I build a port check way back to determine if services are up. It crashed half the company by simply opening a few tcp ports to the machines.
Ridiculous days :)
I also remember SMB vulnerabilities that stayed unpatched for years on some machines. That was already when Metasploit existed, so you could inject VNC into most Windows hosts on local network with just a few commands. These days at least the patching is super fast.
Even into the late 90s early 2000, modems (including ADSL) didn't come with a router, you had to establish a PPPoE connection from your computer, which also means your home machine was directly on the WAN with no firewall protection.
I can't remember which version of windows but it must have been 98 or ME, you had to rush to download and install a patch when you connected it first to the internet before one of these exploits would make it crash.
I never encountered any of this, except that one roommate liked to brag about his expensive win 9x box, and me and another roommate would take turns using our junky linux and nt desktops to “pause” his machine with “ping -f”, usually in the middle of a lecture about how amazingly fast it was.
Later, we had an openbsd router running on an old 386 that we jammed a few old 10MBit 3com cards into (later, Linux, plus $20 ne2000’s).
Those things had 100% uptime other than power outages, ne2000 swaps, and the time I unplugged it after 50 gallons of water ran through it (stayed up, worked fine after I made a new copy of the soggy boot floppy).
Later we ended up with some shitty belkin router, etc. “Unplug it and plug it back in? Really?”
Eventually, I got a WRT54GL (emphasis on the L) which worked for a few years.
Now I’m back on OpenBSD. The only software downtime is due to PG&E power cycling it 100 times, and fsck expecting me to send a “y” over the serial port one of those times. Now it is double battery backed.
It works, but I’m living in fear of the day my PC Engines APU board finally gives up the ghost.
Also, sometimes our starlink’s linux cpu hangs. You’d think they could get that right. It’s not like it’s as hard as building a car, launching rockets, or operating a network that’s used for public safety announcements.
> Even into the late 90s early 2000, modems (including ADSL) didn't come with a router, you had to establish a PPPoE connection from your computer, which also means your home machine was directly on the WAN with no firewall protection.
Even today modems don't always come with a routers. In fact, I like them that way :).
IIRC, the problem in the late 90s/early 2000s was routers were thought of as only necessary to get multiple computers online, and it was pretty common for people households to only own a single desktop. There wasn't enough security consciousness earned through repeated failure, so it "made sense" to direct connect consumer machines to the internet.
We actually had a LAN years before we had broadband, and I setup a PC running Linux as a router to share our 33.6 modem to the household. But before that? The PC direct dials into the ISP, and got a publicly-routable IP.
IIRC Windows XP up to SP2 was vulnerable to this. Basically if you ran the install with the DSL modem attached, your PC was compromised even before the end of setup.
When W32/Blaster[0] came out I worked at a small ISP doing tech support and computer repair. A tech and I imaged an old box we had in the corner with a clean XP, assigned it a static IP in our /24, plugged it in and started a stopwatch. It didn’t even make it two minutes before it was infected.
I was working for a small ISP in that time frame and that's when we started blocking incoming windows ports. And yea, it was annoying for the few techie types that tried to run SMB and could actually protect their stuff.
For the other 99.9% percent of the users it protected them and us.
Yeah Blaster is one of the few worms I've ever (knowingly) been infected with. As you say, it was literally less than a minute or two between connecting an unpatched box and getting it.
that is really unpleasant.. engineers worked, companies worked and volunteers also worked to make the modern Internet, then selfish-clever, thieving, control-oriented militaristic jerks from WINDOWS filled the content with WINDOWS virus activity to play cheap stealing tricks on unsuspecting people. And you call it "the Internet" .. it has nothing to do with "the Internet" as much as the cheap and aggressive culture of BS from WINDOWS at that time
It would be more fair to criticize the corporate culture at Microsoft in the 90s that led to this situation.
They simply didn't really care. If another OS was dominant, it is easy to argue that fundamental security issues could have been addressed in a better fashion, if management wanted it to be so.
To wit, this is the same era of computing that spawned OpenBSD. You can't say with a straight face that OpenBSD would have been brought down by oversized ping packets or be allowed to accept traffic out of the box like Windows was.
> I can't remember which version of windows but it must have been 98 or ME, you had to rush to download and install a patch when you connected it first to the internet before one of these exploits would make it crash.
Much more than that. With Windows 95, you could send an illegal ICMP with a simple "ping.exe -l 65510 victim.host.ip.address". Your Windows 95 might crash/misbehave after that, but not always.
The receiving end, the destination IP, on the other hand... These would panic, crash, dump, hang or reboot: Windows, MacOS, Netware, AIX, Linux, DEC Unix, Nextstep, OpenVMS, SCO Unix, HP-UX, Convex OS, Solaris.
It was very funny in the very first hours, the little toy Win95 machines obliterating all those big, expensive Unix servers on the network.
That was the precise moment when we started filtering ICMP echo on the routers. Hardly anyone did this before.
Earlier versions of Windows (98? 95?) also used to share things like drives (C$, D$) and printers with the dial-up connection by default.
I remember connecting to a printer of a classmate over the internet and printing a page, to his surprise. All you needed was the IP, which was trivial to get from ICQ, back in the days.
There was a time when you could SMB mount shares from servers at MS over the public internet (and e.g. do things like download alphas and betas that were not visible on the ftp server).
I remember early Bitcoin exchanges that had everything stolen because they left all of their unencrypted private keys on SMB shares that were left visible to the Internet. IIRC this is what finally took down MtGox, almost 20 years after the release of Windows 95. Some people never learn.
What was more fun when the spammers figured out 'net send'. I showed that to one guy I worked with and that thing had a nasty bug. If you got one of the parameters wrong it would send a message to every computer on the domain. He had to explain to the top guys why they had funny messages on their screen.
When I was at the university and without a fully developed frontal lobe I thought it was a great idea to test this in the lab.
Ended up creating a "battleship"-like game. Two people, each trying to crash the other's machine. Since the IPs were randomly assigned by DHCP and for some inexplicable reason changed frequently (every day or so), we would be trying to guess what the other machine's IP was.
Given how they were physically arranged, we were able to see the machines blue screening (but not always fully crashing).
Of course, there was a lot of collateral damage as some machines were in used by people that weren't part of the 'game'. Thankfully, most of the time they didn't fully crash. Most of the time.
Ah, the good ole days of "hey what's your IP address?" followed by typing those four magical numbers into Winnuke and then watching a person just drop off ICQ. Still makes me chuckle. That worked for years.
Oh I remember those times. There was a guy in high-school 2 years younger that one day shown me that he wrote a C implementation of WinNuke on the school Unix server and he was then crashing Windows PCs in the lab for fun.
He was a really smart guy and AFAIK he's been working at Google for a few years now (maybe he's on HN even?)
I remember when CdC released Back Orifice to remote control Windows machines, like ejecting CDROM and such [1]. We really did come a long way, where 0-days go for 20 million dollars. [2].
I was managing a few labs full of machines used for training on NT4 which meant I was frequently re-imaging and could use effective remote control capability. Back Orifice was, at the time, the absolute best remote admin solution available for free. I could deploy it in the image and then use it to kick off reimage process, reboot, log out a student, or monitor their screen from the teacher's desk to share on the attached TV. It really was a handy tool for remote admin tasks.
Could also disable certain keys on victims keyboard. Did that in the office a bunch was hilarious watching co workers who had no idea what was going on. Perfect for a Monday morning.
I may or may not have known someone who wrote a shell script with the linux BO client to reset Windows machines' home pages to a porn site that paid a dollar for every unique clickthrough in IP ranges that were in specific foreign countries.
This person might have earned several hundred dollars each month for several months afterward. But opening their cdrom tray could have been fun too. He probably wishes he had thought of that.
My favorite 'thing' for historical windows was that accessing "C:\con\con" was an instant BSOD (Even over file sharing, or even over an image URL pointing to "file://C:/con/con")
I had my Mac exposed on the public Internet around 2021/22, and I expected to be hacked instantly, but nothing actually happened. Times really have changed.
The feeling of being able to chat with friends over nc was pretty powerful, though.
