Will using an older operating system lower your chances of Viruses?

[Drugwash]

"If he has a NAT-router, then he won't be exposed to any port scans."Never had a router myself, but it's possible the current ISP keeps me behind one. Dunno what's in that big box on the building's staircase. Connection is PPPoE (broadband dial-up).

I've started with 14400 bps dial-up modem, years ago, then an unprofessional neighborhood LAN, then an extended LAN and now this official RCS/RDS broadband subscription. Only seen virii in the modem days, 8-10 years ago and one - in a FREE screensaver - about 2-3 years ago while testing a 98SE/Win2003 dual boot. Obviously the 2003 setup went to hell while 98SE stood tall.

[98Guy]

In case of a LAN ARP poisoning attack Windows 9x systems are difficult to defend against. Static ARP entries are not working as expected. Setting a static entry just makes it not to time out. Such an entry will be overwritten by the attacker, and then it will remain that way. This problem has not been solved, so far.

The NT based systems are much better in this case. A static ARP entry will remain as set, ignoring all the ARP poisoning packets.

There are trojans poisoning the ARP tables of other LAN computers. They are modyfying the HTML code by adding redirections to spam or dangerous sites. If one computers in the LAN gets infected, other computers can be affected as well. The NT based systems can be easily protected through a static ARP entry for the internet gateway. The 9x computers can not be protected that way.

ARP poisoning attacks are rare and I doubt very much that the typical home or SOHO user will ever experience them. It is only a threat on a local LAN, so there is no threat directly from the internet. There are monitoring programs (WinARPWatch.exe) that can monitor a LAN and the ARP cache. So while it is true that win-98 does not really keep a static ARP entry as static (and NT4 was this way too) you can monitor the ARP cache for changes. I would bet that some routers, switches or other network appliances can detect ARP spoofing and block specific MAC addresses.

The thing with ARP poisoning is that it's mostly a way to collect information transiting through a LAN (or cause lan DOS). I think it would be hard to use arp-spoofing to install malware on a clean system on the lan. ARP spoofing has been know for at least 5 years, yet it really doesn't register as an intrinsic threat to most users today (home and SOHO users anyways). In larger organizations (that have REAL lans) I'm thinking that their network routers and switches can detect and neutralize ARP spoofing.

[Aloha]

Hi all. Thank you very much for all the helpful information.

It took me so much time to read all the posts and there are too many things I don't know before. I guess I have to read them a few more times to understand them all thoroughly!

I'd like to say a little more about my computer. I have XP SP3 and IE8 beta 2 on it, and there is a router between the modem and our computers. For some reasons, I completely removed 98 SE four months ago. I did worry at first when I decided to use XP only. But everything is very OK up to now. All the security I have on my computer is:

Windows Firewall

Malwarebytes' Anti-Malware

AVG

WinPatrol

CookieWall

And an anti-virus program made in my country

(Now, adding Spyware Blaster as 98Guy suggested)

That's all. I remove junk files on my computer once a week, and then scan it with all the AV applications too. No serious problems so far. I am very careful while surfing the net. Classic Maxthon is my favourite browser because I can easily turn on/off Scripts, Java Applet (???), and ActiveX on any Tabs with one click. I also use Firefox but not quite often. The computer works smooth and fine, and I am pleased with my decision now.

I am glad that I asked questions here. What you have told me is what I will hardly find on the net. I mean, if I search on the net, it will take me a lot of time to find out the exact information I want to know.

Thanks CharlotteTheHarlot for the answer about the threat of infection.

Thanks Cannie for your reply with the interesting link.

Double thanks to 98Guy for replying to me twice. I really like your answers.

This proves you're not a very responsible person hence you're more prone to bumping into nasties.

Uh oh ... I regret calling you a friend, Drugwash! Can't you use some nicer words to talk about me? Edited December 11, 2008 by Aloha

[Drugwash]

My apologies, it was not my intention to offend you; probably a bad choice of words. 'Careful' would've been more appropriate, I guess.

I may be too harsh or blunt at times, but never ill-intended.

[BenoitRen]

I find it difficult to understand why a 9x user would not want to control the outbound traffic from their PC. Admittedly, 9X systems don't have all the open ports that are found on an NT system, but applications also open ports. A lot of software tries to update without asking the user.

The only program I use that checks for updates is SeaMonkey, which it's allowed to do. Other programs don't even know how; they're too old. AIM used to download ads to display on the buddy list window, but it seems to have lost that capability since removing IE.

As for the threat of infection, if I don't go to the bad sites then I don't need to worry so much, right?

Wrong. Infections can be everywhere. Even on trusted sites.

Classic Maxthon is my favourite browser because I can easily turn on/off Scripts, Java Applet (???), and ActiveX on any Tabs with one click. I also use Firefox but not quite often.

Maxthon is based on IE. You shouldn't use anything that uses IE's core.

[Aloha]

Drugwash,

"Careful" sounds acceptable, and it's nicer than "responsible" in the context. It's OK, friend.

Maxthon is based on IE. You shouldn't use anything that uses IE's core.

Then what browser should I use, BenoitRen? SeaMonkey? I installed it and then uninstalled it immediately. I can't stand its ugliness! And applying a skin requires the browser restart, which I don't have to do if I use Maxthon. Asking me to use SeaMokey instead of Maxthon is just like asking you to use Maxthon instead of SeaMonkey! But, thanks for your advice anyway.

[aLeXis]

On XP i use NOD32 Bussiness edition (with firewall integrated) and never had any problems...on 98se i run an older version of nod and kerio firewall (also an older version) and is running smooth for like 4 years and counting....if you know what pages you visit or stuff you get from the internet there would be no problems.

[awergh]

And applying a skin requires the browser restart

is this really a problem you change skins that often? you should not judge a browser by how it looks

[98Guy]

Then what browser should I use, BenoitRen? SeaMonkey?

Besides the mania surrounding the claims that "you must run a firewall" on your win-98 system, there is the hysteria that you "shouldn't use IE".

Don't get bent out of shape over it. Any win-98 system IS NOT COMPLETE unless it has a functional and up to date version of IE6. There will be times when you need to purchase something over the internet, like plane tickets, and you will need to use IE6. If it makes you feel better, install and use Firefox for general browsing (what-ever version still works on win-98 - I'm using firefox because IE6 is badly broken on the system I'm using at the moment and will not even start for some reason).

Bottom line is that the torrent of web-based exploits that surfaced 1 to 2 years ago have faded as the holes were plugged, and many or most of them didn't work at all (or didn't work coherently) on win-98/IE6 systems anyways.

[Drugwash]

Quote from my CD catalog:

May 12, 2003 - Slim Browser v3.53

This is the first reference to Slim Browser recorded in my catalog. A week or two later I updated the Romanian translation, adding diacritics, mainly for personal use. Soon after, I sent this translation to the developer of Slim Browser, who added it to the official release.

Ever since, I've been using it on a daily basis, first in Win95 (after a brief period of Netscape usage) and then in Win98SE. I started recommending it to my friends (most of them using XP), I even helped them configuring it and they've always been happy with SB. True, it does have a quite high memory usage - depending on the number of open tabs and the information displayed - but some of its functions and the way they work make Slim Browser irreplaceable to me.

Oh and it's IE-based, you know... and apologies for repeating myself: no firewall, no real-time antivirus, nothing but Spyware Blaster (also an old timer for me).

To each - their own, I guess...

[BenoitRen]

Then what browser should I use, BenoitRen?

Any browser that does not use IE's core. SeaMonkey, Firefox, K-Meleon, Opera,... It doesn't matter, as long as it doesn't use IE.

SeaMonkey? I installed it and then uninstalled it immediately. I can't stand its ugliness!

That's why there are themes. Change to the Modern theme. It's also included.

there is the hysteria that you "shouldn't use IE"

It's not hysteria. It's the biggest security hole of any Windows system.

There will be times when you need to purchase something over the internet, like plane tickets, and you will need to use IE6.

Simple. Change your user agent string.

Bottom line is that the torrent of web-based exploits that surfaced 1 to 2 years ago have faded as the holes were plugged

No holes have been plugged since the release of Service Pack 2 for XP, with a new edition of the IE6 browser.

Security is the most important argument to not use IE6. But another argument that's almost equally important is web standards support. Compared to every other mature web browser, it's downright horrible. Bugs galore.

[jaclaz]

Maxthon is based on IE. You shouldn't use anything that uses IE's core.

Just for the record:

Maxthon was based on IE.

http://en.wikipedia.org/wiki/Maxthon

Newish version can use Gecko as well.

Nonetheless, it is NOT "slim".

jaclaz

[98Guy]

No holes have been plugged since the release of Service Pack 2 for XP, with a new edition of the IE6 browser.

Not true. Patches for IE6 are being made available all the time.

There have been 13 advisories in 2008 so far:

http://secunia.com/advisories/product/11/?...advisories_2008

And 14 during 2007:

http://secunia.com/advisories/product/11/?...advisories_2007

All the important ones have patches except the most recent (which was announced just a few days ago).

Mozilla SeaMonkey 1.1.x has had 6 advisories during each of 2006 and 2007:

http://secunia.com/advisories/product/1438...advisories_2008

Firefox 2.x has had 15 advisories in 2007, and 9 in 2008.

There are many versions of Opera. The latest is 9. That version has 9 advisories in 2007 and 10 for 2008 and a total of 21 going back to 2006. Opera version 8 has a total of 26 vulnerabilities going back to 2004.

Either there is no information on Secunia about K-Meleon, or it has never been the subject of an advisory.

Bottom line is that other so-called "safe" browsers have plenty of vulnerabilities.

Also note that most vulnerabilities that are announced or discovered will never be exploited (which means they will be rare if they even exist) and many exploits that do exist will probably not function as designed on win-98 systems anyways.

[Aloha]

you should not judge a browser by how it looks

Awergh, I didn't jugdge any features of SeaMonkey because I didn't use it for long enough. I only said what I thought about its appearance.

Any browser that does not use IE's core. SeaMonkey, Firefox, K-Meleon, Opera,... It doesn't matter, as long as it doesn't use IE.

BenoitRen, I tried Minefield 3.2a1. It didn't accept some add-ons I like such as ColorfulTabs, Accessibar, Toolbar Buttons, so I had to return to Firefox 3.04. I use this browser when I need to change the background or the font colors on some sites which hurt my eyes. I don't use it most of the time. It's a good browser, I agree.

That's why there are themes. Change to the Modern theme. It's also included.

Even the modern theme of SeaMonkey looks ugly to me, whose taste is quite bad! And you missed this part of my previous post:

Asking me to use SeaMokey instead of Maxthon is just like asking you to use Maxthon instead of SeaMonkey!

This is my last post on this thread. I wonder why Atmosphere XG can stand the off topic posts so well! Why didn't he report this annoyance?

[Drugwash]

Secunia advisory on Slim Browser, 2004-2008: link. Of course, the underlying IE advisories should be taken into account too.