Capturing an unpatched Windows XP image

[Evelio Quiros <ev...@fiu.edu>]

Sorry, used the wrong subject line before:

>
>Hello group,
>
>I may have mentioned this before, so bear with me.
>
>I would like to deploy an unpatched Windows XP OS for a hacking class.
>This is used as a target to launch several well-known exploits by
>students.
>
>The problem is when I try to configure Cygwin, I get a failure in setting
>the Windows Firewall.
>
>That is because there is no Windows Firewall in this early version of XP.
>
>Is there a known fix for this ? Can I 'safely' (relatively) comment out
>the sections of the config file that deal with the Firewall ?
>
>I know this is an unsafe system, but that's the point. We need this to
>show students the importance of updating their OS and protecting
>themselves from attack.
>
>Any idea how I can capture this unpatched image ?
>
>Thanks,
>Al Quiros
>Florida International University
>

Re: Capturing an unpatched Windows XP image

[Mike Haudenschild <mi...@longsight.com>]

I've successfully captured an XP image with the firewall turned OFF (i.e.
the service is disabled), so I imagine this wouldn't be much different in
that regard.

Now, NOT having those system calls available to the script at all (i.e.
your old/unsupported version of XP) might cause the script to hang/error
out, and there may be other known or unknown compatibility issues with
other parts of VCL for non-updated XP.

Does the Cygwin script complete?  Or does it terminate after that error?


On Wed, Aug 8, 2012 at 10:58 AM, Evelio Quiros <ev...@fiu.edu> wrote:

> Can anyone comment on this please ?
> Thanks,
> Al Q
>
>
> On 8/7/12 2:44 PM, "Evelio Quiros" <ev...@fiu.edu> wrote:
>
> >Sorry, used the wrong subject line before:
> >
> >>
> >>Hello group,
> >>
> >>I may have mentioned this before, so bear with me.
> >>
> >>I would like to deploy an unpatched Windows XP OS for a hacking class.
> >>This is used as a target to launch several well-known exploits by
> >>students.
> >>
> >>The problem is when I try to configure Cygwin, I get a failure in setting
> >>the Windows Firewall.
> >>
> >>That is because there is no Windows Firewall in this early version of XP.
> >>
> >>Is there a known fix for this ? Can I 'safely' (relatively) comment out
> >>the sections of the config file that deal with the Firewall ?
> >>
> >>I know this is an unsafe system, but that's the point. We need this to
> >>show students the importance of updating their OS and protecting
> >>themselves from attack.
> >>
> >>Any idea how I can capture this unpatched image ?
> >>
> >>Thanks,
> >>Al Quiros
> >>Florida International University
> >>
> >
>
>

Re: Capturing an unpatched Windows XP image

[Aaron Peeler <fa...@ncsu.edu>]

Resending to the user mailing list. I forgot to reply-all

-Aaron

On Thu, Aug 9, 2012 at 8:24 AM, Aaron Peeler <fa...@ncsu.edu> wrote:
> Hi Al,
>
> This is possible and not really a fix, but local custom change to
> remove the firewall dependency. You would need to modify the code that
> deals with the firewall and make it conditional instead of failing it.
>
> if( has firewall ) make use of it
> else ( ignore) and proceed with the reservation.
>
> There are a couple of locations in the OS modules that would need to be updated.
> /usr/local/vcl/lib/VCL/Module/OS/*
>
> I'm not sure exactly of the routines that depend on the firewall, but
> it should be pretty easy to find. in searching for netsh and iptables
> commands.
>
> This would likely be a local custom change that you'd have to keep
> maintained if only using for windows. If the group felt this was a
> feature that could be useful for long-term use. Then we would need to
> create a jira feature request.
>
> -Aaron
>
>
> On Wed, Aug 8, 2012 at 10:58 AM, Evelio Quiros <ev...@fiu.edu> wrote:
>> Can anyone comment on this please ?
>> Thanks,
>> Al Q
>>
>>
>> On 8/7/12 2:44 PM, "Evelio Quiros" <ev...@fiu.edu> wrote:
>>
>>>Sorry, used the wrong subject line before:
>>>
>>>>
>>>>Hello group,
>>>>
>>>>I may have mentioned this before, so bear with me.
>>>>
>>>>I would like to deploy an unpatched Windows XP OS for a hacking class.
>>>>This is used as a target to launch several well-known exploits by
>>>>students.
>>>>
>>>>The problem is when I try to configure Cygwin, I get a failure in setting
>>>>the Windows Firewall.
>>>>
>>>>That is because there is no Windows Firewall in this early version of XP.
>>>>
>>>>Is there a known fix for this ? Can I 'safely' (relatively) comment out
>>>>the sections of the config file that deal with the Firewall ?
>>>>
>>>>I know this is an unsafe system, but that's the point. We need this to
>>>>show students the importance of updating their OS and protecting
>>>>themselves from attack.
>>>>
>>>>Any idea how I can capture this unpatched image ?
>>>>
>>>>Thanks,
>>>>Al Quiros
>>>>Florida International University
>>>>
>>>
>>
>
>
>
> --
> Aaron Peeler
> Program Manager
> Virtual Computing Lab
> NC State University
>
> All electronic mail messages in connection with State business which
> are sent to or received by this account are subject to the NC Public
> Records Law and may be disclosed to third parties.



-- 
Aaron Peeler
Program Manager
Virtual Computing Lab
NC State University

All electronic mail messages in connection with State business which
are sent to or received by this account are subject to the NC Public
Records Law and may be disclosed to third parties.

Re: Capturing an unpatched Windows XP image

[Aaron Peeler <fa...@ncsu.edu>]

Hi Al,

This is possible and not really a fix, but local custom change to
remove the firewall dependency. You would need to modify the code that
deals with the firewall and make it conditional instead of failing it.

if( has firewall ) make use of it
else ( ignore) and proceed with the reservation.

There are a couple of locations in the OS modules that would need to be updated.
/usr/local/vcl/lib/VCL/Module/OS/*

I'm not sure exactly of the routines that depend on the firewall, but
it should be pretty easy to find. in searching for netsh and iptables
commands.

This would likely be a local custom change that you'd have to keep
maintained if only using for windows. If the group felt this was a
feature that could be useful for long-term use. Then we would need to
create a jira feature request.

-Aaron


On Wed, Aug 8, 2012 at 10:58 AM, Evelio Quiros <ev...@fiu.edu> wrote:
> Can anyone comment on this please ?
> Thanks,
> Al Q
>
>
> On 8/7/12 2:44 PM, "Evelio Quiros" <ev...@fiu.edu> wrote:
>
>>Sorry, used the wrong subject line before:
>>
>>>
>>>Hello group,
>>>
>>>I may have mentioned this before, so bear with me.
>>>
>>>I would like to deploy an unpatched Windows XP OS for a hacking class.
>>>This is used as a target to launch several well-known exploits by
>>>students.
>>>
>>>The problem is when I try to configure Cygwin, I get a failure in setting
>>>the Windows Firewall.
>>>
>>>That is because there is no Windows Firewall in this early version of XP.
>>>
>>>Is there a known fix for this ? Can I 'safely' (relatively) comment out
>>>the sections of the config file that deal with the Firewall ?
>>>
>>>I know this is an unsafe system, but that's the point. We need this to
>>>show students the importance of updating their OS and protecting
>>>themselves from attack.
>>>
>>>Any idea how I can capture this unpatched image ?
>>>
>>>Thanks,
>>>Al Quiros
>>>Florida International University
>>>
>>
>



-- 
Aaron Peeler
Program Manager
Virtual Computing Lab
NC State University

All electronic mail messages in connection with State business which
are sent to or received by this account are subject to the NC Public
Records Law and may be disclosed to third parties.

Re: Capturing an unpatched Windows XP image

[Evelio Quiros <ev...@fiu.edu>]

Can anyone comment on this please ?
Thanks,
Al Q


On 8/7/12 2:44 PM, "Evelio Quiros" <ev...@fiu.edu> wrote:

>Sorry, used the wrong subject line before:
>
>>
>>Hello group,
>>
>>I may have mentioned this before, so bear with me.
>>
>>I would like to deploy an unpatched Windows XP OS for a hacking class.
>>This is used as a target to launch several well-known exploits by
>>students.
>>
>>The problem is when I try to configure Cygwin, I get a failure in setting
>>the Windows Firewall.
>>
>>That is because there is no Windows Firewall in this early version of XP.
>>
>>Is there a known fix for this ? Can I 'safely' (relatively) comment out
>>the sections of the config file that deal with the Firewall ?
>>
>>I know this is an unsafe system, but that's the point. We need this to
>>show students the importance of updating their OS and protecting
>>themselves from attack.
>>
>>Any idea how I can capture this unpatched image ?
>>
>>Thanks,
>>Al Quiros
>>Florida International University
>>
>

Re: Capturing an unpatched Windows XP image

[Evelio Quiros <ev...@fiu.edu>]

Can anyone comment on this please ?
Thanks,
Al Q


On 8/7/12 2:44 PM, "Evelio Quiros" <ev...@fiu.edu> wrote:

>Sorry, used the wrong subject line before:
>
>>
>>Hello group,
>>
>>I may have mentioned this before, so bear with me.
>>
>>I would like to deploy an unpatched Windows XP OS for a hacking class.
>>This is used as a target to launch several well-known exploits by
>>students.
>>
>>The problem is when I try to configure Cygwin, I get a failure in setting
>>the Windows Firewall.
>>
>>That is because there is no Windows Firewall in this early version of XP.
>>
>>Is there a known fix for this ? Can I 'safely' (relatively) comment out
>>the sections of the config file that deal with the Firewall ?
>>
>>I know this is an unsafe system, but that's the point. We need this to
>>show students the importance of updating their OS and protecting
>>themselves from attack.
>>
>>Any idea how I can capture this unpatched image ?
>>
>>Thanks,
>>Al Quiros
>>Florida International University
>>
>