Windows 95/98 Computer Security Information This document is written for users of Microsoft Windows 95/98. What can I do to better secure a computer running Windows 95/98? Prevention
The best way to secure your computer is to prevent intruders from attacking your system in the first place. To do this, install current patches for your operating system and your applications. Beyond patches, be aware of the types of attacks and vulnerabilities used by intruders, install only the applications you really need, and back up your data regularly.
As there is an increase in digital subscriber line (xDSL) and cable modems more home computers are constantly connected to the Internet. Consider setting up a firewall to prevent intruders from breaking into your computer.
formatting link
Software firewalls are a good choice for single computers, and they work well with Windows 98, Windows ME, and Windows 2000.
formatting link
If you have a computer with Windows 2000 Professional, Windows Millennium Edition (Me), Windows 98, Windows 95, or Windows NT, you should get and install either a hardware or software firewall. The following resources provide more information about some firewall options.
formatting link
SUMMARY: Updated firewalls can help protect you from spyware and adware. If you connect to the Internet, you should use a hardware and/or software firewall.
Period.
Firewalls can help protect your machine from spyware and adware in several ways:
formatting link
A firewall is a piece of software or hardware that creates a protective barrier between your computer and potentially harmful content on the Internet. It helps guard against hackers, and many computer viruses and worms. If your computer is running Windows 98, Windows 95, or Windows NT® 4.0, Microsoft recommends that you get and install either a hardware or software firewall before connecting to the Internet.
formatting link
I could go on posting this stuff for hours but I think my point is proven already.
I totally agree with you.A trojan doesnt care what operating system you have or what connection you have.It amuses me that many of the anti- application firewall brigade says you shouldnt need an out bound filtering firewall or indeed any firewall, because by being careful you wont get infected to stop any malware getting out.They then go on to recommend AVs/adware progs etc that the "security conscious" should have (mmmm seems a bit double standard there....why have an AV /adware prog if your that careful anyway? ).And most amusing of all is they usually recommend the worst possible AV.Of course my experience means nothing to the security perfect here , but most people i know including myself (many moons ago as a newbie) have been infected by a trojan , and its been the firewall in many instances that has detected it and not the AV.Of course perfect security conscious people dont get malware (though with no outbound filtering and possibly a crap AV , i doubt theyd even know if they had).Its true certain malware can circumvent firewalls.But its also true that certain malware can circumvent AVs and adware progs.So is that a reason not to use them?.To quote an old saying.." in the land of the blind , the one eyed man is king" me
Unless you use Lynx or FF with no Java or Java scripting you are not safe.
formatting link
useful citizen has created an installer that will nail IE with spyware, even if a surfer is using Firefox (or another alternative browser) or has blocked access to the malicious site in IE beforehand. The technique allows a raft of spyware to be served up to Windows users in spite of any security measures that might be in place.
Christopher Boyd, a security researchers at Vitalsecurity.org, said the malware installer was capable of working on a range of browsers with native Java support. "The spyware installer is a Java applet powered by the Sun Java Runtime Environment, which allows them to whack most browsers out there, including Firefox, Mozilla, Netscape and others. In the original test, only Opera and Netcaptor didn't fall for the install but Daniel Veditz, who is the head of Mozilla security, has since confirmed to me that this will also work in Opera and Netcaptor," he explained.
You think running javascript and ActiveX is safe? I don't. Malicious scripts are not uncommon. There are applets that ask if you want to install them and they have switched the "no" repsonse button to actually install the applet, or even clicking the X in the upper right will install it. Personally, I'm using Firefox with no Java or java scripting and I've disabled "allow websites to install software". You do as you please.
You have to browse the dark nether regions of the web to come across the real nasty stuff but they do exist. Here's what someone posted just a few hours ago in a web forum.
----------------------------------------------------------- I was hit by this in January. Using "safe" Mozilla, I closed the broswer with 4 tabs opened. Popup appeared, it was "java" gray inside with no words or images. It closed before I could react. I thought that was very strange.
Then I opened up Windows Explorer, and it was full of toolbars full of links to fortune tellers, online gambling, and p*rn. IE was in the same shape. Icons and links to a dozen or more sites were installed on my desktop.
Worst is what happened 10 seconds later. From that same java popup, a modem hijacker was installed, that tried to dial up who knows what. I pulled the phone plug before it finished dialing.
Imagine if that same java installer had been setup to steal and transmit saved passwords, or form data with personal ID in it. I NEVER let browsers remember such things.
I've not felt safe in any browser since then. Java scripting CAN launch and install IE toolbars, dialers, and who knows what else via Firefox and Mozilla. I've seriously considered not using Java except at sites I know and trust. Just following a link from a search engine could get you in trouble with only one click. It did get me, but luckily I was spared any phone charges.
For what it's worth, I did NOT have to click OK on anything. I just got a single wide format popup window, with nothing in it. It was gray, like all java applets, with the coffee cup.
It closed by itself within one second of appearing. Immediately after closing my desktop was littered with the trash icons and the damage was done. What really bothers me is that my last and only mouse action prior to that popup's appearance was clicking the "X" on Mozilla to close it. What ever code it was had to have been activated by detecting me closing the browser window.
And I know the difference between scripts and applets. But thanks for the info anyway. The above may read like a horror story to you but it is something that really happened to someone. I didn't make it up.
Well, what we have here friends is another perfect human being who has never made a mistake, never clicked his mouse by accident, much less doubleclicked it. He is never absent-minded, never in a hurry, in short, never makes mistakes. So therefore, he is totally immune to the human failings that pester the rest of us.
Well, what we have here friends is another perfect human being who has never made a mistake, never clicked his mouse by accident, much less doubleclicked it. He is never absent-minded, never in a hurry, in short, never makes mistakes. So therefore, he is totally immune to the human failings that pester the rest of us.
No. If you like the outbound firewall you can use it. Just in average, for the average user, in my experience people tend rather to believe they are safe because they have a outbound firewall and it does not report anything instead of being careful. If you are very careful, you can add your outbound firewall if you think you need it. Just the blind advice "use this and you are safe" is just wrong. And the basic design to mix an outbound firewall with some inbound firewall and some intrusion detection system and some privacy control function and some parental control system and some more is just wrong. In most cases, if you knock out one of those things you knock out the whole thing. If it crashes it usually crashes completely. If you think, you need an outbound filter, get an outbound filter and run it separately from the inbound filter. Same results and you most likely think a little bit more about what you get for your money. With a PFW it's all there and nobody really thinks about what each part does and how reliable it actually works. (And no PFW maker will tell you...)
None. I don't need any. No malware gets onto my computer. So why should I scan for some? My AV is the most useless thing on my computer and I only have it because I want to know how good it works as I have it running on some other people's computer as well. The last time it popped up was with some uesless warning regarding a phising e-mail before I even could read it. Jeez, how should someone learn to distinguish between a real and a fake email if they don't even see it. Someone recently wrote that he was so glad to have his AV because it prevented an infection of his computer with a Trojan./Phish.blablabla. It was just a simple phising e-mail. A phising e-mail is harmless until you click on the link which guides you somewhere else. Before that, it is harmless. (I played a little bit around with it and found the most disturbing message the warning that there is a phising e-mail in my Trashbin once I moved it there. So you get a warning message for some really good practice like trashing a phising e-mail instead of clicking on it...)
No double standard. You don't need one if you are careful.
Yes. None is the worst possible. ;-)
Good, then your firewall did have some purpose for you. Please allow me to ask how it happened and what your expectations have been of your firewall and AV before that and after that? Did they change?
I know all my processes on my computer.
I install/recommend people AVs and PFWs only together with a long list of warnings that AV and PFW is just and only and nothing more than a backup net with huge holes in it. If you fall, it may or may not catch you. And you may never notice that you fell. (O.K. weird picture ;-) I tell them, that if there is a warning message popping up, they have already lost. If they tell me, they got one, and it's a real one (not the phising thing above still far far away from the real danger of clicking on it) I start using all those other adaware tools a.s.o on their computer to make sure that it was really the first and only time. Occasionally (depending on how stubborn the user is) I just take the image of the first installation and restore it, telling them that to verify their computer is clean after they actually tried to open this PIF attachment takes a couple of hours and never is 100% sure. So you've lost your life. Game over. Start again... ;-) If I found some malware despite the AV and PFW I always find some more drastic measures to lock down the computer further which is however a little bit more intrusive when they for instance cannot install any software anymore without consulting me first. I remove IE and OE/Outlook from their computers and replace them with Firefox and Thunderbird. That comes with a list of warnings, too, never to install an extension if the question pops up.
I am looking for a good, valuable replacement of the PFW part, though, that gives me satisfactory outbound filtering and good warnings and which is fully newbie usuable, because I don't really see any good use for any of the other PFW features beyond the outgoing application filter and a PFW is a hell complicated to configure to let it run without bigger problems (i.e. endless question dialogs) on a newbie computer.
1.) to browse to a website that uses this applet.
2.) to accept a signed applet for which: (from the picture)
"Do you want to trust the signed applet distributed by "Integrated Search Technologies"? Publisher authenticity can not be verified. The security certificate was issued by a company that is not trusted. The security certificate has expired or is not yet valid."
That is _you_ have to click _yes_ to run the applet. So _you_ must explicitly give an applet access rights to your computer. Once _you_ have done that it can do whatever it likes.
So I still cannot see why I am not safe with my Firefox with Java and Java scripting. This is not an exploit where something runs or installs without the user consent. The latter would worry me, but not something where the normal security mechanisms jump in.
It is no real difference than taking the next best e-mail attachment and just blindly executing it. Still it is _you_ who has to run the thing... You just don't open attachments that you don't know about. You just don't ActiveX controls that you are not expecting, in particular not on web sites you just browse through in search of something particular. You just don't trust arbitrary Java applets on your computer which is basically the same as accepting an ActiveX control for installation.
Nothing of the above references or even mentions issues with JavaScript.
No. I did not say anything about ActiveX which is in my opinion extremely unsafe.
I just said that while you indicated in the beginning of your post the JavaScript is unsafe, the rest of your post did not show anything related to JavaScript. It was just an observation.
Scripts and Applets are do totally different things. JavaScript is a scripting language that is executed by the browser. Applets are Java programs.
Please show me this applet that does that with a current Sun Java VM! I always hear these horror stories but noone actually can show an example where it actually happens. I have no problem finding a fully functional Slammer on the net or some other virus toolkit. But I never find anything like that nor find any working applet anywhere that does this. I have never seen an applet that was able to mess with the VM so that it displays the security warning differently. For any applet I have seen the message was always the same way and never tempered.
I want real hard facts or real working examples where I can see myself that there is something like that. No hearsay or similar. No horror stories passed on. That's just like the NSA reading all your encrypted e-mails...
Connected wrote in news: snipped-for-privacy@4ax.com:
Incorrect. Java has to be installed on Firefox. It does not come bundled with it. Therefore, to be safe from this exploit, all the user has to do is say "no" to Java, which most security minded people do by default.
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here.
All logos and trade names are the property of their respective owners.