Microsoft. If you don't believe me... ask your TAM. -- Joshua Levitsky, MCSE, CISSP http://www.foist.org/ [5957 F27C 9C71 E9A7 274A 0447 C9B9 75A4 9B41 D4D1] ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html