A Windows 98 & ME forum. Win98banter

If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below.

Go Back   Home » Win98banter forum » Windows 98 » General
Site Map Home Authors List Search Today's Posts Mark Forums Read Web Partners

Strange problem with Firefox - all links point back to same page



 
 
Thread Tools Display Modes
  #31  
Old March 2nd 12, 08:25 AM posted to microsoft.public.win98.gen_discussion
Lostgallifreyan
external usenet poster
 
Posts: 1,562
Default How to gain access to websites that require latest Java installed

Lee wrote in news:5d0b64e0-8e7c-49da-a470-
:

I really would like a fast 98 box too, but it seems
to be the last item on a long list of things to do first.


An XP machine can be a good base for a fast W98 machine. If you use Ghost or
Acronis or some other disk imager, you have plenty of scope to try. Use an
imager anyway, just to back up that WXP so you can restore it if you need to.
Don't trust its own backup/restore point stuff, or its 'redundant file
cache'. There's no substitute for backing up a whole OS wghile it's dormant,
seen as nothign buit a disk full of data by the imaging tool. That way you
can do pretty much anything you like, and repeat nearly all of it at will.

Failure then only costs time. The fewer machines you have, the more use
you'll have for this method. Ghost is sold as a 'cloning' tool for
sysadmins with many machines, but it's FAR more useful in protecting
and rapidly reconfiguring single machines! I think Symantec may have missed
this point, for whatever reason.

If you have lots of plans to do things with one machine, don't put off
imaging. If you don;t do it, then ONE of those things-to-do might break a
system badly enough to prevent the rest, and imaging is always easier and
faster than reinstalling. Once I figured that out I wanted a good imaging
method as top priority, and never regretted finding one (Ghost was rare at
the time, Norton and Symantec hadn't even got hold of it yet, it still
belonged to Binary Research, the New Zealand firm that made it). I have a WXP
image, an OpenBSD image, neither used anymore, but if I want to use them, I
can put either on a machine in a few tens of seconds after backing up my
current system.
  #32  
Old March 2nd 12, 09:38 AM posted to microsoft.public.win98.gen_discussion
J. P. Gilliver (John)
External Usenet User
 
Posts: 1,554
Default How to gain access to websites that require latest Java installed

In message ,
Lostgallifreyan writes:
Lee wrote in news:5d0b64e0-8e7c-49da-a470-
:

What do you guys use for a 98 firewall?


LnS Firewall. It definitely works nicer than ZoneAlarm. I once used ZA, and
not having to still makes me happy, ZA casts a long shadow.


Kerio (KPF) 2.1.5. I'm still using it under XP.
--
J. P. Gilliver. UMRA: 1960/1985 MB++G.5AL-IS-P--Ch++(p)Ar@T0H+Sh0!:`)DNAf

....Every morning is the dawn of a new error...
  #33  
Old March 2nd 12, 11:25 AM posted to microsoft.public.win98.gen_discussion
Harry Vaderchi
external usenet poster
 
Posts: 22
Default How to gain access to websites that require latest Java installed

On Fri, 02 Mar 2012 08:38:44 -0000, J. P. Gilliver (John)
wrote:

In message ,
Lostgallifreyan writes:
Lee wrote in news:5d0b64e0-8e7c-49da-a470-
:

What do you guys use for a 98 firewall?


LnS Firewall. It definitely works nicer than ZoneAlarm. I once used ZA,
and
not having to still makes me happy, ZA casts a long shadow.


Kerio (KPF) 2.1.5. I'm still using it under XP.


Me too!

--
[dash dash space newline 4line sig]

Albi CNU
  #34  
Old March 3rd 12, 04:30 PM posted to microsoft.public.win98.gen_discussion
98 Guy
External Usenet User
 
Posts: 2,951
Default How to gain access to websites that require latest Java installed

"J. P. Gilliver (John)" wrote:

Inbound filtering:

- effectively dealt with by any NAT router or modem with NAT
capabilities


Indeed. Though some early broadband MoDems used USB-powered MoDems
like the SpeedTouch that, I believe, didn't.


Because of subscriber "churn" (customers moving, changing ISP's, etc)
it's likely that the numbers of old non-NAT modems in current use in
USA/Canada is likely very low.

So anyone running a 98 system as some sort of "working museum
exhibit" is vulnerable, though see below.


Running win-98 on original 10 to 12 year-old equipment is certainly a
museum situation, but the basic Win32 architecture underlying win-98
still enables it to run quite a wide variety of software even today,
especially with the help of KernelEx, and it does so very well on more
modern hardware (ie - any P4 2 ghz machine with 512 mb).

I run win-98 on a Core2 socket 775 CPU running 3.5 ghz with 1 gb ram and
1.5 tb SATA hard drive. I wouldn't necessarily call that a museum
piece.

Anyone running modern equipment, with a modern MoDem, and just
running 98 because they like it, isn't.


Isin't what? Isin't safe from internet-based exploits?

My experience is to the contrary.

windows 98 is simply not vulnerable to any of the 6 different
network worms that have been developed / discovered over the
past 10 years.


Indeed: in practice, I've not heard of anything in the wild that
targets (i. e. runs on) 98 systems for years.


Even back in the prime-time for Win-98, there wasn't much that could
touch it.

When it came to network worms, it wasn't so much that win-98 wasn't
targeted - it was that it simply wasn't vulnerable to anything. Back in
2000 through 2004, there were quite a few win-98 systems in use, but no
worm vulnerabilities were ever discovered for them.

Conclusion: Most people who run firewalls on windows-98 machines
do so more for the control it gives them over legit programs and
how those programs communicate with the internet. These people
are, for lack of a better word, "control freaks" and enjoy exerting
a high level of control and /or awareness over their system.


There I'd rather tend to disagree with you, or at least I don't
like being called a control freak.


I would argue that the vast majority of anyone that has ever run a
software firewall on a win-98 machine did so because it either came with
their AV/security software, or they were told to run it by someone else,
or their computer was setup by someone else.

Which means that most people that had a firewall did not so much care to
manage it or care to know what their software was doing, but just
following the knee-jerk instructions of others that "they should have a
firewall".

I don't think it's unreasonable to want to know when something I've
legitimately installed is trying to use the internet -


That's fine. But don't confuse or associate the software firewall with
part of the security aspect of a system when you're using it more for
it's administrative or system-awareness / monitoring functionality.

especially if it's something that has no reason to be doing so,
such as an image editor.


Where or when does such communication cross a line into being considered
malicious?

Again, most people wouldn't care about such communication because it
doesn't rise to the level of being malicious, or comprimising the
control over their machine.

And it's crazy to be so paranoid about stuff like that when your browser
is opening dozens of connections to beacons, click-trackers, and ad
servers when you surf the web.

Actually, there's a particularly good reason to want to control
such accesses for someone running a 98 system:

some software may try to upgrade itself to a version that won't run
under 98. (Ideally, it wouldn't try to load an incompatible upgrade,
but I've known at least one software on which the upgrade got far
enough under 98 to screw things up a bit.)


An esoteric reason. It's a situation that I've never encountered.

The one piece of software on my systems that auto-updates itself (Flash
player) has been working flawless - so far.

Certainly little or no true malware around now will run on 98.


Doesn't hurt to be able to monitor outgoings from legitimate
software though. IMO of course.


Which proves my point that those that advocate the use of a firewall on
win-98 systems always fall back to what you just said as the core reason
to use it.

Because while it doesn't hurt to monitor outgoings from legit software,
it really doesn't help to do so either. (and all the while it does take
a cut out of your computer's performance to run the firewall).

It's also just as effective (and more efficient) to add a HOSTS file
entry for the offending site or host so that the software can't reach
the external machine.

And what happens after you've been running your computer for a while and
you discover that NONE of your software is performing back-door internet
access? What then is the usefullness of continuing to have the firewall
running?

I *believe* that SP-1 had in-bound firewalling, and SP-2 had both
in-bound and out-bound (or full) firewalling enabled by default.


That's the first I've heard of XP having outbound firewalling


Getting a straight answer on this is somewhat difficult.

Based on some additional research, it appears that XP-SP2 (not SP1) came
with the inbound firewall turned on by default.

The question as to whether XP can do outbound firewalling is murky, and
apparently even if it can, it doesn't do it by default.

The best explanation I've found so far is from he

http://www.corecom.com/external/live...xpfirewall.htm

And in particular, this:

=================
Access to IP Security Policies isn't available from Windows Security
Center, the control panel Microsoft offers as a way to manage your
Windows security settings.

To modify outbound traffic handling policy you must configure Internet
Protocol security (IPSec) policies, which is a difficult configuration
task for non-technical users. By making outbound policy configuration
this challenging, Microsoft has all but assured that relatively few
users will modify the defaults.
=================

So is XP - SP2/SP3 able to perform out-bound firewalling? The answer
seems to be yes - but this functionality is not enabled by default and
not trivial to set up.

This document:

http://technet.microsoft.com/en-us/l...(v=ws.10).aspx

claims that out-bound firewalling is NOT enabled by default in:

Windows 7, Windows Vista, Windows Server 2008, Windows Server 2008 R2

And it goes on to plainly state:

===============
Windows XP and Windows Server 2003 do not support outbound filtering.
===============

Although Micro$haft is known to use phrases and statements that can be
true when interpreted in certain ways to suit their marketing and
product-obsolescence (depreciation) strategies. The above statement
might be true only when seen in terms referring to any GPO or IPsec
(group policies) that come with those versions of windows - not with any
that you create on your own.

Anyone running XP should have SP3 by now -


(Other than those, another reason to be on SP3 is that the end
of support date is later - I'm not even sure if it's already
passed for SP2.)


It has. As of July 2010.

And again I say that there is nothing useful to be gained by
installing a third-party firewall on XP.


I will modify that statement and say that

For those that believe an out-bound firewall is of any
*protective* value on a computer with an NT-based OS
(and specifically XP in this case) then the firewall
integrated into XP may not be user-friendly enough to
be able to setup correctly by the average user, then a
third party firewall is likely the most practical route
to go.

I still say that as of this writing (2012) and even going back 5 to 7
years in the past, that the benefit of running a software firewall on
Windows 9x/ME is/was marginal to negligable.

Again, too much focus here on firewall software. It's an
irrational focus.


If you mean fear of malware on 98 systems, probably. Being able
to monitor the activities of "legitimate" software, perhaps not
so.


I think the prevalance AND consequences of legit software performing
"back-door" contact with the internet is way overblown and does not nor
ever has risen to the level where firewall blocking ever did anything
useful to justify the energy and cost put into acquiring, installing and
maintaining the firewall.

I know that a lot of the "auto-update" and checking for newer versions
that some software does can be disabled by their own config and
control-panel settings. And for any that don't or can't, removing the
offending modules (either through msconfig or by renaming / deleting
their files) is a satisfactory alternative. I frequently delete the
file "jusched.exe" for example as a way to achieve this.

And again, a simple HOSTS file entry can achieve the same purpose as the
firewall would have - to prevent a given program from being able to
contact a specific host.

As to whether there is "too much" focus, that's a matter of
individual preference: one could say your reflex action to
any mention of it is also irrational (-:.


It's never irrational to assert logic and facts into a discussion.
  #35  
Old March 3rd 12, 06:00 PM posted to microsoft.public.win98.gen_discussion
J. P. Gilliver (John)
External Usenet User
 
Posts: 1,554
Default How to gain access to websites that require latest Java installed

In message , 98 Guy writes:
"J. P. Gilliver (John)" wrote:

Inbound filtering:

- effectively dealt with by any NAT router or modem with NAT
capabilities


Indeed. Though some early broadband MoDems used USB-powered MoDems
like the SpeedTouch that, I believe, didn't.


Because of subscriber "churn" (customers moving, changing ISP's, etc)
it's likely that the numbers of old non-NAT modems in current use in
USA/Canada is likely very low.


Remember I'm not, I'm in UK. Though I suspect there aren't many of those
in use here either - partly for the reasons you mention and partly
because, I believe, they're not capable of the maximum speed obtainable
(on a good line) anyway; I think they're mostly if not all USB 1.1,
which is raw max. 12 M anyway - in theory enough, but in practice
marginal.

So anyone running a 98 system as some sort of "working museum
exhibit" is vulnerable, though see below.


Running win-98 on original 10 to 12 year-old equipment is certainly a
museum situation, but the basic Win32 architecture underlying win-98
still enables it to run quite a wide variety of software even today,
especially with the help of KernelEx, and it does so very well on more
modern hardware (ie - any P4 2 ghz machine with 512 mb).

I run win-98 on a Core2 socket 775 CPU running 3.5 ghz with 1 gb ram and
1.5 tb SATA hard drive. I wouldn't necessarily call that a museum
piece.


No; that's why I said "working museum exhibit", because I know your
views (basically, use modern kit, with which I don't disagree). There
_are_ some who like to run old kit, and I can sympathise with that -
there is a certain fascination in seeing it work at all, in the same way
as listening to a valve (toob) wireless set; however, I wouldn't use a
486 or earlier, or even early Pentiums, as a main internet access
machine these days.

Anyone running modern equipment, with a modern MoDem, and just
running 98 because they like it, isn't.


Isin't what? Isin't safe from internet-based exploits?


Isn't vulnerable. Sorry, I do tend to write long sentences!
[]
Indeed: in practice, I've not heard of anything in the wild that
targets (i. e. runs on) 98 systems for years.


Even back in the prime-time for Win-98, there wasn't much that could
touch it.


much? Or anything at all?

When it came to network worms, it wasn't so much that win-98 wasn't
targeted - it was that it simply wasn't vulnerable to anything. Back in
2000 through 2004, there were quite a few win-98 systems in use, but no
worm vulnerabilities were ever discovered for them.


So you were just CYA when you used "much" above (-:
[]
I would argue that the vast majority of anyone that has ever run a
software firewall on a win-98 machine did so because it either came with
their AV/security software, or they were told to run it by someone else,
or their computer was setup by someone else.


Well, we're all affected by others - I don't think many folk would run a
firewall whatever the OS if they'd never heard of one (-:

Which means that most people that had a firewall did not so much care to
manage it or care to know what their software was doing, but just
following the knee-jerk instructions of others that "they should have a
firewall".


True in many cases.

I don't think it's unreasonable to want to know when something I've
legitimately installed is trying to use the internet -


That's fine. But don't confuse or associate the software firewall with
part of the security aspect of a system when you're using it more for
it's administrative or system-awareness / monitoring functionality.


No, I'm not seeing it as a security matter.

especially if it's something that has no reason to be doing so,
such as an image editor.


Where or when does such communication cross a line into being considered
malicious?


I'm not seeing it as a security matter.

Again, most people wouldn't care about such communication because it
doesn't rise to the level of being malicious, or comprimising the
control over their machine.

And it's crazy to be so paranoid about stuff like that when your browser
is opening dozens of connections to beacons, click-trackers, and ad
servers when you surf the web.


I have lots of ad-blockers, a hosts file, and other tweaks, but you are
of course right, there is probably still lots going on from the browser.
However, I expect that - it's the function of a browser to go onto the
internet; when other software does, I am _interested_ to know that it is
doing so. "Paranoid" is an emotive term.

Actually, there's a particularly good reason to want to control
such accesses for someone running a 98 system:

some software may try to upgrade itself to a version that won't run
under 98. (Ideally, it wouldn't try to load an incompatible upgrade,
but I've known at least one software on which the upgrade got far
enough under 98 to screw things up a bit.)


An esoteric reason. It's a situation that I've never encountered.


The one I can bring to mind is trivial: the last self-"upgrade" of AVG
(which I had on one of my '98 machines) that ran under '98 - I mean the
last upgrade that did - installed a very irritating thing that pops up a
warning that you might not be protected (more irritating than the same
from previous versions), and offers to go online to update itself; if
you let it, it goes, then reports that the next version won't run on the
Windows you have. But it doesn't remember that it has done so and made
that discovery - so until you remove AVG altogether, you keep getting
this annoying nag. OK, this isn't breaking anything, but is annoying. I
do have the feeling that there were one or two other things I had where
the last upgrade I tried got so far and then stopped, but had got far
enough to break the existing installation, but I can't remember what
they were.
[]
Doesn't hurt to be able to monitor outgoings from legitimate
software though. IMO of course.


Which proves my point that those that advocate the use of a firewall on
win-98 systems always fall back to what you just said as the core reason
to use it.


"Fall back" is emotive. But yes, that's probably the _only_ reason - and
certainly not an important one, only interesting.

Because while it doesn't hurt to monitor outgoings from legit software,
it really doesn't help to do so either. (and all the while it does take


Depends what you mean by "help". It helps satisfy my curiosity (-:.

a cut out of your computer's performance to run the firewall).


What, on your super-duper machine, you'd notice that (-:?

It's also just as effective (and more efficient) to add a HOSTS file
entry for the offending site or host so that the software can't reach
the external machine.


I don't _necessarily_ want to stop it doing so - I just like to know
when it is. But that's just me.

And what happens after you've been running your computer for a while and
you discover that NONE of your software is performing back-door internet
access? What then is the usefullness of continuing to have the firewall
running?


See above: I don't necessarily block it.
[]
That's the first I've heard of XP having outbound firewalling


Getting a straight answer on this is somewhat difficult.

[]
The question as to whether XP can do outbound firewalling is murky, and
apparently even if it can, it doesn't do it by default.

The best explanation I've found so far is from he

http://www.corecom.com/external/live...xpfirewall.htm

[]
To modify outbound traffic handling policy you must configure Internet
Protocol security (IPSec) policies, which is a difficult configuration
task for non-technical users. By making outbound policy configuration
this challenging, Microsoft has all but assured that relatively few
users will modify the defaults.
=================

From a non-MS source ...

So is XP - SP2/SP3 able to perform out-bound firewalling? The answer
seems to be yes - but this functionality is not enabled by default and
not trivial to set up.

This document:

http://technet.microsoft.com/en-us/l...(v=ws.10).aspx

[]
Windows XP and Windows Server 2003 do not support outbound filtering.
===============

.... and from an MS one. So, as you say, hard to tell!

Although Micro$haft is known to use phrases and statements that can be
true when interpreted in certain ways to suit their marketing and
product-obsolescence (depreciation) strategies. The above statement


I definitely agree with you there! So the earlier statement from non-MS
that it (outbound firewalling) is available but hard to get at, is
probably the correct one.
[]
And again I say that there is nothing useful to be gained by
installing a third-party firewall on XP.


I will modify that statement and say that

For those that believe an out-bound firewall is of any
*protective* value on a computer with an NT-based OS
(and specifically XP in this case) then the firewall
integrated into XP may not be user-friendly enough to
be able to setup correctly by the average user, then a
third party firewall is likely the most practical route
to go.


Hmm. Glad you're willing to amend, though the revised version does
require some parsing!

I still say that as of this writing (2012) and even going back 5 to 7
years in the past, that the benefit of running a software firewall on
Windows 9x/ME is/was marginal to negligable.


Certainly from a _security_ point of view, I'd agree, negligible.
[]
I think the prevalance AND consequences of legit software performing
"back-door" contact with the internet is way overblown and does not nor
ever has risen to the level where firewall blocking ever did anything
useful to justify the energy and cost put into acquiring, installing and
maintaining the firewall.


I've certainly never _bought_ one. Installing was fairly trivial, and
maintaining dropped to zero fairly quickly (a hosts file needs
maintenance effort too).

I know that a lot of the "auto-update" and checking for newer versions
that some software does can be disabled by their own config and


A lot, but not all. And of course that assumes you actually want to stop
it, rather than just monitor it. I find it of interest to do so; I agree
that most probably wouldn't.
[]
their files) is a satisfactory alternative. I frequently delete the
file "jusched.exe" for example as a way to achieve this.


What prog. creates that file? (Just curious - e. g., whether it's part
of Windows itself, or some other piece of software you're running. Oh,
is it something to do with Java or javascript?)
[]
As to whether there is "too much" focus, that's a matter of
individual preference: one could say your reflex action to
any mention of it is also irrational (-:.


It's never irrational to assert logic and facts into a discussion.


No; I think we're having a civilized discussion now! (I just hope it's
benefitting others too!)
--
J. P. Gilliver. UMRA: 1960/1985 MB++G.5AL-IS-P--Ch++(p)Ar@T0H+Sh0!:`)DNAf

Have the courage to be ordinary - people make themselves so desperately unhappy
trying to be clever and totally original. (Robbie Coltrane, RT 8-14 Nov. 1997.)
  #36  
Old March 3rd 12, 08:36 PM posted to microsoft.public.win98.gen_discussion
98 Guy
External Usenet User
 
Posts: 2,951
Default How to gain access to websites that require latest Java installed

"J. P. Gilliver (John)" wrote:

Because of subscriber "churn" (customers moving, changing ISP's,
etc) it's likely that the numbers of old non-NAT modems in current
use in USA/Canada is likely very low.


Remember I'm not, I'm in UK. Though I suspect there aren't many of
those in use here either - partly for the reasons you mention and
partly because, I believe, they're not capable of the maximum speed
obtainable (on a good line) anyway; I think they're mostly if not
all USB 1.1, which is raw max.


I think I've had this conversation before regarding early DSL modems and
the USB interface.

My own experience from my first DSL modem back in the fall of 2001 is
that on this side of the pond, they all came with ethernet and maybe
some of the early ones came with ethernet *and* USB. It's not my
recollection that any of the older ones offered by any ISP came with
*only* USB.

The reasoning would have been that USB and win-98 weren't necessarily
good friends, and back in the 1999 - 2004 time frame many people still
had win-98 systems at home, and an ethernet interface would have been
easier to setup vs USB.

Even back in the prime-time for Win-98, there wasn't much that
could touch it.


much? Or anything at all?


No network worms could touch win-98.

Other vulnerabilities such as IE-based exploits - I think there were a
few. The ANI (animated icon) vulnerability could theoretically exloit
win-98 but it had to be written differently than the ones found in the
wild (targeting XP, of course).

Back in the summer of 2006 (the official end-of-support for win-98)
Secunia.org was listing a grand total of 35 security issues with win-98
- most of which were patched and none of which were "critical". (and
there were hundreds of security issues posted by secunia for win-2k/xp
by July 2006)

In the year or two following that, many or most of the IE patches
released for IE6sp1 for Win-2k were directly usable on win-98. But it's
not clear that win-98 was exploitable to the vulnerabilites being
addressed by those patches in the first place.

I've experimented with several of the java-script-based pdf exploits in
conjunction with acrobat reader 6 (the last version to officially run on
win-98) and the combination of win-98 and reader-6 was not vulnerable to
any pdf exploits I found "in the wild".

You may be aware that there is something called the blackhole (or
blacole) exploit kit, which if you browse to a malicious website your
browser might run some nasty javascript that causes the browser to
download and run arbitrary .exe files (usually fake AV software). I can
tell you that my win-98 system (in combination with Firefox 2.0.0.20)
did actually do that - except the .exe performed an illegal operation
and crashed. In other instances, the .exe file is passed as an argument
to regsvr32 (where it again crashes).

I have since created a "dummy" version of regsvr32 which simply writes
to a log file the argument that was being passed to it. When I want to
install legit software I'll replace the dummy version with the real
one. Apparently this trick of using regsvr32 to invoke malicious files
downloaded with rogue javascript is somewhat common.

Blackhole is the most common vector in use right now to infect people
browsing the internet. It leverages 5 Java JRE vulnerabilities as well
as a "Microsoft Windows Help and Support Center" MS10-042
vulnerability. Windows 98 is completely immune to the MS10-042 issue
(which affects XP). The Java vulnerabilities exist in older versions of
JRE 6, the most recent of those being update 10 (I'm running update 30).

Blackhole also tries to leverage 3 pdf exploits, and finally a 2006
IE-Mdac vulnerability (MS06-014).

There's a very long thread here regarding the existance of MS patches
for MDAC for win-98:

http://help.lockergnome.com/windows2...ict451804.html

I participated / started that thread some years ago, and I honestly
don't remember how it got resolved - or even if my own systems are
patched.

So you were just CYA when you used "much" above (-:


Back during the time-frame 2000 through the end of 2005, we had about 2
dozen machines connected directly to the internet WITHOUT the use of NAT
or a firewall. Each machine had a directly-routable IP address. About
a dozen of those machines were win-98, 4 were NT4, 6 were win-2k.

The win-98 systems ran Norton Antivirus (dating from 2000, 2001 and
2002) and had their virus def'n sporadically updated during this 5-year
time span. They were never infected with anything. Sometimes the AV
caught a virus in incoming e-mail.

The NT and 2k systems were periodically hit with worms. I remember that
someone (or some group) was using one of our NT machines as a sort of
private file-server.

So I can say that operating a dozen win-98 machines without the benefit
of a firewall AND a nat-router and using only mediocre AV protection
during the most vulnerable period in the history of usage for that OS
resulted in no malware infestation on those machines.

Hmm. Glad you're willing to amend, though the revised version does
require some parsing!


Ok, I won't argue that firewall software can be an interesting tool for
those that want to use it. It comes with some remote benefit that it
might stop some malware from doing something once every few years.

For others, specifically win-98 users, who feel naked and vulnerable
running their PC without a firewall, I guess those are the ones that I
can't relate to and for which most of my comments are aimed at.

their files) is a satisfactory alternative. I frequently delete
the file "jusched.exe" for example as a way to achieve this.


What prog. creates that file? (Just curious - e. g., whether it's
part of Windows itself, or some other piece of software you're
running. Oh, is it something to do with Java or javascript?)


Yea, Java Update Scheduler.

I hate seeing that running on my systems.

It's never irrational to assert logic and facts into a
discussion.


No; I think we're having a civilized discussion now!
(I just hope it's benefitting others too!)


We'll see...
  #37  
Old March 3rd 12, 08:55 PM posted to microsoft.public.win98.gen_discussion
Lostgallifreyan
external usenet poster
 
Posts: 1,562
Default How to gain access to websites that require latest Java installed

98 Guy wrote in :

There I'd rather tend to disagree with you, or at least I don't
like being called a control freak.



No-one who isn't ever gets any good at coding. It's just a matter of where we
exert the control. So if a computer user gets called a 'control freak', they
should take it as a compliment unless the person putting the charge is busy
trying to make others see the world from a viewpoint other than their own.

I don't think it's unreasonable to want to know when something I've
legitimately installed is trying to use the internet -


That's fine. But don't confuse or associate the software firewall with
part of the security aspect of a system when you're using it more for
it's administrative or system-awareness / monitoring functionality.

..
..
Because while it doesn't hurt to monitor outgoings from legit software,
it really doesn't help to do so either. (and all the while it does take
a cut out of your computer's performance to run the firewall).


LnS takes just 0.05% average of CPU time waiting for a signal from its XVD
driver. I got Opera to go to Youtube, usually full of links off-page to other
stuff) and while Opera chewed 84%+, and momentarily drove the machine into
unresponsive behaviour as th video loaded, LnS never saw a demand greater
than 0.8%. That's not a cut that would ever concern me.

An example of why I use it: I like Sound Forge v4.5. This program would
sometimes try to reach the net on loading. I don't consider it 'malicious' in
any way, but it is still a security issue. The reason is like that it is
reporting some memory dump after a failure of some kind, intended to make the
coders aware of trouble and fix it before anyone starts actually complaining.
There's no other reason for that program to have any sockets code in it at
all! Now I'm not concerned with what it's trying to report, and the address
it's trying to reach is likely long dead too. What matters is that when I use
the program for critical radio recordings or other audio work (its
reliability is why I use it), I like to know if there may be some flaw that
might risk a crash mid-session. As soon as I learned that Sound Forge was
likely to be reporting one, it permanently established a reason to keep
something that alerted me so I could relaunch or reboot before some long
session where reliability was extremely important. LnS was the only warning
method I had.

There's also a surprising amount of programs with sockets code in it, when no
overt need for it exists. perhaps it just got linked and compiled by coders
who didn't intend this, but again, whatever the reson, if that code gets
used, something like LnS might be the only way we'll know.

Never mind 'security', we need to be aware because otherwise we are in no fit
state to even decide if it IS a security issue or not.

It's also just as effective (and more efficient) to add a HOSTS file
entry for the offending site or host so that the software can't reach
the external machine.


A big hosts file can be a drain, as it gets scanned every time any socket is
used to connect to a remote host. A good firewall will be a lot more
efficient because it can be programmed by simple human decisions. I very
rarely have to change anythign in LnS, it really is a set-and-forget
firewall, that's one of the things people comment on when posting about it on
WIlder's security forums (which is where I first learned about it when
looking for something better than ZoneAlarm).

And what happens after you've been running your computer for a while and
you discover that NONE of your software is performing back-door internet
access? What then is the usefullness of continuing to have the firewall
running?


Strange assumption. People tend to try new software frequently. And plenty of
stuff (like that early Sound Forge that I like so much) does try to go
online, most likely to upload a log of some internal failure. There could be
many reasons. I guess it all comes down to whether you're the kind of person
who likes to look both ways when crossing roads, or not. It's not an
expensive habit.

And again, a simple HOSTS file entry can achieve the same purpose as the
firewall would have - to prevent a given program from being able to
contact a specific host.


Now how would you KNOW what remote address some unexplained and unexpected
outbound was headed for unless you had something like LnS to tell you? Given
that the watcher on my gate only wants about 0.05% of machine time, and will
throw in an actual rugby tackle for free when required, I'd say that managing
a hosts file was a real annoyance in comparison, and is also redundant under
the circumstances.

It's never irrational to assert logic and facts into a discussion.


Kind of why I just said that...
  #38  
Old March 3rd 12, 09:06 PM posted to microsoft.public.win98.gen_discussion
Lostgallifreyan
external usenet poster
 
Posts: 1,562
Default How to gain access to websites that require latest Java installed

"J. P. Gilliver (John)" wrote in
:

And it's crazy to be so paranoid about stuff like that when your browser
is opening dozens of connections to beacons, click-trackers, and ad
servers when you surf the web.


I have lots of ad-blockers, a hosts file, and other tweaks, but you are
of course right, there is probably still lots going on from the browser.
However, I expect that - it's the function of a browser to go onto the
internet; when other software does, I am _interested_ to know that it is
doing so.


I recently put Proxoitron back in, to see how it went. Old rule sets slowed
web access right down, it was nasty. Opera is actually very good at handling
that problem, though I did see that Google (and the BBC) offered slightly
leaner, cleaner versions of their pages. (And a lot less of the 'slightly' in
the case of Google...) So I'll probably strip down the Prox filter set to the
minimum needed to give me those advantages. I don't like spending lots of
time on filters and firewall rules and such. What matters to me is that BOTH
tools are capable of very smart rulings, and remove the dependence on
specific browsers or other software to handle problems associated with web
access. The more I can make Prox do well, the less I have to agonise over the
minutiae of the about:config pages in various browsers. if Prox can do this
as efficiently as LnS, it will be worth keeping it. My only problem with
Proxomitron is that it is not a set-and-forget tool, it needs frequent
familiarity to keep its use an easy task. But even so, probably easier than
getting used to a new browser's methods. (And any opportunity to refresh
RegExp skills is a Good Thing).
  #39  
Old March 3rd 12, 09:30 PM posted to microsoft.public.win98.gen_discussion
Lostgallifreyan
external usenet poster
 
Posts: 1,562
Default How to gain access to websites that require latest Java installed

98 Guy wrote in :

Even back in the prime-time for Win-98, there wasn't much that
could touch it.


much? Or anything at all?


No network worms could touch win-98.


But could they have? I remember that Nimda and Code Red were maybe the first
big 'worm' craze. They hit W2K and WXP but not W98. They could infetc W98,
I think, but not do much with the infection, but I can't remember details of
why.

But that likely has more to do with worms still being new to most people (as
opposed to viruses which were older news). I think it had more to do with the
surge of unwary users getting online, rather than the technical details of
the OS's they chose. The coders will have aimed at the OS they were most
likely to use into the near future. Microsoft at that time were talking about
merging the home and business OS's into one based on WNT and W2K, so that,
rather than anything W98 specific, likely explains the targetting for the new
form of net-based attack called worms. Until that time, most attacks were
based on the machine under attack, and its contents. Later, the scope was for
harnessing its power on the net (remote controlled email spamming and
scamming, DDoS attacking, bot-nets, etc). All those abuses need many similar
machines, and as W98 was losing users fast, there was no point in aiming at
W98. But if they had, I'm sure it would have rolled over easily enough if
used as supplied, by those same unwary users.
  #40  
Old March 3rd 12, 09:31 PM posted to microsoft.public.win98.gen_discussion
J. P. Gilliver (John)
External Usenet User
 
Posts: 1,554
Default How to gain access to websites that require latest Java installed

In message , 98 Guy writes:
"J. P. Gilliver (John)" wrote:

Because of subscriber "churn" (customers moving, changing ISP's,
etc) it's likely that the numbers of old non-NAT modems in current
use in USA/Canada is likely very low.


Remember I'm not, I'm in UK. Though I suspect there aren't many of
those in use here either - partly for the reasons you mention and
partly because, I believe, they're not capable of the maximum speed
obtainable (on a good line) anyway; I think they're mostly if not
all USB 1.1, which is raw max.


I think I've had this conversation before regarding early DSL modems and
the USB interface.

My own experience from my first DSL modem back in the fall of 2001 is
that on this side of the pond, they all came with ethernet and maybe
some of the early ones came with ethernet *and* USB. It's not my
recollection that any of the older ones offered by any ISP came with
*only* USB.


I think they did he somewhat like a large mouse in appearance. You
did make me go rummage in my junk pile, as I am sure I have at least one
of them, but I couldn't. (I really must attack that pile sometime - must
learn about how to sell on ebay.) But I remember when they came out, and
even helping someone use one to set up. In those days, ISPs provided a
CD that you ran, and it did everything - load up the drivers, put the
relevant settings into the unit (actually, I don't think the unit had
any non-volatile RAM for such things, so they were loaded in each time
it was started), probably loaded some (bad) news and email clients and a
bodged version of IE, and so on. This ran - to my surprise, reasonably
trouble-free (I like you wasn't used to getting USB things working
without problems under '98); I suppose it was in the ISP's interest to
ensure that it did.
[]
The win-98 systems ran Norton Antivirus (dating from 2000, 2001 and
2002) and had their virus def'n sporadically updated during this 5-year
time span. They were never infected with anything. Sometimes the AV
caught a virus in incoming e-mail.


Yes, the only time I ever remember even seeing a virus was when I
exported an attachment from an unsolicited email to the desktop, and
pointed my then AV at it; I'd assumed it was a virus, and it was. That
was indeed in '98 days.

The NT and 2k systems were periodically hit with worms. I remember that
someone (or some group) was using one of our NT machines as a sort of
private file-server.


Hmm, so you could get at their files, presumably (-:!
[]
For others, specifically win-98 users, who feel naked and vulnerable
running their PC without a firewall, I guess those are the ones that I
can't relate to and for which most of my comments are aimed at.

[]
No; I think we're having a civilized discussion now!
(I just hope it's benefitting others too!)


We'll see...


LG is reading us (-:!
--
J. P. Gilliver. UMRA: 1960/1985 MB++G.5AL-IS-P--Ch++(p)Ar@T0H+Sh0!:`)DNAf

"Forget computers; it's hard enough getting humans to pass the Turing test."
- David Bedno
 




Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Point to the Best Page Ian H General 20 January 10th 07 10:34 PM
Point to Point Protocol over Ethernet (PPPoE) Dahmane Internet 1 November 30th 04 02:19 PM
keeps going back to home page mike Internet 1 September 15th 04 01:24 PM
Strange File in Windows registry that come back Jone Internet 1 September 5th 04 10:22 AM
strange vid problem, strange error heynow General 2 July 2nd 04 02:37 PM


All times are GMT +1. The time now is 04:14 PM.


Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Copyright ©2004-2024 Win98banter.
The comments are property of their posters.