Big Swappout?
in [Windows 98]
|
Prev: Install on 4MB RAM?
Next: Windows 98 - A Decade Later
From: 98 Guy on 3 May 2010 21:43 Andrew Smallshaw wrote: > > It's a fact that if you perform a fresh install of win-2K or > > XP-Gold or XP-SP1, and give that machine a non-firewalled or > > non-NAT'd internet connection, it will become infected with > > something before your first Windows Update session is completed. > > Pure FUD. I will prove you are an idiot and an ignorant dolt. > I have a Win2k development machine here that gets periodic > reinstalls so to be honest it doesn't tend to get patched > and protected as well as it should. Read carefully what I wrote above. Note the phrase "non-firewalled" and "non-nat'd". Do you know what those phrases mean? Do you know what a nat-router is? Do you know what sort of broadband internet connection most home users *didn't* have back during 1999 - 2004? > That is a _fact_, not groundless speculation based on personal > prejudice. You are a child aren't you? How old were you back in 2001 - 2004? Were you still in diapers? > If your experience is any different that is more to do with > what sites you visit Do you know what a network worm is? Do you know that a network worm can get into your system without you doing any web-surfing? > or not being naturally cautious as to what you click on or > download. Or downloading? Name someone that you shouldn't hire as a network admin or consultant: > Andrew Smallshaw > andrews(a)sdf.lonestar.org Come back here after you take a few courses on computer networking sonny. And in the mean time, read this: http://isc.sans.org/diary.html?storyid=4721 Or do a google search on "internet survival time". Then come back here and tell me that I'm "prejudiced" against win 2k/XP/etc. The truth hurts, doesn't it? It hurts to know that win-98 was a more secure OS compared to 2K and XP. It disturbs you to know that 2K and XP were fully vulnerable to external intrusion and remote control until August 2004, doesn't it? While win-98 users were laughing at all you klowns that were being mind-controlled by Microsoft marketing bullshit.
From: Steven Saunderson on 4 May 2010 02:38 On Mon, 3 May 2010 18:35:30 +0000 (UTC), Andrew Smallshaw <andrews(a)sdf.lonestar.org> wrote: > Pure FUD. I have a Win2k development machine here that gets periodic > reinstalls so to be honest it doesn't tend to get patched and > protected as well as it should. Hi Andrew, The story is (was) true. I had some W2k installations trashed when I went online before installing SP4. After I read about the problem I did five tests and all installations got trashed within 20 minutes. This was via dialup so I didn't have the protection afforded by a NAT router. From memory I think it was the messenger service that received the corrupting message. I was amazed that anybody would fire off these messages to all IP addresses continually. Cheers, -- Steven
From: kony on 4 May 2010 02:38 On Sun, 02 May 2010 15:31:06 -0400, 98 Guy <98(a)Guy.com> wrote: >kony wrote: > >> > Win2K was so bad that when you installed it and then connected >> > it to the internet to install updates and patches, that it >> > almost always became infected by something before you could >> > patch it. >> >> Complete nonsense. >> >> > My, aren't we eager to show how ignorant we are? >> >> Not we, just you. > >Sez you. > >> Citing a list of vulnerabilities does not prove it would >> become infected. > >When was the last time you looked at the logs of your broadband >NAT-modem or router? If one has a NAT modem or router, the entirety of your argument is gone. Insecurity, holes only exist where you let them. I ran Win2k 100% secure, if you didn't I can only suggest you made excuses why you'd rather not do so. > >If or when you do, you'll see constant attempts to connect to your PC's >netbios ports. Those are coming from infected systems on the net, >trying to spread themselves to other systems. Yes, "attempts". Attempt != success. Unlike some, I do not rely on an operating system for security, rather disabling all as a default and only enabling what I consider secure. In that context, pretty much every OS is quite secure. > >It's a fact that if you perform a fresh install of win-2K or XP-Gold or >XP-SP1, and give that machine a non-firewalled or non-NAT'd internet >connection, it will become infected with something before your first >Windows Update session is completed. <yawn> So you claim, but reality is contradicting you. Yes haphazardly leaving a box on the internet is risky, but that does not translate into an inherant definite danger if one is security minded as you imply they should be. > >> It would be like saying if I leave my back door unlocked >> when I go for a walk I will definitely be robbed... hasn't >> happened. > >Your analogy needs one more element: There are zombies constantly >roving your neighborhood and checking to see if your door is locked. >You walk away from your house for 20 minutes, with your door unlocked, >and it *will* get entered by a zombie. Perhaps you should lay off the caffeine. I know what a zombie looks like and will shoot it on sight. > >> Fact is, there is no 100% secure desktop PC OS > >That wasn't the point of what I wrote. I never made such a claim. > >What I did claim is that under similar circumstances (initial >installation) that Win-98 is *invulnerable* to infiltration and >infection by internet "zombies" (worms) that infect systems that simply >have a live, non-firewalled, non-nat'd internet connection. Windows 2K >and XP-SP0 and SP1 are vulnerable. You overlook one fundamental aspect of security. Nothing is 100% secure, but what is most insecure is that which is targeted. Win2k is not a popular target anymore, so to claim its bugs matter more than the bugs of OS that are targeted, is entirely missing the point and an extreme confusion about what security is and how to handle it. > >> so a list of bugs is foolish > >I was posting hard, solid evidence to back up my claim above. Yeah, but not in context. > >> as if you pretend there is one with no bugs... > >Windows 98 is not, and has never been vulnerable to any of the 6 >different varieties or families of network worms that have been >discovered over the past 10 years. There is no pretending involved in >that statement. > >Why are you being so dense in the head about this? Why are you insisting that others who don't have the problems you pretend "Must be", need to be more concerned about what you write than what works ok for them? > >If I go beyond considering network worms, it's also a fact that windows >98 is, in general, less vulnerable to a whole host of malware (viruses, >trojans, root kits) compared to NT-bases OS's. Win98 can't even run for many days at a time despite its many other weaknessess, I assure you that if someone is capaable to identify the OS, and seeks to target it, Win98 is owned too, to think of it as some kind of security is laughable... when the fact is, 99.9% of insecurity is user choice, browser or email client flaws. Win98 can't even support the more modern versions of browser or email client that patch flaws in previous versions. > >> it only takes ONE bug, that's the bug the intruder >> purposefully targets per which OS it is. > >I'm not sure exactly when OS targeting started to be used during the >exposure and exploitation phase of malware installation, but I would bet >that by the time that started to happen, that windows 98 was not on the >list of targeted OS's. Personally, I have no problem securing win98 boxes, win2k, or thereafter. I find your implied problems more a sign of being unable to do basic security steps more than anything, or just a mental block then excuses to follow...
From: kony on 4 May 2010 02:39 On Mon, 03 May 2010 21:43:05 -0400, 98 Guy <98(a)Guy.com> wrote: >Andrew Smallshaw wrote: > >> > It's a fact that if you perform a fresh install of win-2K or >> > XP-Gold or XP-SP1, and give that machine a non-firewalled or >> > non-NAT'd internet connection, it will become infected with >> > something before your first Windows Update session is completed. >> >> Pure FUD. > >I will prove you are an idiot and an ignorant dolt. Ok, let us know when you finally manage to do so.
From: Andrew Smallshaw on 4 May 2010 07:51
On 2010-05-04, 98 Guy <98(a)Guy.com> wrote: > Andrew Smallshaw wrote: > >> Pure FUD. > > I will prove you are an idiot and an ignorant dolt. I'm seeing a pattern emerge here. Make outlandish claims, fail to back them up but then assert them as fact all the same. When challenged again fail to back them up and resort to ad hominem insults. It's nice to see that your argument is so solidly reasoned that it stands up so well to scrutiny. >> I have a Win2k development machine here that gets periodic >> reinstalls so to be honest it doesn't tend to get patched >> and protected as well as it should. > > Read carefully what I wrote above. > > Note the phrase "non-firewalled" and "non-nat'd". > > Do you know what those phrases mean? I would hope so or those Cisco qualifications I have don't mean much. That's right - _qualifications_, as in, I've actually studied this stuff and been shown to be competent, instead of making stuff up on the spot. Your defence of your claims still does not hold water - no NAT at all here and it is not behind the firewall on that network - do you know what "protected" means? > Do you know what a network worm is? Do you? It sure doesn't sound like it. The attack vector doesn't come out of nowhere you know - it has to leverage an existing service running on the machine... > Do you know that a network worm can get into your system without you > doing any web-surfing? ....and on Windows 2000 the potentially vulnerable services are disabled in default trim. > Come back here after you take a few courses on computer networking > sonny. See above. Although I might suggest a few course on elementary comprehension first since most of this post was raising points I already addressed. > And in the mean time, read this: > > http://isc.sans.org/diary.html?storyid=4721 Do you want to try that link a second time? Because the one you posted is not what you claim it to be. -- Andrew Smallshaw andrews(a)sdf.lonestar.org |