Jump to content

Welcome to MSFN Forum
Register now to gain access to all of our features. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more. This message will be removed once you have signed in.
Login to Account Create an Account



Photo

What Firewall do you use in Win9x?

- - - - -

  • Please log in to reply
41 replies to this topic

#1
gkar

gkar

    Member

  • Member
  • PipPip
  • 104 posts
  • Joined 03-December 06
I currently use Netveda SafetyNet (free), seems to cause me no problems.

Have used Jetico PF (caused graphics problems in Doom3), Kerio 2.1.5 (intermittent bluescreens) and Sygate PF 5.6 (shuts down intermittlently or locks up), all have caused me problems of one type or another.

Edited by gkar, 23 November 2008 - 07:32 PM.

"Now that I'm dying I've never felt better!"
In Memory of Andreas Katsulas 1946-2006


How to remove advertisement from MSFN

#2
herbalist

herbalist

    paranoid independent

  • Member
  • PipPipPipPipPip
  • 740 posts
  • Joined 15-December 06
  • OS:98
  • Country: Country Flag
I use Kerio 2.1.5. It has always worked well for me. No problems on any OS I've put it on.
Rick

#3
alexanrs

alexanrs

    Member

  • Member
  • PipPip
  • 149 posts
  • Joined 30-August 05
I use my router xDDDDDDD

#4
gkar

gkar

    Member

  • Member
  • PipPip
  • 104 posts
  • Joined 03-December 06
I use both :-)
"Now that I'm dying I've never felt better!"
In Memory of Andreas Katsulas 1946-2006

#5
thydreamwalker

thydreamwalker

    teddybearguru7

  • Member
  • PipPip
  • 252 posts
  • Joined 14-November 07
  • OS:Windows 7 x86
  • Country: Country Flag
:whistle: ZALARM 37 and WiseRegistryCleaner ,YahooCA SpyRemover with 98SE using 98ME's Defrag & Scandisk with a hand fulla bandaids and prayers; my 6 98SE/MoBo's survive an insane unsecure internet enviroment :thumbup (p.s.:any browser than IE6sp1,if at all feasible!!!PreferOpera9.52or9.62)

Edited by thydreamwalker, 24 November 2008 - 12:51 AM.

thydreamwalker

#6
monroe

monroe

    Friend of MSFN

  • MSFN Sponsor
  • 946 posts
  • Joined 21-May 07
  • OS:XP Pro x86
  • Country: Country Flag

Donator

... I use an older version of ZoneAlarm ... before all the bloated and resource hog versions started. If you use Memload you can check the various firewalls ... I think this version was as good as Kerio 2.1.5 on resources. Works great on Windows 98SE and easy to get going "out of the box". I have the PRO version but the free version is just as good:

ZoneAlarm v4.5.594.000 .... the download link at ZoneAlarm still works ... wouldn't be a bad idea to download a copy and put it away somewhere to have for the future, if you decide one day to check it out. I can't say if it would work "very well" on a newer OS but for Windows 98SE, it's great. It is strictly a firewall ... nothing else ... no anti-virus or other junk included, as I said before, ... before all the bloat was added.

http://download.zone...aseHistory.html ....

gkar .... what version of NetVeda Safety.Net do you use? ... the newer version (s) might not be working with Windows 98SE ... this was posted on Google. I may experiment with it and check to see how much resources it uses ... I like programs that get the job done using few "resources" as possible and very little (or no) bloat.

------------------------------------------------------------------------------------------------------------------
Version: NetVeda Safety.Net 3.8

"Causes Shutdown Problems"

by Mike98 on October 10, 2007

Cons: Netveda Safety.Net 3.80.0001 causes Windows 98SE to crash during shutdown of Windows. This is very disappointing, because it looked like a good firewall, especial ideal for older operation systems like 98SE, where not a lot offer is.

Was this review helpful? YES | NO
--------------------------------------------------------------------------------------------------------------------

Please post your version.

Edited by duffy98, 04 December 2008 - 10:43 AM.


#7
gkar

gkar

    Member

  • Member
  • PipPip
  • 104 posts
  • Joined 03-December 06
^^ Netveda Safetynet 3.80.0001, no shutdown problems for me. Seems light on resources. Gets along well with Avast AV Free.

Edited by gkar, 24 November 2008 - 06:30 AM.

"Now that I'm dying I've never felt better!"
In Memory of Andreas Katsulas 1946-2006

#8
monroe

monroe

    Friend of MSFN

  • MSFN Sponsor
  • 946 posts
  • Joined 21-May 07
  • OS:XP Pro x86
  • Country: Country Flag

Donator

gkar .... thanks for the info. I never heard of that firewall and will experiment with it, if it isn't too complicated setting it up. ... yeah, maybe that guy's computer was all messed up to begin with .... I didn't find anymore complaints ... I will check the resources used with Memload ... neat little program that works with Win 98SE .... gives you a reading on all programs running so you can see what uses what! Hard to find a download link these days but there are a few around.

#9
gkar

gkar

    Member

  • Member
  • PipPip
  • 104 posts
  • Joined 03-December 06
I'll check out memload if I can find it, thanks. Safetynet is easy to setup, just choose the adapter you want to bind it to. That's it. You can go into finer detail with it but to get it up and running is just choosing the net adapter after the reboot.
"Now that I'm dying I've never felt better!"
In Memory of Andreas Katsulas 1946-2006

#10
monroe

monroe

    Friend of MSFN

  • MSFN Sponsor
  • 946 posts
  • Joined 21-May 07
  • OS:XP Pro x86
  • Country: Country Flag

Donator

.... I thought I had better give more info on the version of Memload I am talking about ... I did a Google search and found another version of something with the same name ... the version for 98SE is Memload v2.0 (July 2001) ... it is only 28 KB in size ... After several dead links I found a link in a foreign language that has the download.

... http://nosetup.org/programa/59 ..... in the Description top part click on "Descarga" .... that is still a good

download link and that is Memload. .... grab it while you can .... you can check all active running programs or compare one program version against another to check resources. May not be all that important but it can be interesting to see how many resources a program uses. What language is that ? ... Spanish ??

Hope this is helpful.

Edited by duffy98, 24 November 2008 - 08:37 PM.


#11
gkar

gkar

    Member

  • Member
  • PipPip
  • 104 posts
  • Joined 03-December 06
Thanks for the link to Memload, nice little proggie!
"Now that I'm dying I've never felt better!"
In Memory of Andreas Katsulas 1946-2006

#12
Analada

Analada

    Member

  • Member
  • PipPip
  • 151 posts
  • Joined 10-December 06
If anyone wants to have their firewall/win98 system checked out, there's a useful (IMO) resource here:

www.grc.com

Click to enter, then scroll down to "Hot Spots" and "Shields Up". There's other resources on this site, including free downloads.

#13
Ninho

Ninho

    Member

  • Member
  • PipPip
  • 166 posts
  • Joined 05-March 06
Kerio 2.1.x of course! Never a problem on Win 9x (nor on Windows 2000).

Analada : I concur, grc's Shield's Up! is a good resource for testing firewall settings,
and generally http://www.grc.com is an interesting place to visit and peek around...

cheers,

#14
herbalist

herbalist

    paranoid independent

  • Member
  • PipPipPipPipPip
  • 740 posts
  • Joined 15-December 06
  • OS:98
  • Country: Country Flag
Except for one very odd WinME unit, the only thing I'm aware of Kerio 2.1.5 clashing with is a defragmenter, Perfect Disk I believe. Other than that, I haven't seen it conflict with anything. Some others haven't been so fortunate but that can happen with any software.

Shields Up is OK for scanning the lower ports. Beyond port 1055, it can only scan 64 ports at a time. Scanning all the upper ports with Shields Up would take forever. The port scanner at AuditMyPC scans ports 2500 at a time. It doesn't show "stealth", only open or closed. Stealthed ports are not as important as GRC makes them out to be. Most trojans use ports above 1055 which are too time consuming to scan at GRC. Some DSL modems and routers have an open port in the upper ranges too, especially ones supplied by ISPs. Scanning all the upper ports may surprise you.
Rick

#15
98Guy

98Guy

    Junior

  • Banned
  • Pip
  • 69 posts
  • Joined 24-August 08
Windows 98 doesn't need a firewall.

I've never known anyone running a firewall (9x, 2K, XP, etc) that's ever had their firewall alert them of any real malware threat.

If you're running a firewall, it's mainly because you are a control freak and want to prevent various third-party accessories, utilities, etc (adobe, flash, quicktime) even m$ software from "phoning home". That's ok, if you want to preoccupy yourself with petty stuff like that, but a software firewall isin't going to really give a win-98 system any protection from malware.

To keep junk like port scans and intrusion attempts off your local home or SOHO lan, you use a NAT router. Once you've got that, your software firewall won't see any incoming unsolicited attempts.

And your software firewall won't keep malware OFF your system. if your software firewall tells you that there's some unauthorized outgoing attempts, then your system has already been hacked, and you're lucky your software firewall is telling you because odds are the malware will deactivate your firewall anyways (along with your AV software).

#16
herbalist

herbalist

    paranoid independent

  • Member
  • PipPipPipPipPip
  • 740 posts
  • Joined 15-December 06
  • OS:98
  • Country: Country Flag
A software firewalls primary duty is controlling traffic, not keeping malware off of your system. If a software firewall is detecting unexpected outbound traffic, then the rest of the security package or the user has failed to protect the system. Hardware firewalls which includes routers, and software firewalls fill different roles. Hardware firewalls can only control traffic on a global level. A software firewall can control traffic for individual applications. Some call that being a control freak. I call internet access control a necessary part of my security policy.
Rick

#17
gkar

gkar

    Member

  • Member
  • PipPip
  • 104 posts
  • Joined 03-December 06

A software firewalls primary duty is controlling traffic, not keeping malware off of your system. If a software firewall is detecting unexpected outbound traffic, then the rest of the security package or the user has failed to protect the system. Hardware firewalls which includes routers, and software firewalls fill different roles. Hardware firewalls can only control traffic on a global level. A software firewall can control traffic for individual applications. Some call that being a control freak. I call internet access control a necessary part of my security policy.
Rick


Agreed.....
"Now that I'm dying I've never felt better!"
In Memory of Andreas Katsulas 1946-2006

#18
Dude111

Dude111

    Banned

  • Banned
  • PipPip
  • 297 posts
  • Joined 01-October 08
  • OS:none specified
  • Country: Country Flag

ZoneAlarm v4.5.594.000 .... the download link at ZoneAlarm still works ... wouldn't be a bad idea to download a copy and put it away somewhere to have for the future, if you decide one day to check it out. I can't say if it would work "very well" on a newer OS but for Windows 98SE, it's great. It is strictly a firewall ... nothing else ... no anti-virus or other junk included, as I said before, ... before all the bloat was added.

That link doesnt load @ the moment..

Here is a link right to this version > http://oldversion.co...e9744ee5f2a2221


Is this the LAST GOOD VERSION of Zonealarm??

It might run well on a newer OS in "Compatibility mode"..

#19
monroe

monroe

    Friend of MSFN

  • MSFN Sponsor
  • 946 posts
  • Joined 21-May 07
  • OS:XP Pro x86
  • Country: Country Flag

Donator

Dude111

.... yes, you are right about that link "not" working anymore. It did work when I posted the earlier message. It has worked for well over a year. Maybe it is only temporary or maybe ZoneAlarm shut it down because of increased traffic for that "older" version. Who knows ...

... I have never tried that version on a "newer" OS ... it may work perfect on a newer OS, I am strictly a "modern day" Windows 98SE person ... meaning I keep up with all MDGx updates and other programs that people mention that sound interesting for 98SE.

.... I remember back when ZoneAlarm started to make some drastic changes in their program .... after the v4.5.594.000 ... people were complaining about all kinds of problems ... it was slow, it didn't work, it was bloated ... they went through one version very fast and started a newer version number very fast to answer some of the complaints. I had read some time back (Google) when I was doing some firewall research that many people liked this older version of ZoneAlarm since it was sort of the last version of a "pure" ZoneAlarm firewall before they started to fool around with it. Also, if I remember ZoneAlarm was bought out somewhere after that version came out and we know what can happen when a company, who has a nice program, changes hands .... things usually go downhill with add-ons and bloat.

As for the newer versions of ZoneAlarm, maybe they are perfect for XP and Vista ... hopefully I will never know ... as long as we have MDGx, herbalist, Charlotte, and so many others, including you ... working to keep Win 98SE humming along in the new century. ... it's not perfect, never was completely perfect ... but considering the alternative ... well, !

..... thanks for posting the new link to v4.5.594.000 ... maybe the old one will work again or it might be gone for good ... ZA could be working on their site over the holiday or perhaps they were "alarmed" at all the interest in an older version of ZoneAlarm ....

Who can say ...

*** I was checking the number of "reads" on this firewall topic ... over 400 ... if 50% of those people decided to download that version, either to try it or just put a copy away .... the page might be gone for good.

Edited by duffy98, 29 November 2008 - 05:48 AM.


#20
98Guy

98Guy

    Junior

  • Banned
  • Pip
  • 69 posts
  • Joined 24-August 08
> A software firewalls primary duty is controlling traffic, not keeping
> malware off of your system.

I said exactly that in my previous post, except that I made a distinction between in-bound and out-bound fire-walling.

In-bound fire-walling _will_ keep malware off your system (network worms) but the degree to which your system is vulnerable to them will depend mainly on what OS you're running.

> If a software firewall is detecting unexpected outbound traffic,
> then the rest of the security package or the user has failed
> to protect the system.

I said exactly that.

> Hardware firewalls which includes routers, and software firewalls
> fill different roles. Hardware firewalls can only control traffic on a
> global level. A software firewall can control traffic for individual
> applications.

A software firewall's in-bound filtering is exactly comparable to a hardware device's in-bound filtering in terms of scope and function.

If you have a NAT router, then half the capability or functionality of a software firewall (in-bound fire-walling) has been rendered irrelavent and useless and nothing more than a drain on system resources.

> Some call that being a control freak. I call internet access control
> a necessary part of my security policy.

You just admitted that a software firewall is not part of a system's security infrastructure, because it doesn't directly detect the presence of malware or keep it off a system. So it's not really part of a system's security infrastructure.

How many times has it alerted you (or anyone else reading this) to suspicious activity that you later discovered was malware related (viral, trojan, etc) ??

You also disregard the fact that software firewalls (like AV software) are usually deactivated by active malware that has just infected a system.

You might consider the automatic contact that certain trusted software makes with the outside world to be a security issue (MS WGA or other checks, Adobe, Quicktime, Java update checks, etc) but it's nothing more than micro-management of the system and has nothing at all to do with security.

This thread started with the question "What firewall do you use in Win9x". A better question would have been "why do you use a firewall with Win9x". I bet many people think that firewall software is as much a normal or necessary part of a (win-98) system as AV software is, which is naturally not correct by a long shot.

#21
Sweet William

Sweet William

    Newbie

  • Member
  • 25 posts
  • Joined 19-July 08
Hey 98GUY,

Granted, you can run your system any way you like and so can everyone else. I can't even begin to imagine what spawned some of the points you express. I'm just glad you are not my sys admin.

--
Sweet William

#22
herbalist

herbalist

    paranoid independent

  • Member
  • PipPipPipPipPip
  • 740 posts
  • Joined 15-December 06
  • OS:98
  • Country: Country Flag
OldVersion has links to quite a few versions of ZA, all the way back to 2.0. http://oldversion.co...am.php?n=zalarm

You just admitted that a software firewall is not part of a system's security infrastructure, because it doesn't directly detect the presence of malware or keep it off a system. So it's not really part of a system's security infrastructure.

How do you get that out of what I posted? There's more to security than keeping malware from gaining access to your system via an internet connection or detecting its presence on your system. It also includes keeping your data and personal info from being sent out of your system. It includes preventing unwanted changes from being made to your system. It's keeping nosy users out of your data. It's preventing software vendors, websites, etc from monitoring your habits and usage. It's preventing adware and spyware (that an AV doesn't detect) from connecting out and either burying you with popups or downloading more adware. I consider security and privacy to be one and the same. If your PC isn't secure, nothing you do with it or keep on it is private.

How many times has it alerted you (or anyone else reading this) to suspicious activity that you later discovered was malware related (viral, trojan, etc) ??

Yes, I have seen a software firewall alert to the presence of a trojan that the resident AV missed, twice as a matter of fact. On both occasions it was a PC I was servicing for someone else. Both had up to date AVs. When I installed a firewall on them, it immediately alerted to the suspicious traffic.

You also disregard the fact that software firewalls (like AV software) are usually deactivated by active malware that has just infected a system.

Yes, some malware does that. Most of that malware doesn't target 9X. That problem can be somewhat addressed by a system policy that limits what can run, but an application firewall or HIPS gives very good protection against the termination of an AV or firewall on several layers. There's even a system scheduler that has a "watcher" function that can be used to restart an AV or firewall if they're terminated.

You might consider the automatic contact that certain trusted software makes with the outside world to be a security issue (MS WGA or other checks, Adobe, Quicktime, Java update checks, etc) but it's nothing more than micro-management of the system and has nothing at all to do with security.

When "legitimate" software updates or alters your system without asking your approval, it is very much a security issue. It's becoming common for the updates of legitimate software to break functions on 9X systems. Example, Flash Player updates after 9.0.47 makes sites like this one unusable with 9X systems. I don't believe that this is accidental or that it's the result of fixing something for its use on newer systems. I think it's deliberate and is intended to make 9X systems less functional so that users will update. IMO, that makes it a security issue.

Malicious code can also exploit legitimate processes and applications, and not just Internet Explorer. On 9X systems, rundll32.exe is exploited for such purposes, much as svchost.exe is exploited on XP. Hardware firewalls are no help here but a software firewall can be. For me, this comes down to a much more basic issue, namely: who decides what is allowed and what isn't. A software vendor can claim that they own the software but I own the PC it's installed on. I will decide what it does, how it's used, when and if I update, what activities are permitted on it, etc, and I will enforce that on software vendors and users alike. To me, this isn't micromanagement. It's maintaining control over what I own.

A software firewall's in-bound filtering is exactly comparable to a hardware device's in-bound filtering in terms of scope and function. If you have a NAT router, then half the capability or functionality of a software firewall (in-bound fire-walling) has been rendered irrelavent and useless and nothing more than a drain on system resources.

Not true. While both can be configured to permit inbound traffic on a specific port, using a specific protocol, and coming from a specific IP address or range, only the software firewall can allow it for a specific application and not the rest of the applications and system components on the PC.

A firewall like Kerio 2.1.5 is extremely light and has little if any effect on system resources. On my 98 box, Kerio uses 1.7MB, slightly over 1% of my physical memory. I've installed in on Win98 PCs with 32MB of RAM and had no problems. When well configured, a software firewall can actually speed up your browser slightly by preventing other processes from wasting the bandwidth. A DSL user won't notice it, but a dialup user can feel the difference.

9X users are faced with many vendors dropping support. There aren't many AVs left to choose from. It's also a fact that AVs don't catch everything, especially adware. IMO, the loss of AV support makes a software firewall more important. When combined with an application firewall, the user has a very effective security package. A software firewall may not be the solution to all security problems, but they're by no means useless. Given a choice between an AV and a software firewall, I'll choose the firewall.
Rick

Edited by herbalist, 28 November 2008 - 06:51 PM.


#23
Tarun

Tarun

    Spectre

  • Super Moderator
  • 3,189 posts
  • Joined 27-January 04
  • OS:Windows 7 x64
  • Country: Country Flag
I think the best idea would be to update the OS to something more modern and secure like XP or Vista, than to keep running on the 9x kernel.

#24
herbalist

herbalist

    paranoid independent

  • Member
  • PipPipPipPipPip
  • 740 posts
  • Joined 15-December 06
  • OS:98
  • Country: Country Flag
The moment the thread gets moved out of the 98 section of the forum, the "get with the times" posts start.

#25
98Guy

98Guy

    Junior

  • Banned
  • Pip
  • 69 posts
  • Joined 24-August 08

The moment the thread gets moved out of the 98 section of the forum, the "get with the times" posts start.


Why was it moved?

Who moved it?

This was specifically a win-98 discussion about firewall software. Moving it to a non-win-98-centric forum has the effect of watering it down and introducing tangents.

> > A software firewall's in-bound filtering is exactly comparable to a
> > hardware device's in-bound filtering in terms of scope and function.
> > If you have a NAT router, then half the capability or functionality
> > of a software firewall (in-bound fire-walling) has been rendered
> > irrelavent and useless and nothing more than a drain on system
> > resources.

> Not true. While both can be configured to permit inbound traffic
> on a specific port, using a specific protocol, and coming from a
> specific IP address or range, only the software firewall can allow
> it for a specific application and not the rest of the applications
> and system components on the PC.

Give me an example of opening up a *specific port* on a router for inbound connections, aimed directly at a specific machine on the local lan, where that open port will pose a risk to that specific machine because a specific app on that machine can't be isolated as the only app that should receive connections on that port.

In other words, if I am running an app that expects unsolicited inbound connections on a certain port, and if I enable that port on my router to pass those unsolicited connections through to the machine in question, then what are the odds that some future piece of malware will be running on the machine and also be expecting unsolicited inbound connections *on the same port* ? That is the *only* situation where a NAT router is different than a software firewall.

The overwhelming majority of people with nat-routers never configure them to allow unsolicited inbound connections anyways because they never have any reason to do so.

I still say that the inbound firewalling that a NAT-router does is exactly equivalent to what a software firewall does, and that if you already have a NAT-router then half of the functionality of a software firewall will never be used, but that half will still be present and will be degrading system performance. And I still say that the other half of what a software firewall does (out-bound filtering) is one of the most useless things that can be running (on a win-98 system) in the name of system security.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users