herbalist

Soporific, If a person owns both the 98FE and 98SE disks, what makes this situation different than the 98SE2ME upgrade for those who own both of those? Seems to me it's the same legal situation as it would be if upgrading from 98SE to ME. Marxo, Thanks for the link. From the link you supplied: I shut down everything that wasn't part of Windows. Not using an AV. I have 2 internal drives plus an external. The external drive was shut off. The other internal is a separate OS. If something is locking the hard drive, I'm at a loss what it might be. Any ideas? Rick

Running the CD in windows doesn't work. Tried several times, the last with the external drive disconnected and everything not essential shut down. Same error message. When I ran setup from DOS, the message said I couldn't use this disk with an existing OS and that I needed an upgrade disk. Anyone have a copy of that disk for sale? Any plans here to make a 98-2-98SE upgrade download that works like the 98SE2ME upgrade? Rick

My old HP came with 98 first edition. The system recovery CD installs several other apps in addition to windows, some of which I use. I'd like to upgrade the OS to 98SE, but I'd like to be able to keep or install some of the additional apps on the HP disk as well. The HP disk uses something they called cloaker. Is there a way to use a standard 98SE CD to upgrade the OS without losing the other applications? Is there any way PC Magazine's Change of Address utility could be used for this? I'll be using the original HP hardware with a few upgrades but the OEM disk still accepts it as the correct system. The only idea I can think of is starting over with the HP 98FE disk, removing all the apps I'd want to add to 98SE, re-install them while recording the install process with Inctrl5, then manually copying all the files and registry entries over to the 98SE box and register Dlls manually. Is there anything similar to the 98SE2ME download? I've heard of a 98 to 98SE disk MS sold at one time, but have no idea where to get it or if it would let me keep the additional apps from the HP disk. TIA Rick

"Only" is a bad choice of words here. Your statement might apply to a user who has no knowlege of how an OS or security software works and needs the OS and security apps to do everything for them, but it's by far not the only way to be safe with windows. XP and Vista may be more resistant to certain threats, but there's just as many more that they're vulnerable to which don't affect 9X systems. 98/ME can be used very safely with a default-deny security policy and the proper configuration and software to enforce that policy. I've run my 98 boxes for almost 2 years now with no resident AV. My test box is used for security app testing and malware research. It's deliberately put in harms way and remains uninfected. I'm a beta tester for System Safety Monitor, which I use like a policy manager on steroids. The free version has completely replaced the resident AV on all my boxes. When combined with a good firewall and content filtering of allowed web traffic, a 9X box can be equally as secure or more so than a well protected XP box. It is not necessary to specifically identify potential threats with signature based applications. All that's necessary is to prevent that malicious code from executing. If it can't run, it can't infect you. Rick

Firewall rules are not like system files or definitions for AVs. They don't become obsolete or ineffective with age. The internet still works the same way it did when he released that ruleset. Same address system, same basic protocols, ports, DNS system, etc. There's nothing there that can really be updated. A properly finished ruleset for Kerio 2.1.5 will continue to be effective until IPv6 is fully implemented at which time Kerio will be obsolete. The BZ ruleset should be treated as a starting point for the users set. It still needs editing to match your own system/network and internet service. Loopback rules should be made specific to the needs of your system. It doesn't include rules for applications. To properly finish the ruleset, the user does need a basic understanding of how the internet works, the address system, what the basic protocols are, port numbers. Once a user has that basic knowlege, he/she doesn't need BZs ruleset because they can make their own set that matches their setup perfectly. Rick

I've had WinPCap 3.0 installed for some time on my 98 first edition box. Ethereal works pretty well with it. Yesterday, I installed NMAP, which requires WinPCap 3.1 to work properly. With 3.1, Ethereal doesn't capture, can't see the network interfaces. WinPCap 3.1 works with both on my 98SE test box but the 98 first edition box is the faster and more stable of the 2 and is the one I want to use. According to their site, 3.1 is supposed to be 98 compatible, but from what I can see, it's only compatible with 98SE. What do I need to upgrade/change on 98FE for WinPCap to work with both Ethereal and NMAP? Can it be done? Rick

The device manager is a tab on the system control panel applet. If it's missing, you can access it via windows\system\sysdm.cpl. Rick

I noticed that. So much for "this section is optional". Hardcore Windows 98(9X) Fan or User would also be a good banner caption. What did you use to fade the background colors so evenly? When I tried editing logo.sys that way, it looked awful. Only thing that made it presentable at all was that most of my bad blending got covered by text and was hard to spot with the size reduced. Rick

I can accept that. Then again, having a preference doesn't take away from it either. Kinda like your " Hardcore Win98 fan", which describes me as well. A caption such as "Proud user of DOS based Windows" would cover it too. I'd think it would be a common consensus that DOS is one of the primary reasons for preferring 9X. Thanks for the avatar(s). Rick

glock_94, One of the forums I frequent limits their size to 60x60, and the print is unreadable at that size. Do you have the background image you used for that avatar? I can add the print. but I'd probably ruin the background image if I tried to remove or enlarge the existing text. I made one small change to your work. Since I use 98, I changed it to say 98. Rick

I like it! That's much better than any I'd make. I very much appreciate your efforts and will gladly use it. That supercharged logo also looks much better than the one I was visualizing. Rick

On http://www.mdgx.com/fw.htm#FWL, I believe the link for Tiny Personal Firewall should read version 2.0.15 instead of 2.1.5. That was a good quickstart for setting up Kerio. Its default rules are too permissive for secure usage. Kerio also allows you to tightly control loopback connections. Many otherwise good firewalls fall short here. Rick

Gimme Windows 9X or no Windows at all!

Kerio 2.1.5 is excellent on 98. It's quite different than ZA as it's a rule based firewall, so it will take some getting used to. Very light and quite effective. It's not supported anymore but then 98 isn't supported either. It's available at OldVersion. Rick

I wasn't asking you to make all of these by any means. Just tossing out some more ideas for anyone who might like them. I also like the "Powered by Windows 98" and the "Windows 98 User By Choice" options. "Supercharged Windows 98" on a logo with racing stripes or flames? Too much work, but sure would look good. Something to play with when I have time. BenoitRen, you're right, especially about alienating 95 and ME users. Wasn't thinking about that at the time. Rick

Thanks. It's appreciated. Resizing one is the easy part. A few keystrokes with IrfanView will do that. Making the initial image is where I have problems. My artistic abilities are so bad that a "paint-by-number" can end up unrecognizable! Been trying to think of other captions that would be good besides "Proud Windows 98 User". Any opinions on these for banners or avatars? Loyal Windows 98 User. Windows 98 User By Choice. 98, the Best M$ Can Be. Powered by Windows 98. Considering all the improvements, modifications, tweaks, etc that are discussed here, maybe some of these would be appropriate. 98 Modified for Real Performance Windows 98 Made Even Better Supercharged Windows 98 How about something similar to this, but with "Windows 98, MSFN Edition" or similar for text. Would make a nice startup logo too. Rick

I very much like these 98 banners. Several of the forums I frequent don't allow images in signatures or in the threads if they're not directly related to the subject. They do allow avatars, which is the one spot I can use one, but the banners are the wrong shape. My artistic talent leaves a lot to be desired. Could someone here merge together one of this style and color, With one of this shape and size? If someone would make one that looks better than the one I made, I'll gladly use it. Rick

I was hoping that there'd be a simpler way but didn't really expect to find one. I had both windows and DOS tasks in mind, depending on the option chosen. I'm going to just let it sit at the top of the start menu and remove the standard shut down entry. Should still do what I want. I was trying to keep the "original" look but it's not absolutely necessary. Other users aren't a problem as tight as this box is locked down. This was mainly for my own user profile, but if it works as I want, I'll add a different variation on the other profiles too. Thanks Rick

I'd like to replace the normal "shutdown" entry with a link to a batch file that gives me several shutdown options. These would include: normal shutdown/restart entries using rundll32. Above plus entries to erase a list of files and locations as part of the shutdown. Options to drop to DOS and call other batch files for multiple purposes. I'm looking to modify/replace the standard shutdown options, but don't need a graphical interface. Since I'd be using it in place of the normal shutdown option, I'd like it to replace "shutdown" on the start menu instead of adding more entries to the start menu or more desktop shortcuts. If you're familiar with the secure shutdown option of Sentinel, I'm doing something similar to that with DOS with other ideas added, and make it the default method of shutdown/restart. The batch files are pretty much finished, until I get more ideas and do it all over again. All I really need is a way to put a link to the main batch file in place of the shut down entry instead of farther up the start menu. Rick

XSetup Pro has options for removing start menu items. I was hoping that by seeing what registry entry it changed, I'd be able to figure out what to add. Didn't work that way. It removed the "Shut Down" entry by adding: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer "NoClose" I didn't see any options available thru the policy editor that would help either. Rick

I want to replace the "Shut Down" entry on the start menu with a link to a batch file. Getting rid of "shut down" is easy enough but I haven't figured out how to add an entry in its place. This is for 98 first edition. Thanks. Rick

That's a scary thought. I wouldn't put it past them to eventually install surveillance-ware in a legally locked kernel via windows update. What really suprised me is that they've "helped" with some Linux flavors as well. The article mentions Novell, but I wonder how many other flavors this affects and what versions, files, etc. Since it's been demonstrated that Vista's kernel can be compromised, one or more of these 3 applies. Their "contribution" is ineffective or insufficient. It has not yet been implemented. It serves another purpose entirely. If I had to bet on it, I'd bet on 2 and 3 applying equally. As far as Windows is concerned, I can't bring myself to trust anything newer than 98. After hearing that they've had their hands in Linux, it becomes difficult to know what would be a trustworthy alternative. For now, it's 98 for me, and an old Knoppix live CD. Rick

Thanks. I'll snoop around YouTube. I'm just curious to see if it really does need 500mhz to function properly. I also use several apps that claim to need 500 or 550 mhz to work, and they run fine with 366mhz. Rick

Kerio 2.1.5 is also available at OldVersion. Regarding "why Windows XP is bad", IMO, most of that article is quite true. If you follow the evolution of windows, since Win95 at least, every "improvement" or increase in functionality has come at the expense of user choice and control. With WinME, users couldn't boot into pure DOS (what the paper calls real mode) without a 98 bootdisk. With the release of the NT systems, DOS was taken away. DOS was claimed to be obsolete and nearly useless, primarily by the self proclaimed experts who don't understand the value of command line and the need to be able to access system files and components without interference from Windows. From a security standpoint, this is a disasterous move. Think in terms of rootkits. On the NT based systems, the only sure way to know you've removed all traces of a rootkit is to boot with a tool like Barts PE and examine the file system independent of interference from Windows. On 9x, a simple boot into true DOS mode did that. With the NTFS file system also came the ability to conceal files, processes, and registry entries from the operating system and most conventional tools that ran under windows. This was supposed to be a security improvement. While the NT systems do a better job at limiting what can be accessed from individual user accounts, this "security improvement" is also the primary reason for the existence of botnets, most of which are XP units compromised by rootkits that take advantage of this "improved security". If viewed solely from a security perspective, was this an improvement? I don't see it. In addition to the security implications, there's also privacy concerns here. With the DOS based systems, user activities were kept in index.dat files, hidden history, file and cookie folders, and an applog folder. With the exception of the index.dat files, all these could be accessed in DOS mode. Even the index.dat files could be regularly deleted with a simple batch file that ran at bootup. With each new NT based system released, more user activity records were kept and they're more difficult to get rid of. There's more places to hide them. Look up alternate data streams and narrow your search to data concealment. This was impossible on DOS based systems. If these aren't enough to make you question the motives behind the entire file system, enter Vista and it kernel patch protection. It already takes specialized rootkit tools to detect what is running at a kernel level in XP, tools that are beyond the average users ability to use. This has made it necessary for security software vendors to code their apps to work at the kernel level in order to detect and defeat malware running that deep in the OS. With Vista, Microsoft has locked these security vendors out of the kernel, save for a limited set of APIs. In theory, locking everything else out of the kernel would be good from a security perspective, although very questionable from a privacy standpoint, especially given M$ track record of storing as much user activity data as possible. The problem is the kernel isn't locked. It's already proven it can be compromised with just a bit more work than it takes on XP. It's only locked in a legal sense. In order to gain the access needed to monitor and protect the kernel, vendors need to hack it with methods M$ doesn't allow, with potential legal ramifications for that vendor. That "legal lock" isn't going to stop a malware writer. The end result can only be an OS that's controlled by anyone except a law abiding user. Why would M$ lock security software and users out of the kernel when they know they can't truly protect it. Enter DRM, digital rights management, a privacy and security nightmare whose sole purpose is to make sure you've paid those few bucks to an already filthy rich entertainment industry for that piece of music or video you want to view. In order to prevent a user from defeating DRM, it has to run as deep in the OS as possible. The entire concept of DRM would not be possible on operating systems like 98, where true DOS or "real mode" as the article called it could be used to defeat it. Something more to think about. If you and security vendors are legally locked out of the kernel, is it a criminal act to gain sufficient access to actually secure it, or to remove the malware that will be running there soon enough? You know it'll be there. Microsoft can't effectively secure the box Windows comes in, let alone the OS. With DRM running at a kernel level, what are the legal ramifications here, considering that file sharing has been equated with terrorism and organized crime? Those of us who have been fighting malware for years, is this legally tying our hands? If while tring to remove a rootkit from Vista, you find an unknown process running there, is revealing that information proof that you've committed a criminal act? This is a potential legal nightmare. Given the present political climate, would you rule out something more running there at some point in time, installed via an update process over which you'll have no control? I've already told my clients that they're on their own if they go to Vista. I won't work on it. If that's not sufficient motive, how about M$ own anti-piracy solutions, or WGA, which should stand for Windows Grievous Aggravation? Their sole purpose is to make sure they've got your money. A computer is a tool. Name one other tool that regularly demands you prove you own it before you can use it. I can't understand anyone tolerating this treatment when alternatives are available. The articles point about services is basically true as well. Try to close all the ports on an XP box without running a firewall. It's not hard on 98. Having all the unnecessary services on XP running by default is one of several reasons so many XP units are regularly compromised. If there's any improved security designed into the NT file system, and one has to ignore rootkits to even think that, it's more than offset by the sheer number of open access points. The articles statement about XP being a lightning rod for attacks is true as well. The sheer number of security patches proves that. 98 didn't need a weekly patch day. Here's a few more examples. Remember the .wmf exploit? Quoted from SANS on 1/7/2006 shortly after the discovery of the exploit: I have several variants of that exploit and can't force any of them to run on a 98 box. The recent .ani exploit can run code on XP. So far, the worst I've been able to get it to do on 98 is crash explorer, which restarts. In addition to the NT file system and open ports, one of the problems with XP, and soon enough with Vista, is the sheer amount of code. It's simple math, the more code, the more potential for flaws and weak points that can be exploited. Consider Vista from that point alone. I have to agree with the article. XP is bad news. Vista will be a nightmare. I've often wondered how M$ can produce code with so many vulnerabilities. Doesn't anyone double check anything? At times I think XP is deliberately designed to be vulnerable, made easily accessible to the powers that be. I can't prove it one way or another, just a suspicion based on observation and the M$ track record of collecting data and taking user control. Maybe the malware writers are doing us a favor by pounding that point home. I've come to the conclusion that XP and especially Vista are nothing more than spyware disguised as operating systems. Rick

Bridge!! That's what I needed. I was sure I was overlooking something simple but couldn't think of what it was. This is my first time working with a DSL modem and the first time I've done anything with networking, if you can call one firewall and one PC a network. Thank you! Rick