eric parker linked your video, that's why

Second

wait wtf... how did i not even notice that till you mentioned it?! 🤨

I didn't even notice that's awesome LOL

I really liked this on my Galaxy Fold 4

I'm so used to 4:3 stuff I always fail to realise when a youtuber does it intentionally lol

Watching on TV, 4:3. Commenting on my phone, video not 4:3.

Well, wearing those exact specific white shirts with that particular V-neck has been an essential trait of mine for quite some time. I think the microphone that was stuck to my shirt might have expanded my cleavage a bit, so I totally get what you mean. Thank you for the heartwarming comment!

Ditto!

Felix: *burp* KZbin's auto-captioning: "[Music]"

@@app0the That burp really was a [music] moment

I fucking lost it at the burp, absolutely incredible content

my netgear router hasn't been updated in a year, this is where I worry. I had a D-Link before that went like 10 years without an update

When i actually had Win 2k, XP back in their era that was also true back then, because if i connected to the internet after a fresh install with no firewall, AV etc setup, id get a bunch of malwate via exploits

I learned this the hard way when my server was hit with ransomware because of SMB vulnerability.

@@Athirilman that takes me back. I had the same shit happen.

Tempts me to toss a win 3.51 machine online. I’m willing to bet even the hornets would get pissed off.

bruh moment

some web apps still work like this today, exposing a first run set up form for stuff like admin password etc. if you set up public web access with your domain etc before doing the initial setup, a bot could take over. when i was trying out nextcloud i shared screenshots with my friends and then found they did the initial setup and stole my server so i had to delete it and start over lol

Indeed. I watched a machine get compromised _while in the installer!_ NEVER connect anything from M$ directly to the internet. Don't even expose a single port to the internet.

Bruh lmao

Reminds me of my first real computer. I got it all set up with a fresh copy of XP, plugged it in to the phone line, dialed in to AOL, and immediately got hit by the Blaster worm. I didn't even load up a browser.

Hey there, before getting started with my reply... I just wanted to let you know that your subscription list is an absolute goldmine! I'd say that there's a combination of reasons why that might be the case. While my Win2K machine has started to show some really weird behaviour within a couple of minutes, I actually left my 486 with Win95 (+ file and printer sharing enabled) exposed for quite some time, which didn't seem to affect it at all. I later found out that the suspicious pings I mentioned in my video have actually been echo replies coming back from my machine. Windows 9x somehow manages to be one of the most attack-proof operating systems out there. The security of NT (especially end-user systems like 2000 and XP) used to have more holes than swiss cheese... especially during active lifespan. Self-spreading worms like Sasser and Blaster were able to propagate without any user interaction. Even having a fully updated system on some kind of network could get you infected. For some reason, such devastating vulnerabilties have never been discovered on the 9x platform. My theory is that the simplicity and straightforwardness of the project allowed engineers to be more careful during development. Considering what's known about it, NT must have been a corporate hellscape during its early development phase. But Win9x has four network-driven flaws that I know of: NinNuke, Ping of Death, badly configured network drives and EternalBlue. The first two vulnerabilities are DoS-based attacks - one causes the computer to completely freeze, the other one will make it display a bluescreen. So that's nothing that a reboot couldn't fix. While not being a 9x-exclusive thing, the attack schemes and self-replicating worms from back then heavily relied on users' mistakes of sharing local drives to the outside world. See here: kzbin.info/www/bejne/f4e8mGull5V7ipo I spent quite a bit of time lecturing myself about EternalBlue since this video. The code causing it to be must have been written somewhere in the early-to-mid 90s. Some of the functions involved still carry references to OS/2 in their name. I assume that throth WinNT, Win9x and OS/2 were using the same 32-bit code for their vulnerable CIFS implementation. That's why I'm quite convinced that the remote code execution we've seen in the video might also work on Win9x, assuming someone really wants to make that happen. But here's the thing: Before Windows 2000 was a thing, CIFS was being provided on top of the NBT protocol via port 139. With Windows 2000 and anything that came after, CIFS had become an independent protocol in the form of SMBv1 and its default port of 445. Since EternalBlue is a relatively recent discovery, all of the exploit source codes that are publicly available don't seem to care about exploiting the old NBT-reliant implementation. So you are completely right with your theory.

I just realized... you are the guy who made "Everything is (Google) Chrome" back in 2013. I feel absolutely honored to have you as a viewer! You are a prophet.

People are more exploiting Windows Vista/7 now

Bad theory.

The thing with Windows 9x is that there's no permission model in place, so if you do get a RCE vulnerability, it can literally do anything on the machine, including installing VxDs to access kernel mode.

Not surprising given though most offices and other work environments use older software, so whoever (or whatever) hacked his pc might as well thought he was getting inside a really old company/office pc.

OP did mention that it was more likely a bot than an actual human.

​@@ViroRadsyou missed the point. A windows machine sitting on a public ip NOT behind NAT with smb ports open 😂

Furry :3

you mean windows 10 or 7

@@decotheepicguy He means XP or 7

@@RetroDsk i know but i corrected the operating systems, not the names

​@@decotheepicguybut you're still wrong because he meant Windows XP or 7.

still wrong@@decotheepicguy

damn tho u did a good job hosting it tho

Lol same with my windows xp setup for minecraft back in the alpha days

​@@drudiggerwas xp even supported by m$ during Mc alpha days? Im pretty sure win 7 was out by then

@@M8Military I played 1.9 in XP.

@@M8Militaryyes, xp was supported until 2014, by 2014 1.6 (maybe even 1.7) was already released

Thank you for letting me know about your devastation! I have been quite busy with all kinds of stuff besides KZbin, a legal battle and marriage being one of them. Since that video got hit by the algorithm, I have a strong urge to re-satisfy my subscribers. Once again, thank you for your kind words. I'll definitely keep you all updated. By the way, I have scrolled across your very own content. Maybe your philosophical insights will help me get closer to my goal.

@@fsturmat I also found this thanks to my autism being decoded by the algorithm, and I support new uploads! Got yourself a subscriber my friend,; godspeed with your life troubles, hope to see you soon! FTL

​@@Snipa127"...thanks to my autism being decoded by the algorithm..." Thank you for giving us a way to express that sentiment!

Hi. Quick question; considering that the system is legacy and no longer being supported by Windows, and therefore no security patches for today’s threats, could this be a reason the system was hacked as well? Thanks.

@@Intell1s Yes, definitely. There is still code from Windows 2000 present in Windows 11. While Windows 11 gets patches, they are not fixed on Windows 2000. It is common practice for hackers to find holes they can exploit from this old code in modern Windows systems. That's why headlines like, "Microsoft patches 20 year old security flaw", get made. In addition to that, back in the day when Windows 2000 was all the rage and we all wanted to run it instead of Windows ME and before Windows XP came around, Windows 2000 was still very hackable. We learned a lot of hard lessons like the importance of installing a firewall (it didn't come with one) and making sure to not directly expose it to the internet. It was common place for people to plug into their cable modem and get a public IP back then whereas now the box from your ISP hands out private IPs by default in most cases. Some setups will still hand out public IPs (they still do if you put it in "bridge mode" to use your own router), but it's not very common for people to be using a public IP directly on their PC anymore. Windows 2000 was loved by many in the IT community for being reliable (when it wasn't directly exposed to the Internet). It didn't crash nearly as often as Windows 9x, Windows ME was so bad that 99% of us skipped it, and it ran the latest games surprisingly well (most games had moved to Win32 instead of DOS by then).

This is why my xp build is, and shall forever remain, airgapped.

why my computer dont get any virus? i use windows 2000 too and i search for virus everyday

I remember that it was tight and sweet except for driver issues for audio/video because it wasn't for average home users and I assumed, more professional applications but I ended up always seeing XP as just 2000+.

that's interesting I've never considered that. it makes sense. but wouldn't a worm just wait for the slow responses from the dial-up connections? do they use timeouts to ignore slow connectsion?

@@xenostim If i'm correct it was super easy to be hit by that blaster worm, if you where "unprotected" on the internet. Dialup or not - you could have a worm that would gather personal stuff, collect logins and once in a while send it to the master. it could also infect your home network, it was quite the issue back then. When you where behind a router, most ports where standard blocked unless you specified them to be open. The biggest culprit of downloading over P2P for example was the obvious hidden malware.

*you're 100% guaranteed

@@vanderlinde4you *most ports were blocked by default *When you were behind a router

​@vanderlinde4you I used to put my PS3 into the DMZ on my router because UPNP and port forwarding just didn't work well for every game. I found Nat type 1 worked well, and so it was, I kept my PS3 in the DMZ. Even when I used other OS to run Linux, then used Windows emulator to install a lightweight version of Windows XP! It ran so slow that I never really used it much, because the PS3 just didn't allocate much ram to Linux, and the GPU was completely cut off from the other OS feature also. So I had hardly any memory, no Graphics accelerator, and God knows how much left over CPU power. Never seen Windows XPboot so slow 😂😂

Likely it's a bot that is looking for anything that is vulnerable to any of the exploits it is familiar with (EternalBlue is very common) and tries to install the crypto miner on it. There is apparently no logic to determine how useful the infected machine will be at mining said crypto. Mining on one dinosaur might be shit, but every little bit helps and it's all free anyway, so who cares?

I got a worm within 2 minutes once on 56k

You just unlocked a memory for me... In my high school computer lab, kids would use net send to send offensive pop-up messages to each other.

SP2 Then?

zonealarm

I think Windows 2000 SP4 addressed that.

@@russ254 I used to use that on my XP rig and other peoples rigs too. Kept the system safe, I have it on here, too. Not sure if its doing much now lol.

I'm pretty sure they added a firewall when they released sp4.

NetBIOS dialog boxes **shudder**. If you were on dialup it was a plague. 😂. There was no way to stop it without a third party firewall or knowing how to shut the service off.

Sorry but how do you “connect to the internet” without a router? Are you just in every subnet all at once? You must of had one hell of a layer-2 link.

@@o0Donuts0o i mean, yeah, of course there are plenty of routers in the way, what i meant is no home router with built in firewall and NAT, so the computer gets a public IPv4 address and anyone on the internet can connect to it. i believe it had win XP or 2000 without service pack 1 and 2, which had some major well known vulnerability that allowed worms to infect the computer without any interaction needed

Same, i'm guessing Felix is in Germany or a country that does not have the same IPv4 address to population ratio as the US.

It's called CGNAT. Quite common these days.

My ISP gives me up to 8 public IPs per circuit on gpon fibre. I also happen to work on the fibre side of my ISP supporting gpon config issues. We're in talk to lower this to 4 per circuit soon.

@@curtheisler1200 *fiber

What mobile carrier do you have? You probably share one there

What happens with SSH and no password..

I always find it funny how people try to upload files to something unsecured. Like maybe hack something worth of value instead of an old PC. LOL Like you going to be a thief be a good thief. LOL

⁠​⁠@@boo62919every device is worth attempting to exploit when you can write a script once to try on every device it finds and then run it forever or maybe theyre trying to take over stuff for fun. who knows

@@LiEnby not a whole lot but if you're curious there are a bunch of neat SSH honeypots you can deploy in cygwin/docker/jails/pyenv with realtime logging so you can watch.

@@boo62919like he said they’re probably bots

Well dirtyCOW and shellshock were a thing....

He did mention the attacks started before he could even make the reddit post.

Thank you for your kind comment! As I've mentioned in a previous comment, I had quite a few personal clusterfucks to resolve during this year. Since the amount of subscribers has increased substantially, I definitely need to come up with something new. I've seen that there are many channels that we are both subscribed to. Considering your name and content, I really hope that you are safe and well. Все буде Україна!

Completely understandable. I haven't touched this computer ever since, as I'd somehow expect it to jumpscare me at any possible time.

And thank you very much for this heartwarming comment!

@@fsturmat yeah, waking up to it is basically like waking up to the default ringtone of those old plastic alarm clocks, only 1 million times worse lmao

@@fsturmat and no problem :3

Ive got mac os system 7.5.3 on the internet with Netscape 2.0 @@fsturmat

Oh yeah, dialing-up from WinXP SP1 box and in 3 minutes you have msblast. I had Russian OS which was attacked by the exploits written for other versions which contain different offsets, so in my case lsass had usually just crashed.

Thank you for letting me know! 🤗

For some unknown reason, this video has been hit by le algorithm during the last few weeks. It's quite rewarding to see those subscribers flood in. Thank you for your kind comment!

@@fsturmatyeah man I ringed the bell. Make a community post with your plans on this channel. All the best!

Sounds like a hardware failure. Linux doesn’t have colored crash screens.

@@desertfish74 VMware purple screen of death, might've been hardware yeah.

Being hit by the algorithm all of a sudden was something I didn't really expect, but I'm glad that my last video has found so many viewers. I'll make sure to provide more content to all of you. Thank you for your heartwarming comment!

Thank you for your nice comment! I really like your theory regarding the exploit's name. I wouldn't be that surprised if one of these NSA employees would have happened to be a Lunar fan...

Wow, an AMD K6... I fitted mine with a Voodoo 5 PCI gfx card. Gave that thing away and it eventually got tossed in the garbage. Unfortunately, that very Voodoo 5 graphics card is now worth $700 CAD.... effin nuts

​@@guidancefromjah The K6-3+ mainboard is still inside. As a working horse I had clogged the 160GB FAT32 harddrive with data (downloaded schematics, eBay pages about synths etc.) until it got too slow to work well. Now that stuff is on the modern PC side (8TB HDD) and the Win98SE system can run games again. GPU is GeForce 3 TI220 (formerly a TNT2) + 3Dfx Voodoo 1 addon, and it has 2 real ISA sound cards (SB AWE64 and Gravis UltraSound), Unfortunately the UltraSound runs only in DOS because the Windows driver fails to communicate by the too fast CPU.

After unplugging the machine, I did invest quite some time reading the traffic I captured using Wireshark. To my relief, my machine has not attempted to infect any other computers. I saw a bit of SIP-related traffic come in, for obvious reasons without any effect. But unfortunately, all of the attacks relied on MS17-010. I actually hoped for something more "creative" to happen.

@@fsturmat "to my relief, [it didn't try] to infect any other computers." You didn't isolate it with a VLAN or take the others offline? That's super risky.

@@Ck87JF He connected it directly to the internet via a RasPi VPN box. Isolating the Pi to a separate VLAN (if possible) might have added an extra layer of obscurity, but VLANs aren't security, just logical separation and are trivial to overcome. The VPN did FAR more to isolate the box than any VLAN could do.

If they would've found out about Eternalblue back then, those apocalyptic events that were expected to take place at 01/01/19100 might actually have become a real thing... lol

I still use windows XP on my Dell Inspiron 570 and Mac OS X Snow Leopard on my early 2009 MacBook daily

Hey there, thank you for your comment. As your Win10 machine is the only computer your Win95 machine can be accessed by, you don't have really much to worry about. If someone would theoretically manage to "hack" into it, I'd be more worried about your main computer. As long as you don't do some explicit forwarding or tunneling on your network (like I did), the only thing you might have to worry about are "computer illiterates" using the same Wi-Fi as you do, since those people could manage to accidentally spread malicious stuff across your devices and shared folders. (You know, the kind of user that has 30 toolbars stacked on top of eachother and makes sure to run every email attachment at least twice) And even if that might happen, legacy systems like Windows 9x are far out of the scope today's malware authors have, as there isn't any money to be made with computers like this.

Nice to know that my channel ain't coal! :)

heh, nice to have you here :D

I remember it. I set up three machines in an office I was tempting in around 2002. All of them got that message within minutes. The solution was to install Service Pack 1 before connecting to the internet.

sasser?

Might have been Sasser or Sobig perhaps. That's very likely why Windows XP SP2 and later ship w/ a firewall.

Blaster or Sasser. Happened to me as well, almost identical to how you said. That was my first real computer. I miss it sometimes...

He burbed randomly. He has a bad self Control lol