Solved

xp mode

Posted on 2014-03-10
13
601 Views
Last Modified: 2014-03-14
at work we are almost done getting all computers to windows 7.
there are a few stragglers mainly because of legacy software that we still have to use. And this legacy software doesn't work with compatibility mode. I was thinking that maybe using XP mode would be the way to go. However, I'm I correct to say that even though XP mode is a virtual environment, it is still vulnerable?
Or can you "isolate" XP mode so that it can not interact with Win7?
If you can do something like that, my vision would be to just run the legacy app in XP mode, not to have a full blown virtual XP mode "pc" running the application.
0
Comment
Question by:JeffBeall
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
  • 3
  • +2
13 Comments
 
LVL 2

Assisted Solution

by:dronethought
dronethought earned 125 total points
ID: 39919363
I just posted a similar question...popular subject. I have xpmode running with access to the internet so xpmode is updated but I am closing internet access for xpmode... coming up. I have the xpmode pc joined to my domain and it has it's own seperate IP address. I am not bridging the connection, the xpmode pc is just as real as a physical xp computer. With that said, I am stilling using a strong antivirus/firewall.

Remove all adobe products off XPMODE...first and foremost. No flash, no Reader. Block all ports except for the port you need for your legacy app. You no longer have to update XP after next month. And yes, xpmode is vulnerable. For example, if Windows 7 is known to have a flaw and Windows 7 is based on some of xp, then an attach on Windows 7 also can attack xpmode. If the fix is not in on Windows 7, xp most likely does not have the fix either. Make sure xpmode does not have JAVA insalled, no Apple products, etc. I would not even run any browser in XPMODE after next month. The problem is my xpmode machines have access to the server...so it is difficult to cover all bases.
J
0
 
LVL 17

Accepted Solution

by:
bigeven2002 earned 125 total points
ID: 39919370
Hello,

Short answer, yes it is possible to still be vulnerable, as Windows 7 will always need to communicate with XP mode.  There could still be unpatched flaws that allow access to the virtual environment from the parent OS.

Does the legacy app depend on an Internet connection?  If not, then XP can be isolated to an extent.

First, you would have to disable the integration features that are on by Default when installing XP mode.  This more or less separates XP from Windows 7 to where it just simply becomes a Virtual Machine.

Then in the XP machine settings, you can disable the network by setting the adapter to Not Connected, so that it is pretty much isolated and only Windows 7 can communicate with it via RPC.  That's probably as good as it will get unless others have a better idea.

If your legacy app depends on network connectivity, then obviously this method will not work.

disable integration featuresvirtual network settings
0
 
LVL 1

Author Comment

by:JeffBeall
ID: 39919380
I haven't run XP mode in a long time and forgot about the network bridging thing.
I totally agree, I would NOT have anything like flash, or java in the XP environment. Lucky for me, I think the legacy only needs to run software off a CD, and I think once the software is installed, it doesn't need access to anything like the internet or servers.
So I think I could really isolate XP mode.
Are there actually steps to isolate XP mode? Kind of a check list of things to do?
0
Optimize your web performance

What's in the eBook?
- Full list of reasons for poor performance
- Ultimate measures to speed things up
- Primary web monitoring types
- KPIs you should be monitoring in order to increase your ROI

 
LVL 1

Author Comment

by:JeffBeall
ID: 39919384
sorry bigeven2002, I was typing my response and when i uploaded it, I saw your response.
Thanks for the advise, I didn't know about the integration thing, That sounds promising.
0
 
LVL 2

Expert Comment

by:dronethought
ID: 39919587
Thank you bigeven2002. I did not know this either.
J
0
 
LVL 96

Assisted Solution

by:Experienced Member
Experienced Member earned 125 total points
ID: 39919668
I have an XP Machine on my Windows 8 box and I run anything in it that I want to. Since it is only used for a few things (which is your situation), I protect it with Microsoft Security Essentials. That works fine.
0
 
LVL 55

Assisted Solution

by:McKnife
McKnife earned 125 total points
ID: 39919750
You need to consider the following: what is xp mode? XP mode is remoteApp technology. So turning off the network connection in xp will break it. Anyone suggesting that has not understood how xp mode works. RDP is used to communicate with the virtual xp***, so that port is open at least. What you can do is us the firewall on xp to limit access to port 3389 /RDP) to your host machine if that is not even done by default setting up xp mode.

You will need to think about how a computer (no matter if virtual or not) exposes itself to an attacker: if xp has no open ports but 3389 and that is only being accessable by your host, then where's the problem?
If however on xp you deal with potentially infected files or specially crafted files that trigger exploits on xp, then it can get infected and you cannot be safe anymore. So it depends on how you interact with it. If you use an application and you are sure that the contents you work with are only "home made", then I'd say you are safe to use xp mode.

***if used as Microsoft advertises it: seamless integration. If you use the xp vm interactively ("full vm session"), then RDP is not used and not network is required.
0
 
LVL 2

Expert Comment

by:dronethought
ID: 39921345
Thank you McKnife. Every interesting!! I did not know.
J
0
 
LVL 17

Expert Comment

by:bigeven2002
ID: 39922348
Sure thing.

@McKnife
I am not sure how you have XP mode setup, but I can run it on my Windows 7 box with the network adapters disabled just fine.  So there is no RDP or port 3389 dependency here.

As you can see from my screenshot, no network connection and no network adapters in device manager, and XP is running fine.
XP mode no network
0
 
LVL 55

Expert Comment

by:McKnife
ID: 39922700
Bigeven, please read the part with asterisks more carefully.
0
 
LVL 17

Expert Comment

by:bigeven2002
ID: 39922708
Seems I misunderstood your post McKnife.  Thank you for the clarification.  Cheers.
0
 
LVL 1

Author Closing Comment

by:JeffBeall
ID: 39929561
thank you for the help.
0
 
LVL 96

Expert Comment

by:Experienced Member
ID: 39929915
@JeffBeall - Thank you and I was happy to help.
0

Featured Post

IoT Devices - Fast, Cheap or Secure…Pick Two

The IoT market is growing at a rapid pace and manufacturers are under pressure to quickly provide new products. Can you be sure that your devices do what they're supposed to do, while still being secure?

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Today, still in the boom of Apple, PC's and products, nearly 50% of the computer users use Windows as graphical operating systems. If you are among those users who love windows, but are grappling to keep the system's hard drive optimized, then you s…
Assume you have an outside contractor who comes in seasonally or once a week to do some work in your office, but you only want to give him access to the programs and files he needs and keep all other documents and programs private. Can you do this o…
Windows 8 comes with a dramatically different user interface known as Metro. Notably missing from the new interface is a Start button and Start Menu. Many users do not like it, much preferring the interface of earlier versions — Windows 7, Windows X…
This Micro Tutorial will teach you how to change your appearance and customize your Windows 7 interface to your unique preference. This will be demonstrated using Windows 7 operating system.
Suggested Courses

626 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question