Thread: Strange problem with Firefox - all links point back to same page
View Single Post
  #35  
Old March 3rd 12, 05:00 PM posted to microsoft.public.win98.gen_discussion
J. P. Gilliver (John)
External Usenet User
  
Posts: 1,554
Default How to gain access to websites that require latest Java installed
In message , 98 Guy writes:
"J. P. Gilliver (John)" wrote:

Inbound filtering:

- effectively dealt with by any NAT router or modem with NAT
capabilities

Indeed. Though some early broadband MoDems used USB-powered MoDems
like the SpeedTouch that, I believe, didn't.

Because of subscriber "churn" (customers moving, changing ISP's, etc)
it's likely that the numbers of old non-NAT modems in current use in
USA/Canada is likely very low.

Remember I'm not, I'm in UK. Though I suspect there aren't many of those
in use here either - partly for the reasons you mention and partly
because, I believe, they're not capable of the maximum speed obtainable
(on a good line) anyway; I think they're mostly if not all USB 1.1,
which is raw max. 12 M anyway - in theory enough, but in practice
marginal.

So anyone running a 98 system as some sort of "working museum
exhibit" is vulnerable, though see below.

Running win-98 on original 10 to 12 year-old equipment is certainly a
museum situation, but the basic Win32 architecture underlying win-98
still enables it to run quite a wide variety of software even today,
especially with the help of KernelEx, and it does so very well on more
modern hardware (ie - any P4 2 ghz machine with 512 mb).

I run win-98 on a Core2 socket 775 CPU running 3.5 ghz with 1 gb ram and
1.5 tb SATA hard drive. I wouldn't necessarily call that a museum
piece.

No; that's why I said "working museum exhibit", because I know your
views (basically, use modern kit, with which I don't disagree). There
_are_ some who like to run old kit, and I can sympathise with that -
there is a certain fascination in seeing it work at all, in the same way
as listening to a valve (toob) wireless set; however, I wouldn't use a
486 or earlier, or even early Pentiums, as a main internet access
machine these days.

Anyone running modern equipment, with a modern MoDem, and just
running 98 because they like it, isn't.

Isin't what? Isin't safe from internet-based exploits?

Isn't vulnerable. Sorry, I do tend to write long sentences!
[]
Indeed: in practice, I've not heard of anything in the wild that
targets (i. e. runs on) 98 systems for years.

Even back in the prime-time for Win-98, there wasn't much that could
touch it.

much? Or anything at all?

When it came to network worms, it wasn't so much that win-98 wasn't
targeted - it was that it simply wasn't vulnerable to anything. Back in
2000 through 2004, there were quite a few win-98 systems in use, but no
worm vulnerabilities were ever discovered for them.

So you were just CYA when you used "much" above (-:
[]
I would argue that the vast majority of anyone that has ever run a
software firewall on a win-98 machine did so because it either came with
their AV/security software, or they were told to run it by someone else,
or their computer was setup by someone else.

Well, we're all affected by others - I don't think many folk would run a
firewall whatever the OS if they'd never heard of one (-:

Which means that most people that had a firewall did not so much care to
manage it or care to know what their software was doing, but just
following the knee-jerk instructions of others that "they should have a
firewall".

True in many cases.

I don't think it's unreasonable to want to know when something I've
legitimately installed is trying to use the internet -

That's fine. But don't confuse or associate the software firewall with
part of the security aspect of a system when you're using it more for
it's administrative or system-awareness / monitoring functionality.

No, I'm not seeing it as a security matter.

especially if it's something that has no reason to be doing so,
such as an image editor.

Where or when does such communication cross a line into being considered
malicious?

I'm not seeing it as a security matter.

Again, most people wouldn't care about such communication because it
doesn't rise to the level of being malicious, or comprimising the
control over their machine.

And it's crazy to be so paranoid about stuff like that when your browser
is opening dozens of connections to beacons, click-trackers, and ad
servers when you surf the web.

I have lots of ad-blockers, a hosts file, and other tweaks, but you are
of course right, there is probably still lots going on from the browser.
However, I expect that - it's the function of a browser to go onto the
internet; when other software does, I am _interested_ to know that it is
doing so. "Paranoid" is an emotive term.

Actually, there's a particularly good reason to want to control
such accesses for someone running a 98 system:

some software may try to upgrade itself to a version that won't run
under 98. (Ideally, it wouldn't try to load an incompatible upgrade,
but I've known at least one software on which the upgrade got far
enough under 98 to screw things up a bit.)

An esoteric reason. It's a situation that I've never encountered.

The one I can bring to mind is trivial: the last self-"upgrade" of AVG
(which I had on one of my '98 machines) that ran under '98 - I mean the
last upgrade that did - installed a very irritating thing that pops up a
warning that you might not be protected (more irritating than the same
from previous versions), and offers to go online to update itself; if
you let it, it goes, then reports that the next version won't run on the
Windows you have. But it doesn't remember that it has done so and made
that discovery - so until you remove AVG altogether, you keep getting
this annoying nag. OK, this isn't breaking anything, but is annoying. I
do have the feeling that there were one or two other things I had where
the last upgrade I tried got so far and then stopped, but had got far
enough to break the existing installation, but I can't remember what
they were.
[]
Doesn't hurt to be able to monitor outgoings from legitimate
software though. IMO of course.

Which proves my point that those that advocate the use of a firewall on
win-98 systems always fall back to what you just said as the core reason
to use it.

"Fall back" is emotive. But yes, that's probably the _only_ reason - and
certainly not an important one, only interesting.

Because while it doesn't hurt to monitor outgoings from legit software,
it really doesn't help to do so either. (and all the while it does take

Depends what you mean by "help". It helps satisfy my curiosity (-:.

a cut out of your computer's performance to run the firewall).

What, on your super-duper machine, you'd notice that (-:?

It's also just as effective (and more efficient) to add a HOSTS file
entry for the offending site or host so that the software can't reach
the external machine.

I don't _necessarily_ want to stop it doing so - I just like to know
when it is. But that's just me.

And what happens after you've been running your computer for a while and
you discover that NONE of your software is performing back-door internet
access? What then is the usefullness of continuing to have the firewall
running?

See above: I don't necessarily block it.
[]
That's the first I've heard of XP having outbound firewalling

Getting a straight answer on this is somewhat difficult.
[]
The question as to whether XP can do outbound firewalling is murky, and
apparently even if it can, it doesn't do it by default.

The best explanation I've found so far is from he

http://www.corecom.com/external/live...xpfirewall.htm
[]
To modify outbound traffic handling policy you must configure Internet
Protocol security (IPSec) policies, which is a difficult configuration
task for non-technical users. By making outbound policy configuration
this challenging, Microsoft has all but assured that relatively few
users will modify the defaults.
=================
From a non-MS source ...

So is XP - SP2/SP3 able to perform out-bound firewalling? The answer
seems to be yes - but this functionality is not enabled by default and
not trivial to set up.

This document:

http://technet.microsoft.com/en-us/l...(v=ws.10).aspx
[]
Windows XP and Windows Server 2003 do not support outbound filtering.
===============
.... and from an MS one. So, as you say, hard to tell!

Although Micro$haft is known to use phrases and statements that can be
true when interpreted in certain ways to suit their marketing and
product-obsolescence (depreciation) strategies. The above statement

I definitely agree with you there! So the earlier statement from non-MS
that it (outbound firewalling) is available but hard to get at, is
probably the correct one.
[]
And again I say that there is nothing useful to be gained by
installing a third-party firewall on XP.

I will modify that statement and say that

For those that believe an out-bound firewall is of any
*protective* value on a computer with an NT-based OS
(and specifically XP in this case) then the firewall
integrated into XP may not be user-friendly enough to
be able to setup correctly by the average user, then a
third party firewall is likely the most practical route
to go.

Hmm. Glad you're willing to amend, though the revised version does
require some parsing!

I still say that as of this writing (2012) and even going back 5 to 7
years in the past, that the benefit of running a software firewall on
Windows 9x/ME is/was marginal to negligable.

Certainly from a _security_ point of view, I'd agree, negligible.
[]
I think the prevalance AND consequences of legit software performing
"back-door" contact with the internet is way overblown and does not nor
ever has risen to the level where firewall blocking ever did anything
useful to justify the energy and cost put into acquiring, installing and
maintaining the firewall.

I've certainly never _bought_ one. Installing was fairly trivial, and
maintaining dropped to zero fairly quickly (a hosts file needs
maintenance effort too).

I know that a lot of the "auto-update" and checking for newer versions
that some software does can be disabled by their own config and

A lot, but not all. And of course that assumes you actually want to stop
it, rather than just monitor it. I find it of interest to do so; I agree
that most probably wouldn't.
[]
their files) is a satisfactory alternative. I frequently delete the
file "jusched.exe" for example as a way to achieve this.

What prog. creates that file? (Just curious - e. g., whether it's part
of Windows itself, or some other piece of software you're running. Oh,
is it something to do with Java or javascript?)
[]
As to whether there is "too much" focus, that's a matter of
individual preference: one could say your reflex action to
any mention of it is also irrational (-:.

It's never irrational to assert logic and facts into a discussion.

No; I think we're having a civilized discussion now! (I just hope it's
benefitting others too!)
--
J. P. Gilliver. UMRA: 1960/1985 MB++G.5AL-IS-P--Ch++(p)Ar@T0H+Sh0!:`)DNAf

Have the courage to be ordinary - people make themselves so desperately unhappy
trying to be clever and totally original. (Robbie Coltrane, RT 8-14 Nov. 1997.)