I keep reading in this group about how crap personal, software firewalls are.
I've just been asked to take over an oldish laptop running 98SE and set it up for the user to have email and internet useage through a dialup account, using her account settings from her even older computer.
So, here is this laptop with an internal modem. It has Norton Security Suite
2001 (don't laugh).
I aim to remove Norton (hints on anticipated problems appreciated) and put in a free AV.
Given that there will be no firewall, what should I do in the 98SE settings to stop it being attacked the moment it goes on line?
Well, without a firewall you are using a OS that is gauranteed to be vulnerable. I have actually seen XP machines become infected over modem lines in the last year. So it CAN happen. One would think the bandwidth would constraint the possibilities enough. But on a slow old machine it doesn't take much to bring it to its knees.
Win98 is such a vulnerable OS at this point. And the internet tools are likely out of date on the system.
I would invest as little time as possible. Norton products are not know for easy, clean uninstalls. Uninstallation may leave you rebuilding the machine. How many hours do you feel like spending on this silly little outdated box?
I would leave it as is. See if you can get a paid subscription to the existing norton antivirus (make the company pay for stupid decisions). Warn them that uninstalling an outdated program on an outdated OS could result in the machine going belly up with no support. It could ocst hours to rebuild. You could try just putting a free AV on top of it and leave it at that. Win98-based outlook would be very vulnerable. So unless this person is doing aol/webmail clients, there's another can of worms ready for the can opener.
I would accept that this is a bottomfeeder machine. Given probably to someone who is clueless about computers so they feel relevant. Don't try to force it to be "current" when it obviously isn't.
I tell my customers I don't work on pre-XP boxes. I simply won't take the job. They are slow and troublesome and would take up too much of my time. Cheaper for the customer to buy a $400 refurbished XP PC than to pay me for the hours it takes to get a 98 machine in decent shape.
I hear all you say, but this is a friend who has no possibility at all of buying a new machine, and her desktop machine, also running Win 98, is beyond reasonable repair. She ahs been given this laptop. As a friend I don't care about how much time is taken, I'll do whatever is needed to give it the best protection I can, with low resource virus and spyware scanning.
"JIP" wrote in message news:442597b9$0$9262$ snipped-for-privacy@ptn-nntp-reader01.plus.net...
Hi,
Why would anyone laugh? 2002 was the last year that the Norton products were worth the CD's they were pressed on.
Norton AV 2001: Uninstall it. You can't renew a subscription for NAV2001. I know because I continued to use NAV2002 on an older machine up until middle of last year, when Symantec dropped subscription support right after a renewed. (I did get them to reimburse me.) NAV2001 isn't going to do anything except provide false security. There are a number of the free antivirus programs out there. The most popular being AVG, Avast, and Antivir. AV software is a personal choice, so read about them to decide which you like. The main thing you'll probably be looking for with an older laptop is which one has the smallest footprint, requiring the least amount of resources. I haven't tried AVG on any of older machines yet, but between Avast and AntiVir, I found Avast to be less demanding.
Norton Personal Firewall 2001: I'm assuming NPF2001 is part of NSS2001? If it works, just keep on using it. I found NPF2002 to be an ok "application gateway" the years I used it, most of the time anyway. (These programs are more "applications gateways" than "firewalls". True "firewalls" are things, hardware or software, that monitor/filter at packet levels -- such as BlackIce.) There were a couple occassions when NPF2002 became broken after Liveupdates though, which was entirely the fault of Symantec. They mistakingly allowed updates intended for newer versions to get out for NPF2002. They (usually) always fixed the updates withen a couple days, but it was still an annoyance. There are certain modules that are released through Liveupdate even when you don't have a current subscription, such as their damn "redirector". Late last year, after a Liveupdate, NPF2002 started having occassional problems. (Sysproxysvc became unstable.) I'm cynical enough to believe that Symantec did this on purpose, to force those still using older NPF's to "upgrade". The direction Symantec has taken in the last few years makes me question many of their "ethics", or lack of. If you want to try to continue to use NPF2001, put it through some vigorous testing to make sure it remains stable. If it isn't stable, then it may have already become "infected" by Symantec. If it remains stable, then continue using it but UNINSTALL Liveupdate! Get rif of Liveupdate so nobody will have the temptation to use it. If you find that it must go, there are a few free "application gateways" to take it's place. ZoneAlarm, of course, but also Sygate (personel) v5.6. Symantec bought out Sygate, and killed it, but you can still find it. PC Magazine's website still has it on their server. Download it and squirred it away.
Other stuff: Get rid of all protocols and services except TCP/IP. Make sure file sharing is disabled. Download and install all the Windows updates, and Office updates if it has Microsoft office applications installed. Download and install Adaware, and make sure whoever gets the laptop runs it from time to time. I think you they can be reasonably comfortable with the laptop, especially since it is only going to be used for dialup. If you/they are really paranoid, download Ethereal as well. Don't run Ethereal automatically, but use a tool if you ever suspect anything suspicious.
"JIP" wrote in message news:442597b9$0$9262$ snipped-for-privacy@ptn-nntp-reader01.plus.net...
(I typed my last post very quickly, so just fixing a few typos and adding one other thing.)
Hi,
Why would anyone laugh? 2002 was the last year that the Norton products were worth the CD's they were pressed on.
Norton AV 2001: Uninstall it. You can't renew a subscription for NAV2001. I know because I continued to use NAV2002 on an older machine up until middle of last year, when Symantec dropped subscription support right after I renewed it again. (I did get them to reimburse me.) NAV2001 isn't going to do anything except provide a false sense of security. There are a number of the free antivirus programs out there. The most popular being AVG, Avast, and Antivir. AV software is a personal choice, so read about them to decide which you like. The main thing you'll probably be looking for with an older laptop is which one has the smallest footprint, requiring the least amount of resources. I haven't tried AVG on any of older machines yet, but between Avast and AntiVir, I found Avast to be less demanding.
Norton Personal Firewall 2001: I'm assuming NPF2001 is part of NSS2001? If it works, just keep on using it. I found NPF2002 to be an ok "application gateway" during the years I used it, most of the time anyway. (These programs are more "applications gateways" than "firewalls". True "firewalls" are things, hardware or software, that monitor/filter at packet levels -- such as BlackIce.) There were a couple occassions when NPF2002 became broken after Liveupdates though, which was entirely the fault of Symantec. They mistakingly allowed updates intended for newer versions to get out for NPF2002. They (usually) always fixed the updates withen a couple days, but it was still an annoyance. There are certain modules that are released through Liveupdate even when you don't have a current subscription, such as their damn "redirector". Late last year, after a Liveupdate, NPF2002 started having occassional problems. (Sysproxysvc became unstable.) I'm cynical enough to believe that Symantec did this on purpose, to force those still using older NPF's to "upgrade". The direction Symantec has taken in the last few years makes me question many of their "ethics", or lack of. If you want to try to continue to use NPF2001, put it through some vigorous testing to make sure it remains stable. If it isn't stable, then it may have already become "infected" by Symantec. If it remains stable, then continue using it but UNINSTALL Liveupdate! Get rid of Liveupdate so nobody will have the temptation to use it. If you find that it must go, there are a few free "application gateways" to take it's place. ZoneAlarm, of course, but also Sygate (personel) v5.6. Symantec bought out Sygate, and killed it, but you can still find it. PC Magazine's website still has it on their server. Download it and squirrel it away.
Other stuff: Get rid of all protocols and services except TCP/IP. Make sure file sharing is disabled. Download and install all the Windows updates, and Office updates if it has Microsoft office applications installed. Download and install Adaware, and make sure whoever gets the laptop runs it from time to time. I think you they can be reasonably comfortable with the laptop, especially since it is only going to be used for dialup. If you/they are really paranoid, download Ethereal as well. Don't run Ethereal automatically, but use a tool if you ever suspect anything suspicious. Another good tool to keep in the "kit" is Sysinternals' Process Viewer. Its one of the first things I always put on older computers.
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here.
All logos and trade names are the property of their respective owners.