lightweight security for win98

I'd like to see this. Do you have a link to it?
rick

 

No, unfortunately, I do not have a link, but I published the paper. J. Phil. Logic might have an online archive. Should this be the case for papers written over two decades ago, the publisher would be D. Reidel Pub. Co. of Kluwer Academic Pub. Group and Springer Academic. Look for the name "David Wray." Other papers of the same genre would be found in "Algebraic-Valued Quotational Logics" Communication and Cognition, Belgian Minisrty of Higher Education, and my special edition with Sir Stan Martens and Vladimir Yu. Sazonov of The Journal for The Integrated Study of Artificial Intelligence, Applied Epistemology and Cognitive Science entitled "Truth, Names Combinators and Quotes." I'm certain that the latter is on the net. Of special interest to you might be Vladimir's treatment of computation and recursion via self-referential predicative arithmetics. Win 9x/ME and DOS are sub-primitive recursive; whereas, 2000/XP/2003/Vista are fully recrursive. Hence, the limitations of DOS forbid certain calls, while the fully recursive systems yield an endless loop when attempting such a call. The forbidden DOS "no-go's" can thus be used to protect the DOS OS. A similar attempt to protect, say, Vista by the same means, would yield a processor lock-up

Dave HAL

 

@ dw2108

I'm very interested to try and find out more about malware prevention by using the "buffer and echo" etc techniques in 98se you described. I tried to locate the information you referred to, but was unable to.

If you could possibly discover and post any links, or describe how these methods could be integrated, i and i'm sure others would be very grateful.

Thanks in advance.


StevieO

 

Likewise is of interest myself.

Never seen that concept mentioned or even practiced by anyone i knew that run 98 let alone explained or journaled, So one might think it would indeed be useful as well as prudent to practice with those "buffer and echo" techniques if you could offer some ready-link when you find time.

Thanks EASTER

 

I've had no luck finding it so far. Might have better luck tomorrow when I don't have 6 other projects running at the same time. You wouldn't happen to have any of the files you described, would you?

I've found DOS to be a powerful ally in securing 98, but that's a new one on me. I'd like to see if 98s policy editor could be made more effective than it is.

I take it that this isn't something that can be done with an existing OS and must be done as part of the initial install process?
Rick

 

I appreciate your interest, and shall post back within a few days the rudiments of one process which is really a very simple technique using DOS to force an unorthodox installation of Win 9x/ME. This same method can be employed in Win 9x/ME systems to emulate the NTFS structure of 2000, XP, etc., without incurring the 2000/XP/2003/Vista (unicode) vulnerabilities. (After all, NTFS is nothing other than one large unicode ZIP file! And I use this method to run F-Prot 6 on a Win 95 16B system.)

I e-mailed some people at Springer Academic Pub. Co., and it seems as though my publications shall have to be accessed via the conventional university library.

Dave

 

I'll be very interested to see it. Thanks.
Rick

 

Let me pick up this topic on the 24th of this month -- I just have too much on my slate at the moment, and this needs to be presented coherently.

Dave/8 HAL/3

 

Thanks, we'll be looking forward to it with some real interest.

 

Ladies and Gents, please bear with me: several jackassed editors want me to reduce 480+ pp. to approximately 320 pp., which is why I hate editors.

Dave HAL

 

Damn
This document is very interesting.

 

I hope these are 2 separate subjects. If the rudiments of a simple technique uses 480 pages, I'd hate to see a detailed explanation.

 

We begin this Friday. Bring your PCs and DOS. As one who once wore a Green Beret in Nam for Uncle Sam, I regard now the hackers and the crapware writers as those who need give now THEIR LIVES for the sake of safe (web) surfing. www.groups.sfahq.com

Dave HAL

P.S. The 420 pp. refers to a paper on fundamental particles and gauge fields -- not to this!

 

Make sure that your PC is clean of viruses and other junk-ware. CHECK MY SPELLING FOR ERRORS SO THAT YOUR PC SHALL OPERATE WELL! LET ME DOUBLE-CHECK MY ENTRIES FOR ERRORS BEFORE YOU ATTEMPT THIS!

STEP ONE:

Assuming C is your main drive, create on C:\ five folders, say STORE1, STORE2, STORE3, STORE4 and STORE5. On C:\ you shall find many critical files. Copy these files -- including COMMAND.COM and AUTOEXEC.BAT to each of STORE1 through STORE5. Copy the entire C:\Windows\Command folder to each one of these folders. Open C:\AUTOEXEC.BAT and place the following lines at the very end, and keep these lines:

SUBST P: C:\STORE1
SUBST Q: C:\STORE2
SUBST R: C:\STORE3
SUBST S: C:\STORE4
SUBST T: C:\STORE5

BUT USE ONLY LETTERS WHICH HAVE NOT BEEN ASSIGNED DRIVES!
Reboot, and make sure that you now see the 5 new drives P throguh T showing in Windows Explorer or My Computer.

STEP TWO:

Create a folder on DRIVE P called REGISTRY. Create on DRIVE Q a folder called WIN and on DRIVE R a folder called PROG.

 

VERY INTERESTING! Please continue................

And thanks.

 

STEP THREE:

Once again, edit your AUTOEXEC.BAT saving in it the following lines:

XCOPY32 /c /e /h /r /k /y C:\WINDOWS\SYSBCKUP\*.cab P:\REGISTRY
XCOPY32 /c /e /h /r /k /y C:\WINDOWS\*.INI P:\REGESTRY
XCOPY32 /c /e /h /r /k /y C:\WINDOWS\*.DAT P:\REGESTRY
XCOPY32 /c /e /h /r /k /y C:\WINDOWS\*.COM P:\REGISTRY
XCOPY32 /c /e /h /r /k /y C:\*.SYS P:\REGISTRY

COPY OTHER FILES YOU NEED FROM C:\

USE THE FOLLOWING LINES IF AND ONLY IF YOU HAVE A PC WHICH IS FAST ENOUGH TO PROCESS THESE TWO LINES AS YOU BOOT UP!

XCOPY32 /c /e /h /r /k /y C:\WINDOWS\*.* Q:\WIN
XCOPY32 /c /e /h /r /k /y C:\PROGRA~1\*.* R:\PROG

This has saved your registry, critical files, Windows directory and Program Files Directory to virtual drives, and you may recover them at any time. I recommend that ANY browser, IE, Opera, FF, Maxthon, be removed and be installed so that its cache is on a virtual drive so that malware shall have to try to create a path to try to do its work, and most crapware cannot execute from a virtual drive, BUT SOME CAN! The point of having the COMMAND.COM and the COMMAND directory on the virtual drives is this: SHOULD HAVOC STRIKE, you may use XCOPY32 /c /e /h /r /k /y to restore data to its original state.

 

STEP FOUR:

Rename the AUTOEXEC.BAT files ON THE VIRTUAL DRIVES ONLY to AUTOEXEC.OLD -- ON THE VIRTUAL DRIVES ONLY!

Copy the newly modified AUTOEXEC.BAT FILE on C:\ , the one with all the SUBST and XCOPY32 commands to DRIVE S.

DELETE the AUTOEXEC.BAT on C:\

Open NotePad and create a new batch file with the these lines:

SUBST P: C:\STORE1
SUBST Q: C:\STORE1
SUBST R: C:\STORE3
SUBST S: C:\STORE4
SUBST T: C:\STORE5
S:\AUTOEXEC.BAT

Save on C:\ as files of all type as AUTOEXEC.BAT. Exit NotePad.

This file echoes the S:\AUTOEXEC.BAT -- your REAL AUTOEXEC.BAT -- remotely from a virtual drive.

I'll have to pick up later, but, the shift and choice commands can be used to rearrange folders, virtual drives, and all data so that the drives can be safe. Another trick is as follows. Download a freeware password protector for your virtual drive folders, and because your entire system is backed up, you can hit CTRL + ALT + DEL in an emergency, hit F8, use XCOPY32 to restore all data, and keep the virus or crapware as a trophy.

TO BE CONTINUED IF ANYONE IS STILL INTERESTED.

 

VERY INTERESTED!!!!

AND APPEALING!!

Still taking this all in. Extremely intriguing procedure beyond any i know that i ever seen before for use with 98/Me system.

 

Very interesting
I'll setup a VM to test this when I get some spare time.
Thanks.

 

Yes, please continue. I'm just now getting the opportunity to look at this. From the looks of it so far, I'll have to set up a separate test unit to try this. This could easily clash with similar entries I've already got in my autoexec.bat that back up/restore several of the same files your entries do.

Is there any problem with using a different selection of drive letters? I didn't see any problems with different letters in what you've posted so far. Is there any reason the drive letters need to be sequential, possibly for something you haven't yet posted? I'm already using a couple of those drive letters with encrypted partitions and containers.
Rick

 

Will have to pick up next Wednesday. By the way, I need to edit some typos from my command switches above. I'll pick up on the random file regeneration which spits out a fresh file when crapware tries to head for critical data.

Thanks very much,

Dave

 

And Thank You dw2108 for this effort. Looking forward to it. Already obvious this is some extremely useful technique. Have to ready my 98SE system again. LoL

Seems this so-called obsolete Operating System is not so unsecurable after all.

 

Thanks to all for the kind words.

UPDATE: The command line paramaters above are OK, but I regard them as typos because some are unnecessary. Also, before we get into random file regeneration, I forgot that we need to go through the Windows reboot and shutdown files to secure safe reboot or safe shutdown: the Windows sequence triggers some malware, and it's best to avoid the
START > SHUTDOWN > RESTART or REBOOT etc., by writing some simple files which can be used also to execute certain tasks you may wish to do at times prior to shutdown or reboot.

Finally, registry monitors and AV apps need to be tweaked if you plan on keeping them for security, even though you shall not need them. E.g. the batch files we write are best excluded when possible from an AV resident shield and SSM or WinSonar have to be told that these new virtual drives are actually new hardware, because Windows reads them as such!

So, I'll pick up with the shutdown and reboot files, and get to the regeneration later. This will set up the entire start up and shutdown sequence.

Thanks,
Dave

 

Understood. I'm sure herbalist and other 98/Me systems buffs like myself will be following this thread with much continued interest. Look forward also to their questions and the resulting answers from you.

Again our thanks. Amazing sometimes how long it can take to surface alternative safety techniques & methods that otherwise might forever escape our attention and surely the appreciation also that goes along with them. LoL

 

1. HOSTS file (various sources, mpv, hpguru, etc.) - Free
2. PC Tools Firewall (licensed version of Look'n'Stop, very light on CPU) - Free
3. NOD32 or DrWeb for antivirus or maybe even Avast if you like free
4. No use of IE, Messenger, Outlook (or OE), Windows Media Player at all (unless really a must), use alternatives instead
5. Hardening fixes that fix some holes, but do not stay resident, wmpscriptfix, noscript, spybot s&d (immunize, don't use resident portions), spywareblaster (immunize), secure-it (be careful with this) + many others (see : https://www.wilderssecurity.com/showthread.php?t=111264&page=48 for more info)

No other resident programs, esp. deeply hooking antimalware drivers, most of which really slow down a system.