Can your cab connect to the internet?

[danny_galaga]

While I can follow the logic, I find it interesting that so many people seem to think that the only way to keep a computer virus free is to keep it off of the internet.

NO, but it's the easiest way. And some of us might get in a spot of bother from certain corporations should we hook up to the net and accidentally update

[leapinlew]

If you want to see it in action. Put an unpatched Windows XP system straight on the internet with no firewall, service packs, antivirus and a real IP.

How long should I keep it on for? At what time could I turn it off and say this test is done? I have a spare laptop. I can install Windows Xp (Not even SP1!), nothing else, and plug it directly into the cable modem.

Given an infinite amount of time, an infinite amount of monkeys can write Shakespeare, apparently, but what if they had a timeframe? The test is impossible, because if I leave it for a day, or a week, You'll say I didn't leave it on long enough.

Do me a favor, don't put words in my mouth.

Just give it a night, but before you do this, you should lookup how long the average infection time is for an unprotected system on the internet. You should have conficker or MSBlast in no time.

Honestly, I don't care if you think a virus can infect you or not, just because you are an individual. I know they can infect your machine without you doing anything to get them. It's happened to me. Just because something doesn't happen to you, doesn't mean it doesn't happen.

[Sjaak]

Infection time for a unprotected XP system (without service packs) is very small (I think it's within hours). But most pc's are not directly connected to the internet, but are behind some sort of NAT router which will stop direct attacks.

[leapinlew]

Infection time for a unprotected XP system (without service packs) is very small (I think it's within hours). But most pc's are not directly connected to the internet, but are behind some sort of NAT router which will stop direct attacks.

Agreed. However, I'm just trying to demonstrate that you don't have to actively do something to get infected and if you run a network in your home where people connect (via wifi or wire) you can expose your machine very easily. scofthe7seas is under the impression that you have to do something for your machine to get infected and it's simply not true. For the record, I have no ill feelings towards Scofthe7seas. I don't appreciate him saying I would say something, but I'm not mad about it.

This relates to MAME cabs being connected to the internet since you would have to do extra maintenance on the arcade cabinet to ensure it's up to date and not vulnerable to the latest worms which could impact the machines performance.

[leapinlew]

@Leapinlew
no what you describe would be "no internet safety needed", and it's not an never ending battle at least not on my end, that's why I pay company's for their software so the never ending battle is on their end, for the average joe consumer internet safety is a joke just follow your common sense keep your software/virus protection up to date, and you won't have an issue, and the only time you will have an issue is when you doing or looking at something on the net that 1. you probably shouldn't be doing anyways, 2. is illegal in your state/country.  It's that simple no amount of arguing or saying conficker is the devil is going to change it.

Like I have said I completely understand people not hooking their cabs to the net, I also just want to set it and forget it without having to worry about updating/patching..ect  But I also don't want people to think "and there a few people out there somewhere that will" that if they do connect their cab to the net that some how a virus is going to magically find it's way into their home network and steal all your financial data.

You're part of the problem. People think they are safe cause they spent $40 on a program to protect them. If it were SO easy, I would be out of a job. I'm glad you only get a few viruses, and your buddies get a lot more. Good for you.

Sorry dude, the rules for how to avoid phishing attacks keep changing as phishers get more sophisticated. The rules on what software to protect you keeps changing. The rules for how to behave on the internet keep changing. To act as if it's as simple as spending a few bucks and your protected is asinine.

Because the likelihood of that happening almost zero.

I know how to make it 0.   The odds of someone breaking into my house are almost 0 too, but I still lock my door. I bet you do too.

In short, your better off taking extra unneeded security precautions than trying to get by with just enough.

[Sjaak]

True. You don't have to do anything to get infected. And if another pc behind your router/firewall gets infected with a worm, you're screwed as well...

I do have network cards in my cabs, but I used them for configuration only. And I have virusscanners for all other pc's in the same network.

[scofthe7seas]

Do me a favor, don't put words in my mouth.

Quite right. Out of line and I apologize.
Like I said though, I don't declare it impossible. I just feel its very very unlikely. I will hook up the laptop tomorrow and leave it overnight. I'll run a scan sometime this weekend and report. I'm not saying the findings will be definitive proof, but it'll just put to rest some questions about timeframe at least, and perhaps chance.
Mind you, I absolutely have virus scan software on my personal computer. So, I'm not against the idea of viruses (virii?) existing and being a problem. I've been a computer tech for 15 years, and in all my time I've never seen anything to suggest a virus attack that came from nothing. Even when xp was new. Even when those damned worms came out that would shut down your pc in 10...9....8....7...

A question though; The pc you experienced the virus attack from doing nothing. Did you literally do nothing for the entire time it was fresh and virus free, until you were infected? No browsing, no anything?

[severdhed]

both of my cabinets are on wifi, mainly just for ease of administration over vnc.  I'm one of those people that no matter how well it is working, i am always tweaking my cabinets and doing different things to them.  they are both older PCs, (p4 3ghz, 2gb ram) running windows xp sp3 and Panda cloud antivirus.  Automatic updates are turned off. I dont have weird people bringing infected pcs to my house and plugging them into my network, and my wifi is encrypted.  i keep all of my other computers up to date with security patches and run full virus scans nightly (AVG, MSE, Panda).  I periodically run scans on my mame cabinets with Panda and Malwarebytes.  I also periodically mirror my mame cabinets to another spare hard drive, just in case there would be a problem.

i don't get viruses on my systems, it just doesn't happen to me.  I am an IT Consultant, i fix dozens of infected computers every week, and it amazes me how many people get infected....i just can't figure out how they do it.  It isn't that difficult to keep your computers clean...just a little common sense and some free software. ( and staying away from limewire and crap like that).

[Smeghead]

Dont do it! networking causes SO MUCH overhead plus with NO networking, you dont need the other number one resource hogging thing - antivirus

[Haze]

If you want to see it in action. Put an unpatched Windows XP system straight on the internet with no firewall, service packs, antivirus and a real IP.

How long should I keep it on for? At what time could I turn it off and say this test is done? I have a spare laptop. I can install Windows Xp (Not even SP1!), nothing else, and plug it directly into the cable modem.

Given an infinite amount of time, an infinite amount of monkeys can write Shakespeare, apparently, but what if they had a timeframe? The test is impossible, because if I leave it for a day, or a week, You'll say I didn't leave it on long enough.

Do me a favor, don't put words in my mouth.

Just give it a night, but before you do this, you should lookup how long the average infection time is for an unprotected system on the internet. You should have conficker or MSBlast in no time.

Honestly, I don't care if you think a virus can infect you or not, just because you are an individual. I know they can infect your machine without you doing anything to get them. It's happened to me. Just because something doesn't happen to you, doesn't mean it doesn't happen.

At peak it was something like 20-30 seconds!  (you didn't even have time to do online patching of the machine)  Spread was IIRC pretty much exponential, every infected machine would try to infect other machines with similar IP addresses etc., nasty, nasty stuff if you weren't behind a proper firewall.  Probably less these days because XP share is much reduced, and most people actually have the service packs etc. installed.  Still a few idiots do hold out, connect their machines to the internet and act completely oblivious to the problems they're causing.  You didn't have to do anything to get infected, just connect the machine to the internet and leave it, in many cases you wouldn't even know you were infected unless you monitored your outgoing traffic.

Anyway, no, if you're not going to be actively patching a machine then you shouldn't have it connected to the internet, period.

Actively patching something like a MAME cab could introduce other problems if some of the patches break functionality that certain frontends rely on, or even in some cases MAME (see the number of people having problems with that crappy hacked up shooter build based on 0.99 and full patched Win7 64-bit boxes)

Therefore I conclude, cabs are best kept offline.

I wonder how many commercial games with internet connections, running Windows based OS's are actually infected with this type of crap (I'd hope the embedded versions don't have the exploited services enabled, but you never know)

[spoot]

A question though; The pc you experienced the virus attack from doing nothing. Did you literally do nothing for the entire time it was fresh and virus free, until you were infected? No browsing, no anything?

I did this once on a pc that was going to be rebuilt from scratch anyways when I was bored.  Fresh install of XP with no nat/firewall between it and the internet.  It was totally hosed in less than a day.   

Hell, my websites/forums/etc get attacked pretty much 24/7/365..script kiddies need to die a horrible death.   

[scofthe7seas]

We'll see we'll see!
My old laptop is such crap. I actually have to reconnect the power connector inside of the damn thing. It popped out and was hanging out at the bottom of the box where it was stored. The thing is so beat up, but still ticking. I bet any viruses will be too afraid to tangle with it.
That's the test though, Windows XP, no service pack, no patches, no firewall, no antivirus, for 24 hours.
I will absolutely own up if it does come out infected, but until them, my skepticism is in full effect.

[Benevolance]

I've got my cabinet internet enabled, because it gets used for lots of purposes aside from arcade games. I'd figure that most people these days have a router/firewall setup on their network - I was under the assumption that a good router is usually sufficient to stop those broad-based attacks like conficker? Am I wrong? We've never had problems with viruses on our network, so maybe I'm being a bit naive.

Also, Lew was talking about the possibility of someone infected jumping onto his wireless connection...are you running an unsecured wireless connection? Or is it easy for someone to jump onto a secured network?

[leapinlew]

Also, Lew was talking about the possibility of someone infected jumping onto his wireless connection...are you running an unsecured wireless connection? Or is it easy for someone to jump onto a secured network?

Neither, I have a lot of company and everyone travels with laptops anymore.

A firewall does a good job of hiding your computer from worms.

[Haze]

We'll see we'll see!
My old laptop is such crap. I actually have to reconnect the power connector inside of the damn thing. It popped out and was hanging out at the bottom of the box where it was stored. The thing is so beat up, but still ticking. I bet any viruses will be too afraid to tangle with it.
That's the test though, Windows XP, no service pack, no patches, no firewall, no antivirus, for 24 hours.
I will absolutely own up if it does come out infected, but until them, my skepticism is in full effect.

Well it's well documented, being skeptical about it is like claiming the grass is blue and the sky is green.

This seems to cover most of it
http://www.wizcrafts.net/ans/constant_rebooting.html

Might not be as bad now (many ISPs will filter it out specifically) but back in the day it was lethal on an unpatched XP / 2000 box and it's entirely possibly that somebody will find a similar exploit in the codebase today, meaning if you're not up to date with the latest patches your box will simply be hijacked.  Rather important to learn from the lessons of the past.

As pointed out, this can result in people installing hidden FTP servers on your machine, and distributing all kinds of nasty crap via them.

It's incredibly naive to take the approach that you can only get a virus by running a nasty attachment / application and while modern versions of the operating systems do provide several extra layers of security exploits are still found daily, practically every common file and document format used by PCs today has been exploited to cause code execution at some point as well as a fair number of the communication protocols due to poorly coded software handling them.

[leapinlew]

practically every common file and document format used by PCs today has been exploited to cause code execution at some point as well as a fair number of the communication protocols due to poorly coded software handling them.

Amen to that!

We've seen Adobe reader pretty hard with buffer overflow code execution exploits. From a network admin/home user standpoint it's a serious pain to keep the latest versions of all the applications up to date, not to mention the OS and drivers. In my household, I can't imagine adding my mame machines to the mix.

If someones house consists of a couple computers. I suppose sitting behind a firewall, someone could feel relatively secure. I just don't see the point.

[skewba98z28]

Internet access via wireless. Its awesome updating systems and doing maintenance via remote desktop from work. 

[scofthe7seas]

Well it's well documented, being skeptical about it is like claiming the grass is blue and the sky is green.

This seems to cover most of it
http://www.wizcrafts.net/ans/constant_rebooting.html

Might not be as bad now (many ISPs will filter it out specifically) but back in the day it was lethal on an unpatched XP / 2000 box and it's entirely possibly that somebody will find a similar exploit in the codebase today, meaning if you're not up to date with the latest patches your box will simply be hijacked.  Rather important to learn from the lessons of the past.

As pointed out, this can result in people installing hidden FTP servers on your machine, and distributing all kinds of nasty crap via them.

It's incredibly naive to take the approach that you can only get a virus by running a nasty attachment / application and while modern versions of the operating systems do provide several extra layers of security exploits are still found daily, practically every common file and document format used by PCs today has been exploited to cause code execution at some point as well as a fair number of the communication protocols due to poorly coded software handling them.

I feel pretty certain that you didn't read this entire thread before posting.
At no point did I say that any kind of file hasn't been infected in the past. This is something I know as well. I also was specifically talking about this day and age. I even mentioned that ISPs will specifically have internal firewalls up to block known issues like the blaster worm. I even mentioned the blaster worm specifically! (I didn't call it by name, but I did describe how it operates.)
I haven't said it hasn't happened in the past. I said I've never seen a case of it happening for no reason. I said (in the context of today) that any worm that propagates by IP sniffing will quickly be stopped. It's highly detectable these days.
I am still skeptical about the fruits of my experiment. For you to compare it to utter unbelievable nonsense is rude. I’m not skeptical of documented fact, nor did I imply that I was. I just don't see that sort of thing being an issue today, and I am completely willing to test it out, and willing to admit if I'm proven wrong. I don't appreciate the hostility, or the condescension.

[Sjaak]

We'll see we'll see!
My old laptop is such crap. I actually have to reconnect the power connector inside of the damn thing. It popped out and was hanging out at the bottom of the box where it was stored. The thing is so beat up, but still ticking. I bet any viruses will be too afraid to tangle with it.
That's the test though, Windows XP, no service pack, no patches, no firewall, no antivirus, for 24 hours.
I will absolutely own up if it does come out infected, but until them, my skepticism is in full effect.

And is it connected directly to your modem? Or in other words does it have a 'real internet' ip address and not a internal address (192.*.*.* or 10.*.*.*)?

[gabe]

We'll see we'll see!
My old laptop is such crap. I actually have to reconnect the power connector inside of the damn thing. It popped out and was hanging out at the bottom of the box where it was stored. The thing is so beat up, but still ticking. I bet any viruses will be too afraid to tangle with it.
That's the test though, Windows XP, no service pack, no patches, no firewall, no antivirus, for 24 hours.
I will absolutely own up if it does come out infected, but until them, my skepticism is in full effect.

And is it connected directly to your modem? Or in other words does it have a 'real internet' ip address and not a internal address (192.*.*.* or 10.*.*.*)?

That's not really necessary, he could simply set his notebook to be a DMZ host, which would achieve the same effect (assuming no ports were forwarded to other hosts on his network).

[HaRuMaN]

[gabe]

[scofthe7seas]

Hahaha, this is EXACTLY my issue. I have to admit it, on other boards I have to seriously resist the temptation to write how i feel or think because it will only result in attacks, which usually somehow devolve into religeous or racist discussions.
That's one of the reasons I really like it here. The people are usually very friendly and open for actual arguement and discussion. I absolutely will admit I am wrong - if the test I am going to do comes up as some expect. But I am going to see for myself.

@Sjaak

I am going to plug it directly into the cable modem, no router.

[Sjaak]

@Sjaak

I am going to plug it directly into the cable modem, no router.

Good luck, you're a brave man. And to everyone else: never plug your pc directly in the modem without proper protection

[HaRuMaN]

It's always fun to make a honeypot and set it up...

[scofthe7seas]

Good luck, you're a brave man. And to everyone else: never plug your pc directly in the modem without proper protection

It's not like it's my personal use Pc!
I'm specifically installing windows XP SP0 for this test.

The flipping thing has PS2 ports on it. (No offence to people with jenky old PCs )

[bkenobi]

The flipping thing has PS2 ports on it. (No offence to people with jenky old PCs )

The PS2 port is still provided on many systems.  It's not as common on laptops (especially the smaller netbook style systems), but desktop systems definitely still provide them to some degree.  Just looking at a random motherboard on NewEgg (the first ASUS board on their list since that's a well known, high end brand), I see a PS2 port.

http://www.newegg.com/Product/Product.aspx?Item=N82E16813131654

Even the most expensive AMD board listed on NewEgg (a $250 Gigabyte) has a PS2.  I wouldn't expect that every board would, but PS2 isn't a litmus test for how old a machine is.

 

[leapinlew]

Even the most expensive AMD board listed on NewEgg (a $250 Gigabyte) has a PS2.  I wouldn't expect that every board would, but PS2 isn't a litmus test for how old a machine is.

I think it is for laptops

[Malenko]

Mine is on dial up.


Kidding.  One is on the network, One isnt.  The one that is usually doesnt have the cat5 plugged in unless Im doing something on it. It lacks antivirus and a buncha other stuff, its just not online enough for me to think its needed (and its connection is heavily firewalled with a static internal IP) when it is online.

[scofthe7seas]

Even the most expensive AMD board listed on NewEgg (a $250 Gigabyte) has a PS2.  I wouldn't expect that every board would, but PS2 isn't a litmus test for how old a machine is.

Actually, my laptop finally died, so I'm switching to an old desktop. And how about I qualify the PS2 issue; It won't actually accept commands on the bios screen from a usb keyboard.

[BadMouth]

Thanks for still doing the test.  A lot of us are curious about what the results will be.

And to think of it I've never tried running CarnEvil after updating for internet connectivity it ran 100% when it was a closed system I'll have to try now and see if there's much difference

I'm curious about that one too.

[kalars123]

Ill try it out when I get home from work tonight badmouth

[kalars123]

fully patched and internet ready xp pro x64 with kaspersky carnevil runs at 100% with no sound skipping, there's a few spots here and there where it bounces between 98-100% but it's otherwise smooth sailing

[Megaweapon]

Cab runs Win98 in DOS mode.  I keep the NIC pulled because if I don't it has a tendency to take over the ISA sound card's IRQ.  When I need to boot the GUI for maintenance (not often anymore) I use K-Meleon for web browsing.

I did have a network drop run behind the cab, so if I ever need to I could have it on the network all the time.

[Haze]

Well it's well documented, being skeptical about it is like claiming the grass is blue and the sky is green.

This seems to cover most of it
http://www.wizcrafts.net/ans/constant_rebooting.html

Might not be as bad now (many ISPs will filter it out specifically) but back in the day it was lethal on an unpatched XP / 2000 box and it's entirely possibly that somebody will find a similar exploit in the codebase today, meaning if you're not up to date with the latest patches your box will simply be hijacked.  Rather important to learn from the lessons of the past.

As pointed out, this can result in people installing hidden FTP servers on your machine, and distributing all kinds of nasty crap via them.

It's incredibly naive to take the approach that you can only get a virus by running a nasty attachment / application and while modern versions of the operating systems do provide several extra layers of security exploits are still found daily, practically every common file and document format used by PCs today has been exploited to cause code execution at some point as well as a fair number of the communication protocols due to poorly coded software handling them.

I feel pretty certain that you didn't read this entire thread before posting.
At no point did I say that any kind of file hasn't been infected in the past. This is something I know as well. I also was specifically talking about this day and age. I even mentioned that ISPs will specifically have internal firewalls up to block known issues like the blaster worm. I even mentioned the blaster worm specifically! (I didn't call it by name, but I did describe how it operates.)
I haven't said it hasn't happened in the past. I said I've never seen a case of it happening for no reason. I said (in the context of today) that any worm that propagates by IP sniffing will quickly be stopped. It's highly detectable these days.
I am still skeptical about the fruits of my experiment. For you to compare it to utter unbelievable nonsense is rude. I’m not skeptical of documented fact, nor did I imply that I was. I just don't see that sort of thing being an issue today, and I am completely willing to test it out, and willing to admit if I'm proven wrong. I don't appreciate the hostility, or the condescension.

I just feel that your 'it could never happen to me' / 'it could never happen again' to be one of the most dangerous when it comes to this kind of thing.

It's the entire reason the situation occurred in the first place.  People assuming such things couldn't / wouldn't happen to them, not bothering to patch because it was 'unimportant' (or too damaging to their precious uptime!)

To have a machine connected to the internet, and not have a proper patching schedule in place is irresponsible at best, not to mention highly selfish when it comes to other internet users.

I have a feeling the next big storm of this kind will probably hit Mac users rather than Windows users however, because despite recent showings that their platform is far from impenetrable many still insist on having this mentality that their systems are immune from all viruses are other such 'Windows specific' problems.

[kalars123]

the only reason why Mac's have never had a major virus/worm incident is because their market penetration is what hovering at ~12% or something like that, no one is going to take the time to mess with that. But frankly I wish it would happen, bring those dang Mac hippies down a peg or two.



"edit"
for the record i don't actually hope it happens I just really really hate the high and mighty attitude of mac users.

[danny_galaga]

the only reason why Mac's have never had a major virus/worm incident is because their market penetration is what hovering at ~12% or something like that, no one is going to take the time to mess with that. But frankly I wish it would happen, bring those dang Mac hippies down a peg or two.



"edit"
for the record i don't actually hope it happens I just really really hate the high and mighty attitude of mac users.

I'm buying a Mac this week 

Yes, Mac and Linux are used less and thus people generally don't bother making viruses for them. But they are both Unix based and thus a little more secure to start with. Majority of servers use Linux I believe, and if there's one thing you'd want to trash with a virus (if that's your thing) it's a server...

[newmanfamilyvlogs]

the only reason why Mac's have never had a major virus/worm incident is because their market penetration is what hovering at ~12% or something like that, no one is going to take the time to mess with that. But frankly I wish it would happen, bring those dang Mac hippies down a peg or two.



"edit"
for the record i don't actually hope it happens I just really really hate the high and mighty attitude of mac users.

http://www.bleepingcomputer.com/virus-removal/remove-mac-defender
This thing caused quite a stir among the virus-attitude of mac users. it's probably the first wave of the impending shitstorm.

[leapinlew]

the only reason why Mac's have never had a major virus/worm incident is because their market penetration is what hovering at ~12% or something like that, no one is going to take the time to mess with that.

It seems that it would be a good 12% to hit. Macs have more security, and while they aren't invulnerable they are more secure than windows.

[Sjaak]

I am going to plug it directly into the cable modem, no router.

So, how did it go?