1 Reply by TechDud

(8 replies, posted in Software)

@5eraph - Hello, greetings, & welcome back to this forum.
Have read some of your work years ago relating to 9x, and you, Gape, mdgx, problmchyld, etc, etc @MSFN were helpful to me, and i appreciate such open philosophy.

I hope i finally have returned the favor.  Have removed my name from the title, as it includes some of your work.  I hope it can help the "lunatic fringe" that insist on running XP online (clearly without a safety net AND scissors in hand)

For testing, perhaps see SSLscan tool linked above.

Many like being able to make repeatable tests, and hope to eventually see a topic somewhere somehow and by somebody on how to verify these things for themselves independantly.  I have a topic with a similar theme for Graphics where a list of tools can verify (ati) graphics issues, for instance.

Structure seems different in this reply (quoted from link below):

Marc Novak wrote:

"The correct REG_DWORD values are:
..\SSL 3.0\Client
DisabledByDefault : 1
..\SSL 3.0\Server
Enabled : 0""

This work should be verified and expanded to encompass NT6, but i'm not set up for that now.

I wonder if there are other configs that can be tweaked for other libraries than schannel.dll & kerberos.dll (KB2478971<-xp/2k3->KB3011780).
Quote of wikipedia:  "Kerberos uses UDP port 88 by default."
I take it not many people other than those on Domains have that port open?  (am using linux for internet, so cannot confirm nor deny)

Thank you again.

-----------------------------------
@Outbreaker - Actually, a Search did yield something intriguing, but nothing definative yet.

Theantioch wrote:

"We are currently using Exchange 2013 CU6 on Server 2012 R2 with the latest patches. Due to the poodle vulnerability we are attempting to disable SSLv3. We started by using IIS Crypto, however it indicates that SSLv3 is not a supported cipher suite, it only identifies multi protocol unified hello and pct 1.0 as the only valid cipher suites. SSLv3 is also disabled in the registry. A qualsys scan of the exchange server still indicates SSLv3 is supported. How can we disable this?"
https://social.technet.microsoft.com/Fo … esvrdeploy

Others have intonated, but not confirmed, that the HelloWorld protocol is shomehow related to SSLv2 & SSLv3 intercommunication.

Am thinking, "turn that sh*t off!"  :lol

PCT??? Nice.  You were saying, Jeff?  (about viruses, et al)

Go to forum: Software

2 Reply by TechDud

(4 replies, posted in News)

Happy belated Birth Day!  Cheers.  big_smile

Disclosure:  No llamas were hurt during the making of this celebratory greeting.

Go to forum: News

3 Reply by TechDud

(3 replies, posted in BartPE - UBCD4Win - WinPE)

Fresco Logic USB 3.0 updates:

Test Packs:
·USB3-Controller-Hub-Wdf_NT5_BartPE-UBCD4Win_Plugins_Test_Jan9-2015.7z - 432.88 KB   9B9D9380704013E0E9F22D46568AEE687F69D713
·USB3-Controller-Hub-Wdf_NT5_BartPE-UBCD4Win_Plugins_Test_Jan16-2015.7z - 432.99 KB   8CE6928BA11D3F280A125A6BC07541CDADD435C8

Go to forum: BartPE - UBCD4Win - WinPE

4 Reply by TechDud

(8 replies, posted in Software)

v2
·NT5_IIS_KB245030-3009008_Schannel_Registry_Mods_Jan23-2015.zip - 16.12 KB   DFF41B057D701D6BB487BD5148675717CD3FA3D1

* not for 2k3 or above

Go to forum: Software

5 Reply by TechDud

(51 replies, posted in DriverPack LAN)

for DriverPacks folder:
·DP_LAN_wnt5_x86-32_1501221.7z - 12.92 MB   4556F99B566D5BB3E60ED15E50265715AA89B312

for 3rd party DriverPacks folder (or side-by side for SAD3 installation):
·DP_LAN-Utils_wnt5_x86-32_1501191.7z - 41.89 MB   0C18E64976D4543D4BADC4CD3CC722A067416591

for post-Windows Setup utilizing SAD3:
·DP_LAN_USB_wnt5_x86-32_1501141.7z -  MB   AE10F4C6CA8625421EF71CAEA668B8C6676DD4BF

PE driver integration sorted out for lan.  Logs are now clean.  big_smile

Gh0st's reg tweaks have been removed.
For the  NT5 KB245030-3009008 IIS SSL registry tweaks, etc. see  http://forum.driverpacks.net/viewtopic.php?id=10947

Go to forum: DriverPack LAN

6 Reply by TechDud

(16 replies, posted in Feedback and Support - DriverPacks Base)

You are quite right on all counts OverFlow.

Additionally, the hardware id PCI\VEN_13C1&DEV_1005 via 3wareDrv.SYS was in even the release, but it was an err as the driver specifies SUBSYS id's.

MassStorage.ini:

ms_3_hwids="PCI\VEN_13C1&DEV_1002,PCI\VEN_13C1&DEV_1003,PCI\VEN_13C1&DEV_1004,PCI\VEN_13C1&DEV_1005"

3wareDrv inf:

; for Windows 2000 systems
[AMCC]
%DEVICE_DESCRIPTION_9K%  = Install, PCI\VEN_13C1&DEV_1002&SUBSYS_100213C1
%DEVICE_DESCRIPTION_9X%  = Install, PCI\VEN_13C1&DEV_1003&SUBSYS_100313C1
%DEVICE_DESCRIPTION_9E%  = Install, PCI\VEN_13C1&DEV_1004&SUBSYS_100413C1
%DEVICE_DESCRIPTION_9A%  = Install, PCI\VEN_13C1&DEV_1005&SUBSYS_100513C1

; for Windows XP/2003 systems
[AMCC.NTx86]
%DEVICE_DESCRIPTION_9K%  = Install, PCI\VEN_13C1&DEV_1002&SUBSYS_100213C1
%DEVICE_DESCRIPTION_9X%  = Install, PCI\VEN_13C1&DEV_1003&SUBSYS_100313C1
%DEVICE_DESCRIPTION_9E%  = Install, PCI\VEN_13C1&DEV_1004&SUBSYS_100413C1
%DEVICE_DESCRIPTION_9A%  = Install, PCI\VEN_13C1&DEV_1005&SUBSYS_100513C1

That caught my eye, hence the train of thought derailment on my part.
Long story short, i have no driver in the packs for his AXSCSI IDE Controller (RAID, actually).

It would be nice to see a dps_base.log posted, indeed.  I concur.

Go to forum: Feedback and Support - DriverPacks Base

7 Reply by TechDud

(6 replies, posted in Vista / 7 DriverPack WLAN)

If that driver was signed, it might be best to keep that, but if you are looking for improvements, try the driver ..\Ai\NETANI.inf (v1.5.5.6) in the NT5 WLAN pack.

http://forum.driverpacks.net/viewtopic. … 554#p58554

note:  changed name of topic to "[REQ]" to ensure this driver eventually makes it's way into a NT6 driver pack.

Go to forum: Vista / 7 DriverPack WLAN

8 Reply by TechDud

(18 replies, posted in DriverPack WLAN)

Updated, including for Airgo Networks AGN100/AGN300/AGN300USB devices.  smile

   AGN100 {DriverVer = 03/16/2006, 1.5.5.6}
   AGN300 {DriverVer = 03/06/2006, 2.0.4.13}
   AGN300USB {DriverVer = 03/06/2006, 2.0.5.193}

for DriverPacks folder:
·DP_WLAN_wnt5_x86-32_1501231.7z - 23.78 MB   9EC3757BFC274EC876FBD8F03158E74B8A2B3D4F

for 3rd party DriverPacks folder (or side-by side for SAD3 installation):
·DP_WLAN-Utils_wnt5_x86-32_1501171.7z - 214.71 MB   1E03621F5142A66452827CB8C4D9F787A64DB86F

for post-Windows Setup utilizing SAD3:
·DP_WLAN_USB_wnt5_x86-32_1501231.7z - 13.67 MB   9E86D3AE8150B7A97C5A877184BD615076F97C10

PE driver integration sorted out for wlan.  Logs are now clean.  big_smile

Go to forum: DriverPack WLAN

9 Reply by TechDud

(16 replies, posted in Feedback and Support - DriverPacks Base)

First problemo, that driver doesn't support your particular SUBSYS HWID.
PCI\VEN_13C1&DEV_1005&SUBSYS_A26F92DC or even PCI\VEN_13C1&DEV_1005&CC_0104

Need input concerning OEM source of drivers, even Server 2008 drivers, for your hardware.  It's likely hardware-specific and most likely solution to your problem.

Please post a link to an OEM driver download page, somewhere and i will assess fpr storport & resulting xp/2k3 support, include if possible & credit your username in changelogs and say thank you very much.

It's up to you now Programinjo, unless you want me to modify an inf to add support for that HWID, but of course that is highly experimental and should only be used as a means of last resort as it's most likely to fail.

Go to forum: Feedback and Support - DriverPacks Base

10 Reply by TechDud

(16 replies, posted in Feedback and Support - DriverPacks Base)

There is an updated driver from LSI  {DriverVer = 02/14/2013,3.00.05.058}
That might be as of yet missing from the MassStorage pack.
http://www.lsi.com/support/pages/downlo … ord=9690sa

Quote from the .inf:

"; Primary INF file for the LSI 3ware 9000 Series SAS/SATA RAID Controllers.
; SCSI Miniport Driver for 32-bit Windows 2000, Windows XP, Windows Server 2003,
; Vista, Windows Server 2008, and 64-bit Editions of Windows XP, Windows Server 2003,
; Windows Server 2008, and Vista.
"

Will yet see if it is a SCSIport or STORport driver & whether xp can work with it or not.

Will put together a test pack and post here.

Go to forum: Feedback and Support - DriverPacks Base

11 Reply by TechDud

(16 replies, posted in Feedback and Support - DriverPacks Base)

Hang on a tic, i missed those HWID's you posted earlier.
I don't know that i have PCI\VEN_13C1&DEV_1005 in the current [Nightly].  I will search and report back later.

Is there an oem link to drivers for this "AXSCSIDRV IDE Controller", even if advertised as Win 7 (etc) only?

Can you disable it for testing without negative consequences?  Are problems related to uEFI in any way, btw?

Post the details of any bluescreen filename & error codes, please.

Try with no nlited packs, no updates, no theme packs nothing.  Just plain vanilla XP.  Add DriverPacks appropriately and let us all know if it can work.  If that doesn't work, it doesn't matter how many updates you add, unless you add none.

  If it works there, i have done my job, therefore the rest is up to you.
RVMi seems to have the greatest compatibility with DPs_BASE.

What need .NET 1.1 anyway, unless you have a touchscreen & SP3-Touchscreen License?

There may be issues of conflict between Microsoft Runtimes and the DP's ATi/AMD Graphics packs, i must admit.

Thank you for your patience.

Go to forum: Feedback and Support - DriverPacks Base

12 Reply by TechDud

(16 replies, posted in Feedback and Support - DriverPacks Base)

please try with no nlite, if you agree.  It may be helpful.
It is important to note if an old bug still exists in newer revisions of nlite.

Shutting down the dish for a couple of days...  :lol

Go to forum: Feedback and Support - DriverPacks Base

13 Reply by TechDud

(6 replies, posted in Vista / 7 DriverPack WLAN)

http://web.archive.org/web/200702020725 … .0.80a.exe

Looks like that driver could benefit from a UDA-style driver architecture for both NT5 & NT6 32bit.
  Will post a test-pack if possible, & see if any files are signed, other than the Security Catalog.

Go to forum: Vista / 7 DriverPack WLAN

14 Reply by TechDud

(16 replies, posted in Feedback and Support - DriverPacks Base)

great.  good to know you are licensed.
Have you tried an integration with the unmodified img as your source with no nlite?

Posting HWID's would also be helpful to help me to help you to help others ultimately.  neutral

Go to forum: Feedback and Support - DriverPacks Base

15 Reply by TechDud

(16 replies, posted in Feedback and Support - DriverPacks Base)

OverFlow wrote:

  "TRUE

It is OK to use nLite to create a Disc / ISO...
just don't use any of the other features of the program.
ESPECIALLY not for adding drivers.
Also note it's license forbids commercial use."

     quoted from:  http://forum.driverpacks.net/viewtopic. … 028#p51028

Please post your HWID's, either with the tool linked in my signature, as OverFlow's link is still broken.
  Alternatively, use linuxMint (etc) to execute the command "lspci -nn -b" in a Terminal window & post the info here (within code tags).

Try an integration on a virgin unmodified source, and it will most likely work "tickety-boo".

Go to forum: Feedback and Support - DriverPacks Base

16 Reply by TechDud

(28 replies, posted in Software)

Well how about that.
They have updated recently.

"History
    2014/7/4 Version 9.22.00.01 public.
        Since the internal version notation remained ? version, replaced only distribution file.

    2014/6/25 Version 9.22.00.01 public.
        Additional API. (SevenZipGetLastError)
        Additional API. (SevenZipSfxConfigDialog)
        Additional API. (SevenZipSfxFileStoring)
        Corresponding to the long path name. (NT system only to the extent that the head family 7-zip corresponds)
        Specified change to return FALSE if it was password error the CHECKARCHIVE_FULLCRC flag in SevenZipCheckArchive.
        Strengthening of error handling. Fixed to the had not returned at the scene should return some error.
        Fixed to return an error if the buffer shortage in SevenZipGetArcFileName like.
        Change the specification of SevenZipGetMethod slightly. Corresponding changes and the like in the case of buffer shortage.
        Supports M_CHECK_ALL_PATH and M_CHECK_FILENAME_ONLY flag in SevenZipOpenArchive. By default M_CHECK_ALL_PATH ("- r") state was the of the M_CHECK_FILENAME_ONLY ("- r-") to fix. You can also correspond to the ("-r0") by using the two flags at the same time.
        Fixed a bug that all have not the application window is unable to display the password window when dealing with encrypted file.
        Fixed a case is the processing speed of the items in the progress dialog box is displayed 100 times.
        Fixed a bug that SevenZipGetArcAccessTimeEx had to get the update date and time.
        Since -slp switch which can not be used once and do not install the 7-Zip file manager and then a non-supported DLL. (Use it is possible)
        The rebuild at 7-Zip 9.22.
        - -mf = I you can specify a compression filter at FilterID switch. Following example.
        a -mf = bcj2 a.7z a.tar
        a -mf = delta: 4 a.7z a.wav
        a -mf = bcj a.tar.xz a.tar
        - 64-bit version of Windows I can use the best 4GB of RAM.
        - Fixed some bugs. "
     quoted from:  http://www.csdinc.co.jp/archiver/lib/7-zip32.html
       translated via Goggle Translate:  https://translate.google.com/translate? … zip32.html

I'll do what i can to see that into at least the current testing version of DPs_BASE.
Maybe mr_smartepants would update SAD3, if it pans out for BASE.

What more does Igor Pavlov's 7-zip v9.22 offer over v9.20?
Wim support, eh Jeff?

Nice work guys, for bringing it to our attention.

Nice work author Minoru Akita (http://akky.xrea.jp/support.html),
   & CSD,inc. and shoda T. for hosting it and/or improving the 7-zip32.dll file!  big_smile

That might be just the inspiration OverFlow needs to start developing a NT6-compatible version of DPs_BASE!

Go to forum: Software

17 Reply by TechDud

(294 replies, posted in DriverPack Mass Storage)

@knocks -

"To prevent customers from encountering this issue, Lenovo limits C30/D30 systems shipping with XP-32 to configurations with 24 or less threads. However, if a customer chooses to add/modify a configuration after purchase, or converts an existing system to the XP-32 OS, he/she must perform one of the following actions to avoid experiencing the instability issues:
   a) Ensure that the Intel CPU SKUs which are installed have 6 or fewer CPU cores.
   b) Install only 1 CPU.
   c) Disable HyperThreading in the System Setup."
  ref:  http://download.lenovo.com/ibmdl/pub/pc … p_rev2.pdf

Go to forum: DriverPack Mass Storage

18 Reply by TechDud

(8 replies, posted in Software)

updatum abovum ^

From harkaz's "Welcome to Windows XP Service Pack 4":

Quote of harkaz:  "Windows XP SP4 security enhancements: Windows XP SP4 includes registry updates to enhance security. I want to thank Stefan Kanthak, a security expert who has kindly given me the necessary information. These security enhancements address issues not fixed by Microsoft updates.
This is an example of security vulnerabilities fixed by Stefan's registry updates: http://seclists.org/fulldisclosure/2013/Oct/151"
     quoted from:  http://www.ryanvm.net/forum/viewtopic.php?t=10321

Stefan Kanthak's registry updates also affect files referenced elsewhere in this topic.
  Highly recommended, unless you are already using harkaz's unofficial Windows XP Service Pack 4, as he already includes them, iirc.

Go to forum: Software

19 Reply by TechDud

(294 replies, posted in DriverPack Mass Storage)

Great!  Now i don't have to post the link to that legacy driver.

That has to be the fastest verification i've ever seen, btw!

Thanks again for letting us know about the Virtual SATA Mode issue via 8086:2829 & the issue finding latest MassStorage [Nightlies].  I appreciate your input. 

What more can be done for the NT5 branch, other than weed out some outdated & otherwise updated elsewhere WiFi/LAN drivers, modify .Inf's to fix 2k/xp+ USB-RNDIS support, & update the ATi/AMD Graphics drivers?
edit:I forgot about the new DP_Virtual_wnt5_x86-32 pack.  It's available now to the testing team.  It's close to being ready, if i have that right.  You might like.  Am still hopeful you have an idea or two for improvement (& RC's) though.

Go to forum: DriverPack Mass Storage

20 Reply by TechDud

(6 replies, posted in Vista / 7 DriverPack WLAN)

http://jelnet.free.fr/jlnt_lwpc.htm lists the latest Airgo driver for linksys was v1.5.0.86, though xp is incorrectly listed for that particular file.

                                               *** Ding, Ding, Ding ***

we may have a winner here!  smile

Netgear has {DriverVer   = 06/30/2005, 1.5.0.147} available for PCI\VEN_17CB&DEV_0001&SUBSYS_000117CB !
It also includes {DriverVer = 10/28/2005, 2.0.1.19} 32bit support for  PCI\VEN_17CB&DEV_0002&SUBSYS_6D001385
(Yikes!  That driver has something called "Heartbeat Threshold (5.0 GHz)" in it's reg entries.  WiFi HeartBleed?  At least it's not an automatous & self-propogating WiFi virus, though.  No, just kidding; it looks like it was ahead of it's time for a chipset. "240.0 Mbps" "NETGEAR RangeMax(TM) 240 Wireless Notebook Adapter WPNT511")
  ref:  wpnt511_v1104.zip via http://support.netgear.com/product/WPNT511    big_smile

Dump & archive your firmware, First, if at all possible (just in case)!

Post some drivers for the remaining HWID's if possible, if you like.
  It would be good to complete the NT5 DriverPacks.
    It suffices as NT6 extreme Legacy branch of DriverPacks, for now.

  There are even a couple of signed 64b drivers in the [Nightlies], believe it or not.
  That might be at least partly why some have problems in PE.

Go to forum: Vista / 7 DriverPack WLAN

21 Reply by TechDud

(3 replies, posted in Feedback and Support - DriverPacks Base)

The routines for runtimes need a major overhault to detect existing, updatable, and missing runtime support.

Outbreaker has already contributed valid solutions for existing detection, btw.

Note that runtimes are currently only installed if an optional package (such as CCC) requires.  If the runtimes are not present, all available optional packages in DriverPacks might not be installed.

Go to forum: Feedback and Support - DriverPacks Base

22 Reply by TechDud

(2 replies, posted in Software)

I know, eh?

Go to forum: Software

23 Reply by TechDud

(6 replies, posted in Vista / 7 DriverPack WLAN)

Most importantly, what chip is in it?
  One way to deduce is via the original driver.
  Another is via pci-ids_ucw_cz or databases from Ray Hinchliffe's wonderful work SIV.
    In linux, "lspci -nn -b" works well in Terminal.
The most risky yet the most certain method, is visual verification via manual teardown.

Quote of pci-ids_ucw_cz:
"17cb  Airgo Networks, Inc.
    0001  AGN100 802.11 a/b/g True MIMO Wireless Card
        1385 5c00  WGM511 Pre-N 802.11g Wireless CardBus Adapter
        1737 0045  WMP54GX v1 802.11g Wireless-G PCI Adapter with SRX
    0002  AGN300 802.11 a/b/g True MIMO Wireless Card
        1385 6d00  WPNT511 RangeMax 240 Mbps Wireless CardBus Adapter
        1737 0054  WPC54GX4 v1 802.11g Wireless-G Notebook Adapter with SRX400"

I think we have already deduced what fabless chipmaker's is in it?

How about Alienware drivers?  http://support.alienware.com/Support_Pa … aspx?os=WV
  d'oh.  That seems to contain AGN300 drivers.

    The linux driver seems to lack some features.  https://wikidevi.com/wiki/Wireless_adap … pset_table
      quote:  "driver never completed, abandoned"
      quote from agnx link:  "agnx is a mac80211 driver for Airgo AGNX00 wireless chips."

see:  http://forums.laptopvideo2go.com/topic/ … ntry124720
Quote of mobilenvidia:  "Not good news, there were no drivers made for Vista let alone Win7"

It might be like the Linksys WPC54GX, as it used an AirGo AGN100 chipset apparently.
   ref:  http://jelnet.free.fr/jlnt_lwpc.htm
Filename:  WNIhdd*
     see:  DP_WLAN_wnt5_x86-32_1501171\D\W\L\NETANI.INF (& B, & B\9)

Linksys seems completely useless to me, as they list no driver for either HW revision.
http://support.linksys.com/en-us/suppor … rs/WPC54GX

Thanks to Softpedia for the OEM link.  http://drivers.softpedia.com/dyn-postdo … 5/5554/0/1
http://downloads.linksys.com/downloads/ … -EU_dr.zip

The latest i have in the packs is {DriverVer = 02/04/2005, 1.4.4.183}, so if you can find something updated, i will include & credit your username in changelogs.
  Perhaps Internet Archive might still have some of those old pages, and drivers, archived.


Quote of botus:  "so I looked inside the XP drivers from here"
  What did you find?

     Please post links to any drivers you find for any AirGo wifi chipset.
Use the hwids_tool link in my signature, and do try "lspci -nn -b" in Terminal from LinuxMint, or similar, so that you can find the all-important SUBSYS value.

One of these drivers could work with 32bit Vista or Seven.  We might need to find a signed executable, though  requirements were retarded in 32bit compared to 64bit, iirc.

Go to forum: Vista / 7 DriverPack WLAN

24 Topic by TechDud

(8 replies, posted in Software)

Note:  rough draught (3 so-far)  To be completed & download link added before a later date.

---------------------------------------
First, some background info:

A repost of http://forum.driverpacks.net/viewtopic. … 594#p57594

This issue is also relevant to those that use XPMode as well, BTW.
Perhaps we could refer to a statement (by perhaps number one fear-monger :lol):

Microsoft wrote:

"Important

    As of April 8, 2014, technical support for Windows XP and Windows XP Mode is no longer available, including updates that help protect your PC. This means that if you continue to use Windows XP or use Windows XP Mode on a Windows 7 PC after support ends, your PC might become more vulnerable to security risks and viruses. Therefore, to keep your Windows 7 PC secure after support ends, we recommend that you only use Windows XP Mode if your PC is disconnected from the Internet."

     quoted from:  http://windows.microsoft.com/en-us/wind … -windows-7

Here are some more aspects:

ChrisH wrote:

"I have XP-specific applications that won't run under wine or any later windows, as well as some windows-only applications, so for me an XP VM is an absolute requirement, which I've given some thought to.

You are at risk, but you can bring the risk down to an acceptable level by:

    1. Not browsing in the VM - do that in the host, copy files across as required.
    2. If there's some bizarre reason why you really must browse in the guest, throw all the browser-based security you can at it (strict noscript etc.) and only for the sites you really have to (and see item 4.).
    3. Cutting out all non-essential services from XP (especially network-related ones, but note that networking is used to share folders to the host.
    4. Running your VM from a file system that appears to be called immutable in the docs - it's reset to the starting conditions on shutdown. I asked about this here.
    5. or running still-supported security software on the guest (it's no use if you can't keep it up-to-date, which you can't if loads from immutable storage).
    6. Firewalling the VM on the host (which I haven't done properly yet, so can't go into more detail, but basically close all the ports to start with)."

     quoted from Apr 30 at 15:43:  http://askubuntu.com/questions/458306/v … e-browsing

Here is one possible reason for recommending a linux VM.  That is, the very nature of not only the OS, yet some of the malware itself.

Joshua Cannell wrote:

"It’s not uncommon for the malware of today to include some type of built-in virtual machine detection."

     quoted from:  http://blog.malwarebytes.org/intelligen … detection/

Joshua Cannell wrote:

"It’s not so much what it can do, rather, it doesn’t want to do anything. Since average PC users don’t run their OS within a VM, it’s suspicious to be running in a virtual environment from the malware’s standpoint, as it drastically increases the likelihood that’s being analyzed and/or reverse engineered. This is something the malware’s creator wants to prevent."

     quoted from:  http://blog.malwarebytes.org/intelligen … mment-5861

Of course, that doesn't preclude infection, just further aberrant behavior for the most part.
Virtual machine hosts can be vulnerable, even linux hosts.

ggalaxy wrote:

"A successful attack from Windows users will be as follows ;
    * You installed wine application in ubuntu
    * you forget to configure UFW (the firewall)
    * you unintentionally clicked on a malware link from your win xp virtual box
    * you opened ports and didn't secure them
. In your case, you are going to install WINDOWS XP in Virtual box, and VBox will create a disk image which will be impossible for users to get outside the disk image and mess with your Ubuntu, however, if you have wine in your ubuntu, and wrongly clicked a malware link from your Win XP virtual box, that will lead the attacker to your ubuntu and execute commands and harm your computer."

     quoted from Jan 9 at 20:21:  http://askubuntu.com/questions/403079/i … for-ubuntu

Apologies for not expanding upon security in VMWare.  Am hoping more people will offer insight.

Then again, there's the whole current flawed trust model.

Moxie Marlinspike wrote:

"Essentially, at some point a decision was made to anchor trust in an organization like Comodo, and now we’re locked into trusting them — forever."

     quoted from:  http://www.thoughtcrime.org/blog/ssl-an … henticity/

Dan Goodin wrote:

"Of 3.45 million real-world connections made to Facebook servers using the transport layer security (TLS) or secure sockets layer protocols, 6,845, or about 0.2 percent of them, were established using forged certificates. The vast majority of unauthorized credentials were presented to computers running antivirus programs from companies including Bitdefender, Eset, and others. Commercial firewall and network security appliances were the second most common source of forged certificates."

     quoted from:  http://arstechnica.com/security/2014/05 … tificates/

Few do think of updating those RootCerts & getting the current revocation update.  The RootCerts package is only an optional update for the masses, and curiously hasn't seen an update since before the HeartBleed revelation.

How long ago did schannel.dll (TLS/SSL) see an update?
  The latest i see for w2k is v5.1.2195.6960 from Apr 8, 2005.  That must be vulnerable in so many ways.
  The latest for xp is v5.1.2600.6370 from Mar 28, 2013, so that should be OK for at least a little while.  That seems to indicate pro-activity on MS's part.
  2k3's latest is v5.2.3790.5014 from June 4, 2012.  Curious that the supported OS has the older implementation, unless i have miscalculated the latest update for 2k3.  (25000 Servers a day need 2k3 updated before July of next year???)

  Is that the revision of schannel.dll in XPMode?

"Secure channel (aka SChannel) - Introduced in Windows 2000 and updated in Windows Vista to support stronger AES encryption and ECC [6] This provider uses SSL/TLS records to encrypt data payloads. (schannel.dll)"

     quoted from:  url=https://en.wikipedia.org/wiki/Secur … _Interface

  XP lacks support for stronger AES encryption and ECC?  I think the availability of something like P-521 or greater is something that should be available in today's day & age (especially in light of recent WPA2 vulnerabilities - recommendations of usage of greater complexity encryption at minimum.
There is an update for 2k3 to support AES256-SHA at least.  https://support.microsoft.com/kb/948963
  Perhaps one approach would be to disable support for the lowest and least secure ciphers.  See http://support.microsoft.com/kb/245030.  Those could go into the changelog.

Anyway, how should an advisory read (perhaps in addition to "* use at your own risk *" in networking packs) ?     hmm
  "Avoid networking entirely on Win2000 unless it is a private wired and isolated network.  XP/2k3 will eventually and not necessarily in succession receive the same recommendation."???

  Check the changelogs and see if you disagree moderately to vehemently against any statement within, please.

Integrating official updates into one's source does seem like another proactive approach.  Of course, that is a whole other kettle of fish.
  There are some recent KB updates for xp that so-far seemingly have improved usb stability/performance from textmode on.
  Wouldn't integrating KB network files & related inbuilt protocols/drivers, etc. offer one less flaws and greater stability than what is stock for XPMode?  (What is stock in a XPMode distro?  I don't know.)

Ooo, XP sees another update, one for SilverLight --> http://www.microsoft.com/en-us/download … x?id=42250
  Just as well --> http://arstechnica.com/security/2014/05 … -the-rise/

OK; thanks for reminding me about the first post.  Will decorate the changelogs and get that up.  No wonder that one seems so popular.  d'oh.      :u

   ...

CAPICOM is not preferred at all.

The MMC.exe snap-in for "IP Security Policies" allows one to enable PFS (as referenced in the Robert Love article above, iirc.) for kerberos.  It looks like it might be possible to restrict further unsecured and other insecure communication, but i'm so far uncertain the entire affected (mountain) range.

Disabling DES seems wise, though i see no option for adding TLS there (Bummer)  Disabling MD4 hashing there seems relevant too.
.  Kerberos is therefore best limited to 3DES, unless somebody has other ideas.

Is kerberos used for Windows Update?  Would PFS be supported on the other end of the connection?

---------------------------------------

Of course, WiFi drivers & other browsers may have their own security routines, and may or may not be affected by any of the aforementioned registry goodies.
    (FireFox/IceWeasel/etc-about:config-Security.TLS.VersionMinimum="1" = KB3009008)

There is also a (lite) OpenSSL package available as a Windows port

See MicrosoftFixit50588 for MS-CSSP via KB951608 info concerning the Credential Security Support Provider (CredSSP) in Windows XP Service Pack 3 is definately worthy of a gander (even if you are not from Newfoundland), imho (rotflmao).

The AutoPatcher community has some AAA-rated registry tweaks of their own, by the bye.
Lsa-LMhash/disallowAnonymous/AddLocalComputerToIEzones/etc/etc

Hasn't mdgx got some noteworthies as well?

   ...

Repost from http://forum.driverpacks.net/viewtopic. … 479#p58479:

Note that 5eraph's specific SA3009008 solution appears incomplete at best, and perhaps even erroneous.
Look at the last two lines of that post, where TLS 1.0 is "enabled" with a 0x01.  That is apparently incorrect.

Microsoft wrote:

"To allow this cipher algorithm, change the DWORD value data of the Enabled value to 0xffffffff. Or, change the DWORD data to 0x0. If you do not configure the Enabled value, the default is enabled."
     http://support.microsoft.com/kb/245030   see also:  http://support.microsoft.com/kb/187498 & http://support.microsoft.com/kb/811833

Is this not also true for protocols?

Hermann Wolf wrote:

"I also added the key SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\DES 56/56 with Enabled=1 and rebooted again bit the SSLScan.exe output is always the same"
     http://forums.iis.net/t/1187790.aspx

What of the value ""DisabledByDefault"=dword:00000001"?  I don't know which takes precedence.  RC4 128/128 disabling/undo should be included.  Win2k & 2k3 solutions are also missing thusfar.  Can AES work on XP?

  It does highlight the dire need for confirmation via testing.
There is a program that will test supported ciphers (except TLS 1.1 & 1.2).
  http://code.google.com/p/sslscan-win/
Here is some sample output, thanks to Wayne Zimmerman --> http://www.waynezim.com/2011/03/how-to- … rs-in-iis/

  Are there any UpdatePacks that include the full set of solutions?  I haven't seen any so far.  Correct me if i am wrong, please.

Outbreaker wrote:

... "people won't be able to connect to outdated HTTPS servers."

That is apparently actively being encouraged for servers.

Robert Love wrote:

"I advocate disabling SSLv3 support, which breaks Internet Explorer 6 on Windows XP, but prevents a downgrade attack for everyone else. If we're willing to drop support for all versions of Internet Explorer on Windows XP (Which likely just means the addition of IE 7 and 8), we can accomplish two other goals:
     http://blog.rlove.org/2014/04/the-end-o … p-and.html

  Also see:  http://blog.rlove.org/2013/12/strong-ssl-crypto.html


It's a bit of a sticky wicket, and it seems better to include it here as optional, as nobody other than 5eraph seems to have included any solution for NT5.
  I like to be able to confirm that the NULL cipher cannot be used with TLS 1.0 for instance, in my humble opinion.
  SSLScan seems to make that verification a little easier too.

Actually, as far as download is concerned,
  v1.0 is available here, in the LAN pack:
    --> http://forum.driverpacks.net/viewtopic. … 473#p58473  smile
  v2.0 to follow ...

Note:  there is no undo file for Harden_XP_TCPIP_Stack_by_GH0st.reg  hmm

Go to forum: Software

25 Reply by TechDud

(294 replies, posted in DriverPack Mass Storage)

@]knoks - Impovements for PE are upcoming for LAN & WLAN. 

{(edit=>)} Use only MassStorage for testing PE builds.
  There are 64bit drivers in LAN & probably WLAN too.  sad
MS is the only pack you should test PE on that HW for now.
Alternate to all configurations listed below, concerning HDD & CD/DVD combinations during PE testing & note results.

Make a PE disc primarily, but also use WinSetupFromUSB 1.0 beta8.7z from http://www.winsetupfromusb.com/downloads/ or SteveSi's Easy2Boot http://www.easy2boot.com/download/

(@SteveSi - some info about updating DPMS there on the Download page might be helpful to people, thank you.
http://www.easy2boot.com/make-an-easy2b … test-dpms/
  that takes me to --> http://forum.driverpacks.net/viewtopic. … 22&p=6
    oh!  I see what you mean.  Merci beaucoup!
{edit:} Updated.

Some additional details about the bluescreen might be of assistance, s'il vous plait.

Use whatever NT5 packs you like if you build an install disc. 
  Please test an integration of XP to a setup disc, build an image with your holograph disc or whatever licensed untouched source and at least the latest DP_MassStorage pack and DPs_BASE (available from:  http://driverpacks.net/applications/latest)
  Make ready a spare hdd, if you agree & Attempt 2 XP installs.
  One on either controller chip (likely blue vs. grey?)
  Use different color connectors for the HDD & CD/DVD
If neither install succeeds, please try with HDD & CD/DVD on same controller (color).
Whatever works, upon achieving the Desktop,
     Search "All Files" for "setup*.log, dp*.log" and archive copies for yourself.{(<==)}

Please start a new topic for your issue with 8086:1D02:CC_0106.
It works if the CD/DVD is on the AsMedia controller, with the 8086:1d02 controller disabled, no?
I thank you for your patience, by the way.

--------------------------------------------------------------------------------

@SteveSi - The JMB36X_WinDrv_R1.17.65_WHQL package is available via Jmicron's FTP.

It seems one might be able to rename the ..\R1.17.65.11\Application\xInsDrv.dll to JMInsDrv.dll.
It has similar structure from the original JMInsDrv.dll file (via silurian software's exe utility) i found earlier in Jmicron_XP64_MCE_XP_2K(R1.12.01).zip i found on another site (in folder )/Jmicron_XP64_MCE_XP_2K(R1.12.01)/Application).  In addition, the xInsDrv.dll file is digitally signed.  That is what will be in the next posted MassStorage update, unless you object.

If requested, the JMInsDrv.dll file could be copied during install via an .Ini exception, to support later uninstall.  Maybe it is there as a limit to accidental removals of the controller driver?  If so, i should archive that renamed file, should i not?

  The jraid.sys driver included in the MS pack is from ..\R1.17.65.11\\Driver\x32.
If necessary, i can add the .sys file from the Floppy32 folder for textmode-only (& therefore PE too).

Thanks for your patience too, by the way.  8086:2829 (& qemu's 2922) should be working now, thanks to Outbreaker for confirming that.  It seems he was reminding this community about that issue with Virtual SATA mode for literally years (going back to 2008, iirc) too!

Fixing Virtual SATA mode support means that affected hardware installs use a lesser driver, and consequently no longer support 4k advanced disk drives &/or 2TB+ drives for textmode.  One might need a "F6" floppy there.

The needs of the many seem to grossly outweigh those of the few, imho.  Welcome aboard Captain.

--------------------------------------------------------------------------------

BlackWingCat's  AMD sb6xx/7xx/8xx support for his Modified Kernel should be complete in the next posted pack, for what little i am allowed to include (no modded .sys files).

Is there anybody out there interested in testing Windows 2000 Single-core (non-HT) installations with his Extended Kernel integrated via his updated HFSLIP files for your language?

--------------------------------------------------------------------------------

@Outbreaker - Those are monitor utilities for USB 3.0, for NEC, Renesas, & AMD USB 3.0 controllers.

I finally get a chance to review one of them now.  Am assuming it is informational, and information not actively distributed.  If i'm wrong, now would be a good time to correct me, s'il vous plait.

--------------------------------------------------------------------------------

@Symbios24 - Thanks for posting that link  That was genuinely helpful.  We need more of that here.

My inner Magnum PI "little voice" tells me that it might be an idea to start a new topic with the next (soon as tested on AMD sb6xx/8xx AHCI&/orRaid) uploaded [nightly] here (et al).

Go to forum: DriverPack Mass Storage