12 months without a virus scanner or firewall

[galahs]

This is just a little tale I thought you'd be interested in reading.

I went over to a mates place and he asked me to do a check up on his computer which I set up 1 year ago running Windows 98 SE.

He has a USB modem, ADSL connection, and uses the internet for all sorts of things but really knows little about computers or viruses etc.

I was just going to do a Defrag and some basic file keeping / backups when I noticed he didn't have an Virus Scan software, no software firewall and no ad-ware scanner.

Thank goodness he took my advice in the past and only used Firefox and updated it every time it told him to. He also assured me he Clears all his Private Data at least once a week. Still, I was a little nervous as to what may be lurking on his system.

So I installed and ran Adaware and AVG with the presumption a few nasties would pop up....

Guess what! Not a single item was discovered!!!

Nothing!

12 months of frequent use by a 'novice user' on the internet, emails and online gaming and his system hadn't picked up a virus, trojan, key-logger, backdoor, spyware or ad-ware.

WOW! Windows 98 rocks!

Note:

Windows 98 SE is LESS prone to getting viruses and other nasties than newer Windows version HOWEVER I still strongly recommend Win9x users have an up-to-date web browser and virus scanner as an absolute minimum.

[amocanu]

your windows 98 se system was safe probably because you have been being careful while surfing the net

[TravisO]

Don't credit your setup or windows too much, all this means is he doesn't surf: porn, warez, free games, random sites, share files over IM. Even with Firefox and all updates, he'd get infected in 2 mins if he went to any of those sites. Running firewall free is outright a bad idea, because if a flaw in any of your services, RPC or TCP/IP stack exists, oneday a random vicious packet WILL get you.

The only way to run malware safe without AV or anti-spyware is using XP or Vista as a non admin, and only RunAs specific tasks. But I still run a good & lean AV & Windows Defender + occasional Spybot scan just to be safe.

I always relate using AV to using a car seatbelt. I know how to use a PC properly, and I know how to drive, but that doesn't make you 100% safe. I've even see annoyware/junkware on commercial discs too.

Edited July 8, 2007 by TravisO

[awergh]

its not that suprising 98se without ie is pretty safe. careful for a year?

hmm true, but the first true are the only ones that seem really dangerous

Edited July 8, 2007 by awergh

[Mijzelf]

if a flaw in any of your services, RPC or TCP/IP stack exists

W98 doesn't run any services. When you don't install any LAN clients, not a single port is open.

I wonder if a firewall is able to catch an exploit of a flaw in the TCP/IP stack.

[herbalist]

The only way to run malware safe without AV or anti-spyware is using XP or Vista as a non admin, and only RunAs specific tasks.

"Only" is a bad choice of words here. Your statement might apply to a user who has no knowlege of how an OS or security software works and needs the OS and security apps to do everything for them, but it's by far not the only way to be safe with windows. XP and Vista may be more resistant to certain threats, but there's just as many more that they're vulnerable to which don't affect 9X systems.

98/ME can be used very safely with a default-deny security policy and the proper configuration and software to enforce that policy. I've run my 98 boxes for almost 2 years now with no resident AV. My test box is used for security app testing and malware research. It's deliberately put in harms way and remains uninfected. I'm a beta tester for System Safety Monitor, which I use like a policy manager on steroids. The free version has completely replaced the resident AV on all my boxes. When combined with a good firewall and content filtering of allowed web traffic, a 9X box can be equally as secure or more so than a well protected XP box.

It is not necessary to specifically identify potential threats with signature based applications. All that's necessary is to prevent that malicious code from executing. If it can't run, it can't infect you.

Rick

[Analada]

your windows 98 se system was safe probably because you have been being careful while surfing the net

While there's every reason to suppose that this is a correct observation on your part, let's focus in also on what "galahs" found. Contrast the situation with XP. No matter *how* careful you are with XP, without a firewall you will be infected within a couple of minutes.

Think about this a bit further. Steve Gibson runs a highly respected security chat show (downloadable mp3) every week or so. Over the past two years there have been a number of XP security 'scares'. Ah, well, all to do with errors of course. These things, ... well ... they are just accidents right?

As one famous remark has it, "You might say that. I couldn't possibly comment."

But for those who are interested, here is the link and a quote from one of these shows:

http://www.grc.com/SecurityNow.htm#99

"The Windows MetaFile Backdoor?

"Leo and I carefully examine the operation of the recently patched Windows MetaFile vulnerability. I describe exactly how it works in an effort to explain why it doesn't have the feeling of another Microsoft "coding error". It has the feeling of something that Microsoft deliberately designed into Windows. Given the nature of what it is, this would make it a remote code execution "backdoor". We will likely never know if this was the case, but the forensic evidence appears to be quite compelling."

[prx984]

While there's every reason to suppose that this is a correct observation on your part, let's focus in also on what "galahs" found. Contrast the situation with XP. No matter *how* careful you are with XP, without a firewall you will be infected within a couple of minutes.

A lot of people say this, and it really irritates me because I have been using a Windows XP machine for about 2 months with no virus protection/firewall and all has been fine. I only have Service Pack 2, no further updates. So how people can say this just boggles my mind.

We have about 5 XP machines here at my house with no protection and the only one that gets anything like this, is my brothers computer (go figure) with his dam games. I have a Vista laptop that hasn't got any protection either and it's been fine, no problems. Being careful and using your common sense (alas, not too common now) is the most powerful tool the user can use.

Edited July 8, 2007 by prx984

[Fredledingue]

I agree prw984.

Saying "XP is unsafe" is sort of like saying "W98 is unstable": with all the patches both systems have improved in their respective weaknesses.

TBS, I never had a permanent anti-virus let alone a firrewall in 10 years of w98 websirfing, with IE (now Maxthon), and I got maybe 3 or 4 viruses, no more, and I always knew which site or which session gave me these viruses.

One was a porn site, another a freeware dowload stuff. I don't remember of the others.

I don't go often to pornsites, but as everyone, I happened to look at them once or twice, you know what I mean.

Addaware and Antivir detect only cookies while Antivir Gurd is always OFF.

On the XP machine they detect exe and dll files regularly by the dozen (17 last time) with the Guard is always ON. Go figure.

Facts shows that XP platforms are more often infected than W98 ones.

It doesn't mean you can't use XP.

You just have to run the antivirus scanner more often and abstain fom pornsites.

[Analada]

I agree prw984.

Saying "XP is unsafe" is sort of like saying "W98 is unstable": with all the patches both systems have improved in their respective weaknesses.

TBS, I never had a permanent anti-virus let alone a firrewall in 10 years of w98 websirfing, with IE (now Maxthon), and I got maybe 3 or 4 viruses, no more, and I always knew which site or which session gave me these viruses.

One was a porn site, another a freeware dowload stuff. I don't remember of the others.

I don't go often to pornsites, but as everyone, I happened to look at them once or twice, you know what I mean.

Addaware and Antivir detect only cookies while Antivir Gurd is always OFF.

On the XP machine they detect exe and dll files regularly by the dozen (17 last time) with the Guard is always ON. Go figure.

Facts shows that XP platforms are more often infected than W98 ones.

It doesn't mean you can't use XP.

You just have to run the antivirus scanner more often and abstain fom pornsites.

I'm talking of relative 'unsafes'. Compared to 98SE XP is relatively unsafe®. Hey, there's so many link to this aren't there? Just do a search. Here's one from the respected Register.

http://www.theregister.co.uk/2004/08/19/in...d_in20_minutes/

Yes, and before you say that's out of date, google on "is XP susceptible to viruses".

And did you listen to Steve Gibson's programs on this topic? Why would he say such a thing and not be sued if it were untrue?

[Mijzelf]

According to Secunia, W98SE has 3 unpatched vulnerabilities out of 32 known, while XP home has 27 unpatched out of 170. Most critical unpatched vulnerability for W98SE 'Less critical', for XP Home 'Highly critical'.

[Sfor]

A lot of people say this, and it really irritates me because I have been using a Windows XP machine for about 2 months with no virus protection/firewall and all has been fine. I only have Service Pack 2, no further updates. So how people can say this just boggles my mind.

We have about 5 XP machines here at my house with no protection and the only one that gets anything like this, is my brothers computer (go figure) with his dam games. I have a Vista laptop that hasn't got any protection either and it's been fine, no problems. Being careful and using your common sense (alas, not too common now) is the most powerful tool the user can use.

One has to remember a simple NAT router acts as a quite effective firewall. So, Windows XP not connected to the Internet directly is quite safe against the blaster or other threats infecting the XP system directly.

Since there are 5 XP machines in your house. I do believe there is a router connecting them to the internet.

The Polish branch of the CHIP magazine performed a security test on Windows XP, Vista and Linux operating systems. They connected the 3 computers through a DSL router, and left them running two weeks. And gues what they detected. The only network activity was from the automatic update systems. The NAT within the router stopped all the traffic comming from the Internet.

[BenoitRen]

Even with Firefox and all updates, he'd get infected in 2 mins if he went to any of those sites.

Bulls***. You're talking as if Firefox is vulnerable to those exploits. It isn't. The only thing you can encounter while surfing those sites is a download prompt for a file because it's an attachment to a page. Just don't download it.

The only way to run malware safe without AV or anti-spyware is using XP or Vista as a non admin, and only RunAs specific tasks.

Not true. I've run Windows 95 for years without an AV or anti-spyware software, and I'm still malware-free. Ever since I've started using a secure browser, that is. Back when I used IE5, I'd get adware. Of course, when I used Kazaa years back, I did use an AV, because you can't trust the files you get from there.

Similarly, I'm still malware-free on WinXP Service Pack 2, though I do use a software firewall on it.

One has to remember a simple NAT router acts as a quite effective firewall. So, Windows XP not connected to the Internet directly is quite safe against the blaster or other threats infecting the XP system directly.

Indeed!

[Sfor]

Even with Firefox and all updates, he'd get infected in 2 mins if he went to any of those sites.

Bulls***. You're talking as if Firefox is vulnerable to those exploits. It isn't. The only thing you can encounter while surfing those sites is a download prompt for a file because it's an attachment to a page. Just don't download it.

Erm, I think you missunderstood the point.

Don't credit your setup or windows too much, all this means is he doesn't surf: porn, warez, free games, random sites, share files over IM. Even with Firefox and all updates, he'd get infected in 2 mins if he went to any of those sites. Running firewall free is outright a bad idea, because if a flaw in any of your services, RPC or TCP/IP stack exists, oneday a random vicious packet WILL get you.

TravisO was talking about the system networking services vulnerabilities. The idea was the safer browser as Firefox will not guarantee safety, as system can be infected through network services.

This is true in case of the Windows NT based systems as Windows XP is. But, the Windows 9x systems do not have services designed for servers. So, it is much easier to make Windows 9x systems to be safe form the "direct network assaults".

[eidenk]

The list of malware that has ended on my system through casual browsing with IE is quite huge. I wonder why I still use it actually.

I well want to believe that ditching IE (and also Outlook) for a gecko browser or, better even, Opera, will make a 9x system nearly 100% safe for browsing the net.

I don't use a resident virus scanner because it is too much of a hog to my taste and does not protect from zero days anyway but I use a firewall with outbond filtering and I would carry on using one even if I would ditch IE entirely because I download and install lots of software and because the IE vulns can be exploited in chm files for which there is, to my knowledge, no alternative to hh.exe (which uses the IE runtime) for displaying them.