Security for - wait for it .........- Windows 98

Making a system backup after everything is made to work properly would also solve the problem.

I was pretty sure I've responded to that particular question on a few occasions but couldn't remember when or where. It's hard enough to remember last week, let alone the last year or 2.

 

What's the name of that one from Iceland? It was pretty good in 98.

 

Would that be F-Prot? It was good. It's also a good example of how much things have changed. F-Prot for DOS was an excellent AV in its time. It used to fit on 3 floppies.

 

That's it.

 

http://computersecurity.wikia.com/wiki/F-Secure

 

A bit OT, but I remember that the first HIPS I ever used was System Safety Monitor (on Win 98 SE) but it kept crashing.

After that I switched to Process Guard on Win XP. Good old times.

 

I think there isn't any need in security software for Win98.

98 is so outdated in terms of system architecture that most actual malware couldn't be run there in the dangerous way.

Use portable browser, not IE (I prefer K-Meleon, which nost actual build, 1.6 could be run in 98 with KernelEx). Fill hosts file with malware domain lists. Find and run Ghostwall simple firewall (also with KernelEx).
Or try genuine win98 Outpost Firewall Free

If you couldn't imagine secure surfing without AV - simply download DrWeb 5.0 for win98. (There are other localizations on server)

And enjoy!

 

I strongly disagree with that statement. Any OS with a default-permit design (all versions of Windows) needs to be secured. Regarding an AV, I don't see one as that necessary. Very few run on 98 at all. Like you said, most of the malware won't run on it either, especially rootkits. Malware that gains access via browser using javascript, flash, i-frames, etc can all be defeated with a web filtering proxy like Proxomitron.

There were some very unstable versions released during its development. The last stable free version, 2.0.8.583 has been rock solid for me on every OS I've used it on. The later upgrades to KernelEx made finding the right KEX settings for SSM components a bit of a trial and error process. The correct settings varied and appeared to depend on what processor and chipset your system used.

 

The only threat for 98 from its 'default-permit design' is the user himself

 

That would apply if "threat for 98" is limited to malicious code that runs on and installs to the 98 operating system itself. That's too narrow of a definition for "threat". Yes, malware that directly targets NT systems generally doesn't run on 98 and vice versa. Malware that attacks/exploits the OS itself is a small percentage of the malicious code. Malicious code also targets applications, many of which are cross platform.

 

Generally doesn't matter: app holes themselves are only holes. Malware, penetrating through, wouldn't find it's targets in system in most cases or cannot be run under 98 ;-)

 

Only if it's target is an OS component. Remember this one?
0day: PDF pwns Windows
This worked on any version of Windows. The javascript exploit used against TBB would have worked against any javascript enabled browser using Tor if other countermeasures weren't in place. Browser attacks that steal history or data from the cache work about the same on any platform.

 

Yes, It works by itself. It could penetrate through Reader - and what?
Would it run under win98? Would it find the place to be dropped, could it find its 'autorun way' in system? Maybe. But most of the modern malware wouldn't.

Win98 isn't secured sure - but it's less vulnerable simply by architecture. Malware would infect the PC (copy itself onto harddrive) but wouldn't generally work there. Not all but most of, I think (all the species which need specific folders, specific registry keys, windows scheduler with tasks or even NTFS features - as most 98 PC hdds are FAT32-formatted. And so on.

Infection? - yes.
Harm? - none or less.

 

I had a thought. Why not install a light Linux distro? You would not have to worry about infections at all, and you could get some of the features modern OSs have.

 

There are not a number of distros which would work smoothly on win98-hardware.

 

Really? I thought one of the +s of Linux is that it can run well on old hardware.

 

With some of the unofficial upgrades available, 98 runs on more current hardware than you'd expect. Mine is on a P4-2.4ghz with 1GB RAM. Since 98 itself uses very little of that, almost all of it is available to applications. Too many of the problems blamed on 98 were due to the weak hardware and other bugs that MS refused to fix, like a 2GB file size limit, the ability to use drives larger than 137GB, USB 2.0 and others.

On hardware compatible with both OS, the only linux I've tried that matched 98 in pure speed was Puppy. I have Mint-XFCE on the same unit. Much slower. Even a stripped down XP system is slow by comparison and consumes a lot more RAM and processor time to do the same thing. Even if they were equal, to me linux is like starting over. It would take more time than I want to spend to learn it to the same degree.

I have 2 malware samples that install as rootkits on XP and function almost like rootkits on 98. Using the built in tools, process explorer, and others, the malicious files, registry entries, and the process itself are all hidden. The one thing they can't do is hide from DOS. An exploit like the PDF example could download a similar malware and execute it. While 98 isn't affected by the majority of malware in circulation, it's not immune to it all. IMO, relying on it not being targeted is little better than playing the odds. You might be right most of the time, but you only have to be wrong once. I prefer 98 partly because it has much less attack surface to defend, and partly because it has to be deliberately targeted to be compromised. Recent revelations regarding MS and the NSA have only solidified my choice.

 

Really.

I have an old laptop - Pentium-266 with 32Mb RAM.

I know a very few distros which would run as smooth as Win98 there - and these are not ones that I would like to use ;-)

Even TinyCore Linux needs 46Mb of RAM and only Microcore version runs on 28Mb.
BasicLinux or Damn Small Linux are also not a dream of GUI-user.

 

Rjght you are. I'm not saying 98 is fully safe. Only that is comparatively safer by design. (Not due to perfectness of this design but because it's out of date )

Exactly!

 

32Mb of RAM? Even with 98, that hurts. One stuffed webpage can use most of that. I ran 98 on an old HP with a 366 Celeron and 64MB of RAM for years. When I replaced one of the 32MB sticks with a 128MB, the difference was huge. With a P4 and 1GB of RAM, it's like a completely different operating system. The response is nearly instantaneous. The only time it ever uses the swap file is when I run Tor and VPC at the same time.

Regarding 98 and targeted attacks, it's fairly common for malicious sites to use multiple exploits and payloads for different operating systems. I've seen one that had over 40 available to it. Making certain that there's one that works on 9X systems is a simple matter. KernelEx is another variable here. The additional APIs that enable it to run more current software can allow more malware to run on 98 as well. This is completely unexplored, as is SSMs ability to hook the new KernelEx APIs on 9X.

After the last round of revelations regarding NSA and MS collaboration, a lot of people are taking another view of what it means to stay current. Current versions of Windows try to emphasize security against malicious code while it keeps records of everything the user does. Privacy and security are not separate issues. You can't have one without the other. Several years of beta testing SSM have shown me that protecting your system from malicious code isn't that hard as long as you have control over that system. It's much harder to protect your privacy, especially with an OS that's designed to store records of everything you do. In a growing number of places, and for an increasing number of reasons, such records can be very bad for your personal security if not your life itself.

 

Not even mentioned to speak about modern web on such an old hardware ;-)

I just want to illustrate that 98 is notably lighter on resources.

It runs well on that hardware and 15 years ago similar PCs had successfully worked in our publishing house, serving us in all ways: page layout, design, internet etc. ;-)

 

The main drawback is Windows 98 isn't built on the solid and tested NT kernel.

If someone could compile it to run under 98 - you'd get the best of worlds, a stripped down Windows operating system that's fast and efficient with the stability of a proven kernel.

Most people don't bother to run an operating system THAT old since there's no benefit you couldn't get in Windows XP which was the first consumer level operating system Microsoft built based on the NT kernel.

 

From the antimalware point of view, lack of NT kernel is the main 98's advantage nowadays! ;-) Paradox, but that's it!

 

Probably less NSA stuff hidden as well.

 

Those of us who use 98 don't want the NT kernel or the service based design and the NTFS file system that goes with it, especially on single user equipment.

Why reinvent Windows 2000?

Very likely true. Whatever more is hidden in a 9X system isn't tied into system critical services that can't be disabled, like Remote Procedure Call. Some of us believe that the NT systems are the result of the MS/NSA collaberation.