JorgeA, on 05 June 2010 - 10:36 PM, said:
Check out page 70 of the PDF to the manual. The general firewall settings menu is just like the one I saw when I went into my box's configuration application. Now, you'll see that the default setting is "No Security." Yet, as I said before, my PC's did pretty well on the Gibson tests. Two questions: Could that be thanks to the software firewalls -- and, if I were to uninstall them, then which of those security settings would I choose to emulate the level of protection that the current firewalls are providing?
The Security settings on the modem (as described on page 70) really makes no sense. For example, the default: "No Security (None) is ProLine’s factory default security setting. Firewall is disabled. (All traffic is passed)"
That doesn't make sense. If all traffic is passed, then where exactly will it pass unsolicited inbound traffic to? To which local LAN ip will it pass any unsolicited packets? Without configuring any port-forwarding rules, I don't see how it can pass any unsolicited inbound packets at all. If someone else has an explanation for the security settings on this modem, please explain.
JorgeA, on 05 June 2010 - 10:36 PM, said:
On the other hand, since the software firewalls are already in place, one could say that there's very little additional time and effort involved in keeping them running. So isn't it possible that the question boils down to whether you want to dedicate resources on a Win98 machine to a firewall?
If you had a direct connection to the internet (which you would have had on dial-up) then it's your call as to whether or not you run a firewall on a win-98 system. But once you're behind a NAT-router, the use of a software firewall on a win-98 system is a complete waste of system resources if your usage is purely for security. If your intent is for program control (ie - to prevent certain apps from "calling home") or you frequently test new programs for undesirable out-bound transmission behavior, then the use of a software firewall in that instance is useful to you. If it were me, I would simply modify the program's settings so it does not "call home" instead of using a firewall.
I ran a small network of about a dozen win-98 machines (and a few NT and win-2K machines) from mid-2000 to the end of 2005 (about 5.5 years straight) and all machines had their own direct internet IP address (no NAT router). That was arguably the most vulnerable period in the life span of windows 98 to have a machine directly exposed to the internet. The win-98 systems experienced no intrusion. We had a few instances of our NT and 2K machines becoming infected with something - but I don't know if it was the result of not having a firewall on those systems, or because of user-facilitated activity (web surfing, e-mail, etc).
JorgeA, on 05 June 2010 - 10:36 PM, said:
One last thing (for now, anyway). I assume that none of this affects the wisdom of running antivirus/antimalware applications, as opposed to a firewall?
I believe that Anti-virus apps are far less useful today, on win-98 systems, then they were say during 2002 - 2006.
Since 2006, many viral / trojan threats are polymorphic and AV software has a very poor record of detecting them during the first week or month of their existance. We get a lot of spam on certain e-mail addresses (about 50 - 75 spams per day) and usually get 1 to 2 spams per day that contain a viral attachment. I submit those viral files to virustotal.com and they are scanned by 40 AV apps (all the major AV programs plus lots you've never heard of). The detection rate is usually about 5%. If I scan the same file a month later, the detection rate will be 50 - 75%.
So you've got the following to consider:
1) Relatively poor initial AV detection rates for new malware
2) Most or all new exploits are written for NT-based OS's and simply don't function on win-98
3) Many exploits can successfully deactivate your AV software just like they can deactivate your firewall (assuming the exploits even run on a win-98 system in the first place)
Combine all three, and you come to the conclusion that running an AV app on a win-98 system has only marginal benefit.
If you want to secure your machine against malware, do the following:
1) obtain and use a hosts file. Look at MVPS.org.
2) perform Spybot SD browser innoculation.
3) uninstall ALL versions of JAVA JRE and either (a) don't run the java JRE or (b) only keep the most recent version installed on your system (see below for more instructions about Java)
4) disable .PDF file handling by your broswer. Set your browser's pdf file handling option to "save as file" instead of "launch with adobe acrobat".
5) consider replacing adobe acrobat with another pdf viewing program. Regardless of which pdf program you use, disable it's java script option.
6) run a real-time registry monitoring program. Spybot's TeaTimer option, for example.
7) put a NAT-router between your PC and your cable or DSL modem (or turn on your modem's NAT functionality). If the IP address of your PC begins with 192.168.x.x then you already have a NAT-router somewhere in your network.
8) consider running a browser-protection program called NoScript. It might make your web-surfing a bit of a pain, but it will provide a moderate amount of protection against rogue scripts found in web content.
9) obtain and run some registry files or hand-alter some of your registry keys to absolutely disable the "auto-run" feature on all drives and removable media.
10) disable all unnecessary services running on your system (if you're running XP or Vista). Disable the IPC$ network share and all administrative shares while you're at it.
11) if your modem or router has uPnP function, disable it. Consider disabling the uPnP service if it's running on your machine.
------
Windows 98 came with an old version of java that can be (or should be) uninstalled. Do this first before you install any newer version from Sun (now known as Oracle):
To get rid of the version of java that came with Windows 98, do this:
- Click Start, Run and enter this:
- RunDll32 advpack.dll,LaunchINFSection java.inf,UnInstall
You may (or will) see a message saying "If this component is uninstalled, Microsoft Internet Explorer will not be able to download files from the World Wide Web. Do you want to uninstall the Microsoft VM?"
- Click Yes to confirm the uninstall, and restart your system when it's complete.
- Delete the following folders if they are still present:
c:\windows\java
c:\windows\inf\java.pnf
c:\windows\system32\jview.exe
c:\windows\system32\wjview.exe
- Click Start, Run and enter regedit to start the Registry Editor. Browse to the following keys, highlight and delete them:
HKEY_LOCAL_MACHINE\Software\Microsoft\Java VM
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet_Explorer\AdvancedOptions\JAVA_VM
- Now go to your Add/Remove programs and look for any instance of "Java Runtime" or "J2SE Runtime" and uninstall them. All of them - except if one of them is version 5.0 Update 22 (keep that one if you have it).
- If you've deleted all Java Runtime versions, and if you don't have version 5 Update 22, then download and install that version using this link:
http://cds-esd.sun.c...dows-i586-p.exe
Frontpage
Forums
Tutorials
Members
Calendar
Subscription
Donate
Links
Contact 
Help
Back to top
