If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|
Thread Tools | Display Modes |
#41
|
|||
|
|||
"Disconnect" from Web using DSL
On Sun, 06 Nov 2011 12:59:58 -0500, 98 Guy wrote:
snip I said that firewall software running on win-98 was useless. I asked you if KPF running on your win-98 system has ever detected and stopped malware from making a connection to the internet. You came back and started talking about your experience with KPF on XP. You have done nothing to change my opinion that there are simply no threats to win-98 systems to be found on the web that makes it worth while to run firewall software. Hello, I seem to remember that in another post you indicated that there are no threats *if* they are behind a NAT router. What are the threats if they are *not* behind a NAT router? Any that made the news? Thank you. Geo (Posted using Free Agent on Win 3.1) |
#42
|
|||
|
|||
"Disconnect" from Web using DSL
|
#43
|
|||
|
|||
"Disconnect" from Web using DSL
"\"GEO\" wrote:
I seem to remember that in another post you indicated that there are no threats *if* they are behind a NAT router. What are the threats if they are *not* behind a NAT router? Any that made the news? Here's my experience. Between July 2000 and December 2005, our office had a dedicated IP subnet for our connection to the internet. We had an allocation of 64 IP addresses, and each and every computer had it's own routable IP address. There was no NAT-router in this picture. We had a mix of computers in the office, about a dozen running win-98, 2 or 3 running NT4, 3 or 4 running Win-2K (we did not really start running XP in our office until 2006, and even then only a couple of developer systems). This was arguably the most vulnerable time to be running win-98, given that it was still being run on many computers at home and in offices around the world and therefore was a target for malware writers. None of our win-98 computers ran firewall software. They did run Norton Anti-virus, but hardly ever detected anything (what-ever they did detect came as e-mail attachments). None of the win-98 computers were "infected" by network worms during this time, but several of our NT4 and Win-2K computers were. When you're talking about firewalls and NAT routers, there are two different aspects to consider: In-bound fire-walling and out-bound fire-walling. A software firewall running on a computer can perform both types of protection. A NAT-router is by default an in-bound firewall only. So a NAT-router can prevent vulnerable machines from being exposed to network worms (of which there were about 3 or 4 different worms deployed by hackers during the time-frame 2000 - 2005). Since we did not have NAT-routing on our LAN, we were vulnerable to those worms, and like I said, several of our NT4 and Win-2K machines was hit by some of them. None of our Win-98 machines were. All the reading I've done about these worms also indicates that win-98 was not vulnerable to these worms. Hence to answer your question about running win-98 with no firewall software and no NAT-router, my answer would be that win-98 has never been vulnerable to any known network worm, and hence a NAT-router provides *no known* protective benefit for Windows 98. That said, every unsolicited packet that hits your computer requires some CPU processing time for the computer to deal with, so from an efficiency POV there are advantages in keeping unsolicited packets from getting past your modem into your local LAN. And one last thing. Your question is posed as if you have the option (or the desire) to connect a win-98 machine to the internet without using a NAT-router. That course of action is highly suspect, or at least is atypical, because (a) it would be unusual to find a consumer-grade modem in current use that does not impliment NAT-routing, and (b) you can only connect one device to the internet if you don't have (or if you turn off) your modem's NAT funtions - something that many home and soho situations would find unacceptable. You would not be able to have wifi, for example, without NAT-routing also being implimented. |
#44
|
|||
|
|||
"Disconnect" from Web using DSL
Lostgallifreyan wrote:
What are the threats if they are *not* behind a NAT router? Any that made the news? I doubt the news would tell us if they had. Wrong. What a bone-head statement. There are many sources of information and third parties that do nothing else but perform threat analysis and network reconnaissance and publish their results on a daily or weekly basis. They go into great detail to explain the conditions by which newly discovered threats interact with systems to gain entry and control over them. They enumerate which operating systems are vulnerable to which newly-discovered threats (worm, trojan, virus, etc). We don't get told the methods used when govt or banking sites get hacked. Not knowing how any given site or company was comprimized doesn't mean we (the public) have no knowledge of the agent that was used. If there are N possible threats that can be used against Bank X, and if there is public knowledge of how all of these N threats work, then there is no consequence that Bank X doesn't tell us which of the N threats was used against it. We (the public) still know how it was done (because we know *all* the ways it could have been done). But as they usually have to start with malformed packets to find some crack in the armour When it comes to infiltrating something like a bank, a credit-card processor or major e-commerce site, the method used is almost always from within - someone on the inside lets the malware enter or plants it directly. Some people find network routing hard to do, so many may just set their routers to DMZ for some machine so it appears to work better online. I find that statement highly suspect. The vast majority of consumer-grade modems are designed to "just work" out of the box, with the correct settings, to minimize the need for consumers to monkey with them. The vast majority of consumers will never need to open any ports. It's better to do port forwarding to keep port scanners from getting easy pickings, but not many people will do this. Contrary to popular believe, the vast majority of consumers do not partake in bit-torrenting (one of only 2 activities for which port-forwarding is used, the other being on-line gaming). As port forwarding IS often needed as part of NAT setups, WRONG WRONG WRONG. Why don't you explain what ports the average home or soho user needs to forward. this is why I strongly recommend a firewall like LnS. Your argument is not well founded and hence your advice is unsupported. Without a good firewall, even with NAT, a machine is sitting waiting to be hit by a patient invader Again, that couldn't be further from the truth. Just a complete lie. |
#45
|
|||
|
|||
"Disconnect" from Web using DSL
|
#46
|
|||
|
|||
"Disconnect" from Web using DSL
"J. P. Gilliver (John)" wrote:
What are the threats if they are *not* behind a NAT router? An interesting question - because at the time of the overlap of 98 and consumer broadband, the default modem for many (including many ISPs) was the SpeedTouch 330 or clones thereof - USB-powered, I first subscribed to aDSL broadband in the fall of 2001, and my modem probably was a speedtouch, but most assuredly it (and any modem I've had since) was always wall-powered and had an ethernet connection (don't know if the first one also had USB). I would not expect broadband modems in the 1998 - 2002 era would have had USB as it's only available interface to a customer computer. There would have been a lot of confusion about USB-1 vs USB-2 (an issue for win-95 machines and possibly also for people running win-98 first edition) as well the added hassle of driver installation. I agree that the first generation of consumer modems either did not do NAT, or it was disabled by default. I seem to recall that some ISP's tried to leverage the modem's ability to do NAT by offering it at additional monthly cost (perhaps as part of an "internet security package" or feature). And I've already answered the question about running win-98 "naked" on the internet with a directly routable IP address without a firewall. My experience is that there were no implications or downside to doing it. Network worms really didn't emerge as a threat until they began hitting NT4 and Win-2K machines. In fact, the term "Internet Survival Time" was coined as a measure of how long it took for a default install of Win-2K to be infected with a worm before it's owner had a chance to finish downloading and installing all available patches and updates. |
#47
|
|||
|
|||
"Disconnect" from Web using DSL
In message , 98 Guy writes:
"J. P. Gilliver (John)" wrote: What are the threats if they are *not* behind a NAT router? An interesting question - because at the time of the overlap of 98 and consumer broadband, the default modem for many (including many ISPs) was the SpeedTouch 330 or clones thereof - USB-powered, I first subscribed to aDSL broadband in the fall of 2001, and my modem probably was a speedtouch, but most assuredly it (and any modem I've had since) was always wall-powered and had an ethernet connection (don't know if the first one also had USB). I would not expect broadband modems in the 1998 - 2002 era would have had USB as it's only available interface to a customer computer. There Well, I can't date the period, but there definitely was a - fairly brief, I think - time here in the UK when the default offering from ISPs _was_ a USB-powered one. would have been a lot of confusion about USB-1 vs USB-2 (an issue for win-95 machines and possibly also for people running win-98 first edition) as well the added hassle of driver installation. There was. But that was still in the time when you tended to get a CD from your ISP. ISTR they tended to specify 98SE as the minimum. [] And I've already answered the question about running win-98 "naked" on the internet with a directly routable IP address without a firewall. My experience is that there were no implications or downside to doing it. Well, I don't think I ever ran broadband without it, but nasties were certainly _around_ in dialup days, and I never caught one then (despite being more the target then): I think just normal sensible computing practices served. Or maybe I was lucky. Network worms really didn't emerge as a threat until they began hitting NT4 and Win-2K machines. In fact, the term "Internet Survival Time" was coined as a measure of how long it took for a default install of Win-2K to be infected with a worm before it's owner had a chance to finish downloading and installing all available patches and updates. ISTR claims that it wasn't possible to finish that before infection - I think that's what you're saying. -- J. P. Gilliver. UMRA: 1960/1985 MB++G.5AL-IS-P--Ch++(p)Ar@T0H+Sh0!:`)DNAf A language is a dialect that has an army and a navy. -Max Weinreich, linguist and author (1894-1969) |
Thread Tools | |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
Shutting off Keyboard Language Icon "EN" in systray "Internat.exe" | Dr. Dos | Disk Drives | 2 | July 11th 08 05:44 PM |
Networking Card 3Com "3C905B-TX": File "el90xbc5.sys" not found | MB[_2_] | Internet | 11 | August 10th 07 06:18 PM |
"Himem.sys fehlt", "Steuerung der A20-Leitung nicht möglich!!" - und dann nichts gewesen? | Alex Wenzel | General | 7 | March 8th 06 07:01 PM |
"Initial" Track on CD Rom Disk (Physical Stop or "Seek") | Brad | Disk Drives | 1 | February 28th 06 06:27 PM |
PDF File "NOT Valid win32 Application" for" My Documents" Double C | Dr. H.Mak | General | 12 | October 26th 05 07:50 PM |