View Single Post
  #36  
Old March 3rd 12, 08:36 PM posted to microsoft.public.win98.gen_discussion
98 Guy
External Usenet User
 
Posts: 2,951
Default How to gain access to websites that require latest Java installed

"J. P. Gilliver (John)" wrote:

Because of subscriber "churn" (customers moving, changing ISP's,
etc) it's likely that the numbers of old non-NAT modems in current
use in USA/Canada is likely very low.


Remember I'm not, I'm in UK. Though I suspect there aren't many of
those in use here either - partly for the reasons you mention and
partly because, I believe, they're not capable of the maximum speed
obtainable (on a good line) anyway; I think they're mostly if not
all USB 1.1, which is raw max.


I think I've had this conversation before regarding early DSL modems and
the USB interface.

My own experience from my first DSL modem back in the fall of 2001 is
that on this side of the pond, they all came with ethernet and maybe
some of the early ones came with ethernet *and* USB. It's not my
recollection that any of the older ones offered by any ISP came with
*only* USB.

The reasoning would have been that USB and win-98 weren't necessarily
good friends, and back in the 1999 - 2004 time frame many people still
had win-98 systems at home, and an ethernet interface would have been
easier to setup vs USB.

Even back in the prime-time for Win-98, there wasn't much that
could touch it.


much? Or anything at all?


No network worms could touch win-98.

Other vulnerabilities such as IE-based exploits - I think there were a
few. The ANI (animated icon) vulnerability could theoretically exloit
win-98 but it had to be written differently than the ones found in the
wild (targeting XP, of course).

Back in the summer of 2006 (the official end-of-support for win-98)
Secunia.org was listing a grand total of 35 security issues with win-98
- most of which were patched and none of which were "critical". (and
there were hundreds of security issues posted by secunia for win-2k/xp
by July 2006)

In the year or two following that, many or most of the IE patches
released for IE6sp1 for Win-2k were directly usable on win-98. But it's
not clear that win-98 was exploitable to the vulnerabilites being
addressed by those patches in the first place.

I've experimented with several of the java-script-based pdf exploits in
conjunction with acrobat reader 6 (the last version to officially run on
win-98) and the combination of win-98 and reader-6 was not vulnerable to
any pdf exploits I found "in the wild".

You may be aware that there is something called the blackhole (or
blacole) exploit kit, which if you browse to a malicious website your
browser might run some nasty javascript that causes the browser to
download and run arbitrary .exe files (usually fake AV software). I can
tell you that my win-98 system (in combination with Firefox 2.0.0.20)
did actually do that - except the .exe performed an illegal operation
and crashed. In other instances, the .exe file is passed as an argument
to regsvr32 (where it again crashes).

I have since created a "dummy" version of regsvr32 which simply writes
to a log file the argument that was being passed to it. When I want to
install legit software I'll replace the dummy version with the real
one. Apparently this trick of using regsvr32 to invoke malicious files
downloaded with rogue javascript is somewhat common.

Blackhole is the most common vector in use right now to infect people
browsing the internet. It leverages 5 Java JRE vulnerabilities as well
as a "Microsoft Windows Help and Support Center" MS10-042
vulnerability. Windows 98 is completely immune to the MS10-042 issue
(which affects XP). The Java vulnerabilities exist in older versions of
JRE 6, the most recent of those being update 10 (I'm running update 30).

Blackhole also tries to leverage 3 pdf exploits, and finally a 2006
IE-Mdac vulnerability (MS06-014).

There's a very long thread here regarding the existance of MS patches
for MDAC for win-98:

http://help.lockergnome.com/windows2...ict451804.html

I participated / started that thread some years ago, and I honestly
don't remember how it got resolved - or even if my own systems are
patched.

So you were just CYA when you used "much" above (-:


Back during the time-frame 2000 through the end of 2005, we had about 2
dozen machines connected directly to the internet WITHOUT the use of NAT
or a firewall. Each machine had a directly-routable IP address. About
a dozen of those machines were win-98, 4 were NT4, 6 were win-2k.

The win-98 systems ran Norton Antivirus (dating from 2000, 2001 and
2002) and had their virus def'n sporadically updated during this 5-year
time span. They were never infected with anything. Sometimes the AV
caught a virus in incoming e-mail.

The NT and 2k systems were periodically hit with worms. I remember that
someone (or some group) was using one of our NT machines as a sort of
private file-server.

So I can say that operating a dozen win-98 machines without the benefit
of a firewall AND a nat-router and using only mediocre AV protection
during the most vulnerable period in the history of usage for that OS
resulted in no malware infestation on those machines.

Hmm. Glad you're willing to amend, though the revised version does
require some parsing!


Ok, I won't argue that firewall software can be an interesting tool for
those that want to use it. It comes with some remote benefit that it
might stop some malware from doing something once every few years.

For others, specifically win-98 users, who feel naked and vulnerable
running their PC without a firewall, I guess those are the ones that I
can't relate to and for which most of my comments are aimed at.

their files) is a satisfactory alternative. I frequently delete
the file "jusched.exe" for example as a way to achieve this.


What prog. creates that file? (Just curious - e. g., whether it's
part of Windows itself, or some other piece of software you're
running. Oh, is it something to do with Java or javascript?)


Yea, Java Update Scheduler.

I hate seeing that running on my systems.

It's never irrational to assert logic and facts into a
discussion.


No; I think we're having a civilized discussion now!
(I just hope it's benefitting others too!)


We'll see...