XP SP3 no AV or windows FW

Discussion in 'other security issues & news' started by 1nvad3r, Jul 13, 2009.

Thread Status:
Not open for further replies.
  1. 1nvad3r

    1nvad3r Registered Member

    Aug 8, 2008
    I'm just curious if a XP SP3 computer with no AV, windows FW turned off, no FW router, and connected to a public internet, not doing anything, would get any malware?
  2. Cudni

    Cudni Global Moderator

    May 24, 2009
    Eventually yes
  3. the Tester

    the Tester Registered Member

    Jul 28, 2002
    The Gateway to the Blue Hills,WI.
    Yes. And probably in short order.
  4. Fly

    Fly Registered Member

    Nov 1, 2007
    Not that long ago, I read on this forum that, at least in theory, you don't need a firewall.

    As long as you have no services listening (default?), no firewall for inbound protection would be necessary.

    I'm not saying I believe that.

    Would anyone care to comment ?

    (Btw, I use Windows XP Home Edition service pack 2)
  5. Joeythedude

    Joeythedude Registered Member

    Apr 19, 2007
    Other thread is here.

    If its got the default windows services settings then probably yes.

    If some of these are turned off then probably not.
    There would be 2 risks left I know of
    1. a new vulnerability is found in the services you still have running.
    2. an application on the PC opens a port.

    Its a bit of a grey area to me though. :)

    For example I originally thought the idea of port being open was analogous to a door being open.
    Now I think it can cover 2 very different senarios
    1. opening a door without expecting anyone and then leaving it open to let anyone in.
    2. After hearing the knock from outside ,open the door to let someone you expected in.

    1 - would be, say a windows service works.
    2 - the way a browser works.
    Both open a port but the security risks that result are very different.
  6. 1nvad3r

    1nvad3r Registered Member

    Aug 8, 2008
    k i understand, minimum is having a firewall if listening services r left at default.
  7. wat0114

    wat0114 Guest

    I tend to agree with this. I have only three processes listening: alg.exe. jqs.exe and DKservice.exe listening when no programs are open. I'm willing to bet I could have this laptop sit on a public network for a very long time before it succumbs to attacks. Of course this is only conjecture on my part, but I feel confident it's not all that vulnerable in its present state. it is running a reduced services profile and problem port 445 is disabled

    Attached Files:

  8. Mrkvonic

    Mrkvonic Linux Systems Expert

    May 9, 2005
    If you have no ports open, no.
    If you have ports open, maybe, depending on patches and such.

    Gullible, your link is from 2004 ... SP2 was only starting to get baked then. The question was about SP3.

Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.