Risk Mitigation for Legacy Windows NT 4.0 Systems
by William Lynch - Manager with CTG’s Information Security Services Practice - Wednesday, 3 January 2007.
Finally, a more robust isolation solution might entail moving the Windows NT 4.0 systems to an isolated subnet and using a Citrix front-end to control user interaction with the NT 4.0 systems. Assuming that your users currently use a front-end local application to interact with the NT 4.0 back-end systems, you would simply move the front-end application to a Citrix server in front of the isolated Windows NT 4.0 systems and eliminate any direct access to the Windows NT 4.0 isolated network.

Virtualization

Depending on the application in use on the legacy Windows NT 4.0 system, virtualization could be a good choice for replacement. Using VMWare, you could schedule systematic snapshots, which could allow for a quick recovery in the event of compromise. An added benefit here would also be that you’re no longer dependant on the aging hardware which may also be no longer supported by the hardware vendor. However, without isolation, either through the VM product or otherwise, your legacy systems could still be used as attack platforms for attacking the rest of your network.

If your legacy system contains only static data, then one extremely low-cost and secure solution would be to roll the Windows NT 4.0 system into a non-networked VM that is accessed locally using the freely available VMWare Player software. If networking is disabled then any network security problems associated with Windows NT 4.0 are all but eliminated.

Summary

Continuing to run unsupported legacy operating systems such as Windows NT 4.0 can be a serious risk to organizational security and compliance. Since they receive no security patches, these systems are vulnerable to many potential exploits and worms. However, in this article we looked at several low-cost ways to mitigate the risk though replacement, isolation, and virtualization.

Spotlight

The synergy of hackers and tools at the Black Hat Arsenal

Posted on 27 August 2014.  |  Tucked away from the glamour of the vendor booths and the large presentation rooms filled with rockstar sessions, was the Arsenal - a place where developers were able to present their security tools and grow their community.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Mon, Sep 1st
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //