AstroSkipper Posted May 21, 2023 Author Share Posted May 21, 2023 (edited) 21 hours ago, jaclaz said: poverty? Is that the politically correct term for what in my times was called sloppiness? jaclaz In Germany, we call it "Armutszeugnis". Translated literally into English: "testimony of poverty" which means sloppiness, inability or incompetence. Edit: Sometimes literal translations can lead to misunderstandings. Therefore, I have found a better translation for "Armutszeugnis" and thus replaced "testimony of poverty" with "sign of inadequacy". And all of this, of course, only for our guardian of words @jaclaz! Whereby I would actually rather have content-related, topic-related statements than linguistic, philosophical or political marginal notes! Anyway, I have amended my original post accordingly. AstroSkipper Edited May 22, 2023 by AstroSkipper Update of content 1 Link to comment Share on other sites More sharing options...
AstroSkipper Posted May 25, 2023 Author Share Posted May 25, 2023 (edited) Look 'n' Stop Firewall Look 'n' Stop Firewall is a rule-based firewall that can control both outgoing and incoming traffic. It has a standard set and an enhanced set of predefined rules. Rules can be imported, exported or newly created. Look 'n' Stop Firewall also keeps a detailed log that provides the user with information about all the filtered packets. There are two ways in which the firewall can be operated: in standard mode, once the user decides to restrict access to an application, he/she will not be asked again. The choice remains so until the user manually grant access to it. If Look 'n' Stop Firewall is run in advanced mode, the user is given two extra choices: he/she can grant or restrict access just one time or until restarting Windows. This firewall is a powerful tool and of course compatible with Windows XP. A special mention should be made of the extremely low resource consumption and processor load. The last version 2.07 even supports IPv6. All functions are described on the homepage. Features: http://web.archive.org/web/20190420082753/http://www.looknstop.com/En/looknstop.htm Homepage: http://web.archive.org/web/20190420105129/http://www.looknstop.com/En/index2.htm Version number: 2.07 Date of release: 17.10.2009 Release notes: Quote Additions: Windows 7: Registration to the Action Center. 64 bits versions: Protocols detection. IPV6: Extension headers support (in filtering rules and packet content display). Support for ECE & CWR TCP flags (congestion control) in rule edition and packet content display. ICMPV6: for packet content display, added some new text description (for types 141 to 147) IGMP: display of the type in the log Modifications: Vista SP1: Update of the registration to the security center. Improvements in protocol detection (available through the registry only). For applications starting themselves (typical case: Internet Explorer :cool:, it's now the initial application (i.e. the grand-parent application) that is detected as starting the application. Default rulesets are updated to support IPV6 natively. Packet content display: TCP flags now are indicated through letters Software registration now requires an online activation Registration text (in "Registration" tab) now updates with the registration status. In the tray icon zone, added some alert message on some important events. The registry entry: [HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\MaxUserPort] is used to compute the maximum value of local port. Fixes Sometimes some Application Connections popup contained pathname with "\Device\harddisk0…" format. Vista/Windows 7: the starting mode as a Service was sometimes available (notably after opening the Advanced Options dialog box and clicking Ok). When the configuration is locked with a password, some menus were no longer disabled after translation with the plugin. Some errors/crashes appeared with one of the driver when the Driver Verifier tool was used. Application Filtering IPV6: port & IP selection through range & mask were not working properly. Application Filtering: fixed a problem when full alerts (with IP and Port) were reported to the log with a high rate flow. System requirements: Windows 7 (32 and 64 bits) Windows Vista (32 and 64 bits) Windows XP (32 and 64 bits) Windows 2000 Windows serveur 2003 Windows Millenium and 98 Review: https://www.brighthub.com/computing/smb-security/reviews/36598/ Download link: http://web.archive.org/web/20190422035302/http://www.looknstop.com/En/download.htm Rules: Free rules from the developer: http://web.archive.org/web/20190511002235/http://www.looknstop.com/En/rules/rules.htm Additionally, there was a commercial ruleset called Phant0m``s Look 'n' Stop Ruleset Deluxe v1 Build 010 Rev3: http://web.archive.org/web/20160410170152if_/http://www.queenscountypctech.ca:80/Phant0m/downloads/file.php?get=Phant0m_Looknstop_Ruleset_Deluxe.zip Screenshots: I list Look 'n' Stop Firewall here because it is a good firewall for Windows XP. The program can be tested for 30 days. Then, however, a licence code must be entered, which unfortunately can no longer be purchased. Same applies to the Phant0m``s Look 'n' Stop Ruleset Deluxe. So this firewall is interesting for those who have already bought, won, inherited or otherwise obtained a licence years ago, such as yours truly. I have used this firewall for a long time, and it served me well. Cheers, AstroSkipper Edited June 8, 2023 by AstroSkipper Update of content 1 Link to comment Share on other sites More sharing options...
Vistapocalypse Posted May 25, 2023 Share Posted May 25, 2023 Speaking of very old firewalls, it seems like Comodo was famous for firewalls before they ever made an antivirus. I just searched the well-known older thread, and Comodo Firewall was mentioned but no version number or download link was provided. (I never used it.) 1 Link to comment Share on other sites More sharing options...
AstroSkipper Posted May 25, 2023 Author Share Posted May 25, 2023 17 minutes ago, Vistapocalypse said: Speaking of very old firewalls, it seems like Comodo was famous for firewalls before they ever made an antivirus. I just searched the well-known older thread, and Comodo Firewall was mentioned but no version number or download link was provided. (I never used it.) I know Comodo Firewall quite well as I used it in the past. A lot of information about Comodo was already collected by me including links and versions. A good source is among others the Comodo Forum. 2 Link to comment Share on other sites More sharing options...
AstroSkipper Posted May 27, 2023 Author Share Posted May 27, 2023 (edited) CurrPorts With the analysis tool CurrPorts from NirSoft, you can display all occupied ports for TCP/IP and UDP on your computer. The tool lists each process with open ports and extensive information such as local and external addresses of a program connected to the internet or a network. If desired, the tool creates a clear TXT, HTML or XML document from this. Even after so many years and updates, CurrPorts is still compatible with Windows XP, like most programs from NirSoft portable and of course free of charge. All further information can be found on the CurrPorts homepage. Quotation from their homepage: Quote CurrPorts is network monitoring software that displays the list of all currently opened TCP/IP and UDP ports on your local computer. For each port in the list, information about the process that opened the port is also displayed, including the process name, full path of the process, version information of the process (product name, file description, and so on), the time that the process was created, and the user that created it. In addition, CurrPorts allows you to close unwanted TCP connections, kill the process that opened the ports, and save the TCP/UDP ports information to HTML file , XML file, or to tab-delimited text file. CurrPorts also automatically mark with pink color suspicious TCP/UDP ports owned by unidentified applications (Applications without version information and icons). Homepage: https://www.nirsoft.net/utils/cports.html Version number: 2.77 Date of release: 13.12.2023 System requirements: Windows NT Windows 2000 Windows XP Windows Server 2003 Windows Server 2008 Windows Vista Windows 7 Windows 8 Windows 10 Version history: Quote Version 2.77: Fixed bug: CurrPorts failed to display country/city information for IPv6 addresses. Version 2.76: Added new option: 'Show Only Incoming TCP Connections'. When this option is turned on, CurrPorts displays only connections with associated listening port. Version 2.75: Added support for using the IP-Location files from https://github.com/sapics/ip-location-db for viewing country/city/ASN information of remote IP addresses. You can use all 3 types of CSV files: Country, City, and ASN. Both IPv4 and IPv6 files are supported. In order to use these IP-Location files, simply download the desired files and put them in the same folder of cports.exe with their original filename (For example: asn-country-ipv4.csv , asn-ipv4.csv, asn-ipv6.csv) Version 2.71: Added 'Full Screen' option (View -> Full Screen or F11 key). Version 2.70: Added 'Black Background' option (Under the View menu). When it's turned on, the main table is displayed in black background and white text, instead of default system colors. Added secondary sorting support: You can now get a secondary sorting, by holding down the shift key while clicking the column header. Be aware that you only have to hold down the shift key when clicking the second/third/fourth column. To sort the first column you should not hold down the Shift key. Added option to change the sorting column from the menu (View -> Sort By). Like the column header click sorting, if you click again the same sorting menu item, it'll switch between ascending and descending order. Also, if you hold down the shift key while choosing the sort menu item, you'll get a secondary sorting. Added 'Sort By' dropdown to the toolbar. The complete version history can be found here: https://www.nirsoft.net/utils/cports.html Review: https://www.ghacks.net/2019/08/02/blast-from-the-past-nirsofts-currports/ Download links: 32-Bit version: https://www.nirsoft.net/utils/cports.zip 64-Bit version: https://www.nirsoft.net/utils/cports-x64.zip CurrPorts is also available in other languages which can be downloaded from their homepage. Screenshots: And here is a screenshot when opening MSFN website with New Moon 28: I love all the tools from NirSoft. CurrPorts is one of them. Knowing exactly which program uses which port and connects to where is very important and can play a crucial role in terms of system security. In my opinion, you simply have to have this program, especially just in case. Cheers, AstroSkipper Edited March 11 by AstroSkipper Update of content 1 Link to comment Share on other sites More sharing options...
AstroSkipper Posted May 27, 2023 Author Share Posted May 27, 2023 (edited) On 5/25/2023 at 9:38 PM, Vistapocalypse said: Speaking of very old firewalls ... Comodo was famous for firewalls ... I think that there are indeed programs whose age plays a subordinate role. My firewall in Windows XP is now 7 years old, and I would not exchange it for any other program. Firewalls for Windows XP in particular don't necessarily have to be up to date as long as they can still control data traffic correctly in these days. That is one of the reasons why I also list such old firewalls as Look 'n' Stop Firewall here. And of course, the Comodo Firewall definitely belongs here, too. And sometimes, the following rule can be applied: old OS, old program. That's what it was made for. Edited May 28, 2023 by AstroSkipper Update of content 1 Link to comment Share on other sites More sharing options...
AstroSkipper Posted June 7, 2023 Author Share Posted June 7, 2023 (edited) InSpectre InSpectre is a free program for Windows that checks for Spectre and Meltdown vulnerabilities. Meltdown and Spectre are the names of the attack methods that can be used to undermine the security of operating systems and applications. For more detailed information about Spectre and Meltdown checks this website: https://meltdownattack.com/. There you will find following reference documents: https://meltdownattack.com/meltdown.pdf and https://spectreattack.com/spectre.pdf. The actual check refers to CPU security vulnerabilities. InSpectre shows very clearly and concisely in the program window whether the system is affected by these security vulnerabilities or not. In addition, the program also provides an explanation of the state of the system and the performance that the PC has. The tool is compatible with Windows XP and free of charge. More information can be found on the homepage of InSpectre. Homepage: https://www.grc.com/inspectre.htm Version number: 0.0.6675.8 Release number: #8 Date of release: 21.04.2019 System requirements: All versions of Windows Version history: Quote Release #1 — Initial release: The first release was triggering false-positive warnings from 3rd-party anti-virus scanners. This was probably due to a registry key the application uses to enable/disable the Meltdown and Spectre protections. Also, the language used in one of the text-explainers was confusing and self-contradictory. Release #2 — Second try: This second release hides its use of the registry key that was upsetting so many anti-virus scanners. A pass through Virus Total shows that made a huge difference. And that confusing paragraph was rewritten into two, which are now presented more correctly. Let's see how this second try fares. Release #3 — Raw Technical Data Display: InSpectre's more technically inclined users have asked for more information about how InSpectre makes its decisions. Non-Windows users have also asked for that information so that InSpectre could be run on Linux and MacOS machines (under WINE) to check the non-Windows machine's CPU support. As shown to the right, InSpectre release #3 adds a “Show Technical Details” item in the system control menu at the upper-left corner of the app. Click on the little “Spectre” icon and select the “Show Tech Details” item to display the raw data obtained by InSpectre's analysis of its operating environment. Release #4 — Silent System Probe Option: When InSpectre is launched with the string “probe” in its command line, its Windows user interface will be suppressed and InSpectre will act like a command-line utility. It will assess its hosting system's status, then immediately terminate itself returning a decimal exitcode which encodes the eight “trouble bits” shown below, which itemizes any trouble. Therefore, for example, an exitcode of zero (0) is returned only by a fully secure system. Decimal Value Trouble Itemization 1 OS is not aware of the Meltdown vulnerability 2 OS is not aware of the Spectre vulnerability 4 The system is vulnerable to Meltdown 8 The system is vulnerable to Spectre 16 CPU does not support Spectre (microcode not updated) 32 CPU does not support low-overhead Meltdown protection 64 Meltdown protection disabled by registry setting 128 Spectre protection disabled by registry setting Since InSpectre's exitcode is the sum of the values shown above which are true for any specific system, the table above can be used to decompose InSpectre's probe-mode exitcode to determine the system's trouble. This zip archive: *InSpectre-Probe-Samples.zip* https://www.grc.com/inspectre/InSpectre-Probe-Samples.zip contains sample batch file and powershell script files for capturing InSpectre's exitcode. Note that an exitcode is not a “printed” output from the program—it won't be printed onto a command console. It is a value that can be obtained by another script or program which executes the program after it terminates. Release #5 — Copy results to system clipboard: Earlier releases of InSpectre did not encourage copying the program's displays out of the application. Any region of the results can now be marked with the mouse and copied to the system's shared clipboard by using the standard Ctrl-C key combination. The application's system menu (under the small Spectre icon at the upper-left corner of the application window) also now contains a “Copy to Clipboard” option which will either copy a marked region or the entire textual content if no region is marked for copying. Release #6 — Worked around a Microsoft bug and more . . . Users of an earlier version of Windows 10 (version 1703 - the non-Fall Creator's Update) reported that InSpectre did not believe that their system had been patched for the Spectre vulnerability. Upon analysis, a bug was discovered in that version of Windows which affected the way 32-bit applications, such as InSpectre, viewed the system. This was apparently fixed in the later “Fall Creator's Update” (version 1709) but not in the earlier version. A 64-bit “probe” was added to the 6th release of InSpectre to work around this bug in version 1703 so that InSpectre would accurately reflect any system's true protection. And, while we were at it, the language presented in the summary was changed from “vulnerable” to “protected” so that “YES” was the good answer and “NO!” was the bad answer. Release #7 — Added the display of the system's CPUID . . . Microsoft will be making Intel (and perhaps AMD?) processor microcode patches available for the most persistent Spectre Variant 2 vulnerability. These will become available over time as they become available from Intel and they will apparently need to be manually installed by interested Windows users. It is not yet clear whether Microsoft will be willing or interested in making these patches available for earlier versions of its Windows operating systems, but we can hope. The patches are applicable to specific CPU models only, which are identified by each chip's “CPUID.” For this reason, InSpectre now prominently displays the system's processor CPUID at the top of its system summary. Please check this page on Microsoft's website to see whether a microcode patch for your CPU, determined by its CPUID, is available at any time: *KB4090007: Intel microcode updates* https://support.microsoft.com/en-us/help/4090007/intel-microcode-updates You can also use your favorite Internet search engine to search for the string “KB4090007” which should always take to that page and to its related Microsoft Update Catalog page to obtain the specific Windows update. Release #8 — Now shows whether an Intel microcode patch is (ever) available for Spectre. Intel has finished designing microcode update patches for its processors. On April 2nd, 2018, they announced that processors that have not yet been patched will never be patched. Their full statement is available *in this PDF document* https://newsroom.intel.com/wp-content/uploads/sites/11/2018/04/microcode-update-guidance.pdf. In that document, Intel specifies which of their many processors do have patches and which of their more recent processors will never receive updated firmware. Now that the industry has this information, this 8th release of InSpectre incorporates that list of CPUIDs and displays whether microcode firmware updates exist for the system's Intel CPU. Review: https://www.ghacks.net/2018/01/16/gibson-releases-inspectre-vulnerability-and-performance-checker/ Download link: https://www.grc.com/files/InSpectre.exe Screenshots: Cheers, AstroSkipper Edited June 7, 2023 by AstroSkipper 2 Link to comment Share on other sites More sharing options...
AstroSkipper Posted June 7, 2023 Author Share Posted June 7, 2023 (edited) Additionally, I found an Online Test to check whether browsers are vulnerable to Spectre or not. Here is the link: https://xlab.tencent.com/special/spectre/spectre_check.html I performed this test in New Moon 28 (2023-05-25). Here is the result: So, New Moon 28 doesn't seem to be vulnerable to Spectre. Cheers, AstroSkipper Edited June 8, 2023 by AstroSkipper Update of content 3 Link to comment Share on other sites More sharing options...
NotHereToPlayGames Posted June 7, 2023 Share Posted June 7, 2023 4 Link to comment Share on other sites More sharing options...
AstroSkipper Posted June 7, 2023 Author Share Posted June 7, 2023 (edited) 58 minutes ago, NotHereToPlayGames said: Of course! That's why I wrote: "New Moon 28 doesn't seem to be vulnerable to Spectre". A residual risk always remains. Edited June 7, 2023 by AstroSkipper Update of content 3 Link to comment Share on other sites More sharing options...
UCyborg Posted June 8, 2023 Share Posted June 8, 2023 (edited) On 6/7/2023 at 12:59 PM, AstroSkipper said: So, New Moon 28 doesn't seem to be vulnerable to Spectre. Probably timings simply don't add up in your particular case, hence reading non-vulnerable. But this is a hardware thing and unless the CPU was put together after vulerability was disclosed, it won't have hardware-based safeguard to surely prevent leaking in absence of other mitigations. 32-bit Pale Moon on Windows 10 and Serpent from January 2023 on Windows XP both read as vulnerable here, also 360Chrome 13.5.2022. 64-bit builds of the first two browsers don't. Or if 32-bit builds are restricted to run on the single CPU core. 32-bit Firefox 110 doesn't and neither does 64-bit Edge 94 (both run on all available CPU cores). Edited June 8, 2023 by UCyborg 1 Link to comment Share on other sites More sharing options...
AstroSkipper Posted June 9, 2023 Author Share Posted June 9, 2023 (edited) 19 hours ago, UCyborg said: Probably timings simply don't add up in your particular case, hence reading non-vulnerable. But this is a hardware thing and unless the CPU was put together after vulerability was disclosed, it won't have hardware-based safeguard to surely prevent leaking in absence of other mitigations. 32-bit Pale Moon on Windows 10 and Serpent from January 2023 on Windows XP both read as vulnerable here, also 360Chrome 13.5.2022. 64-bit builds of the first two browsers don't. Or if 32-bit builds are restricted to run on the single CPU core. 32-bit Firefox 110 doesn't and neither does 64-bit Edge 94 (both run on all available CPU cores). Thanks for your information! My processor is an Intel Pentium 4 32-Bit single core in my Windows XP Professional computer. This CPU is vulnerable to Spectre and Meltdown, of course. But as I am aware of, don't we need to distinguish between a CPU and. a browser in terms of vulnerability? I think so! Especially after what I have read. At least, that's presumably the reason there is a CPU test and a seperate browser test. Edited June 9, 2023 by AstroSkipper 2 Link to comment Share on other sites More sharing options...
UCyborg Posted June 9, 2023 Share Posted June 9, 2023 (edited) I imagine the browser without own mitigations won't appear vulnerable on a newer CPU while it may appear so on the older CPU. And just how effective are these software mitigations? https://forum.palemoon.org/viewtopic.php?t=25059 I run an OS from 2020 and still vulnerable. Maybe the issue is that the OS was released during COVID-19 pandemic (pun-intended)? Or there are tricks that the small team (Moonchild Productions) simply isn't aware of, given that it doesn't happen in either Firefox or Edge and there could be a combination of OS level and browser level mitigations behind the scenes. But then again, I always got the impression that the only real fix is a new CPU as far as those particular vulnerabilities go. Edited June 9, 2023 by UCyborg 1 Link to comment Share on other sites More sharing options...
AstroSkipper Posted June 9, 2023 Author Share Posted June 9, 2023 (edited) 1 hour ago, UCyborg said: But then again, I always got the impression that the only real fix is a new CPU as far as those particular vulnerabilities go. That's totally clear. The best fix would be a new, not vulnerable CPU. But, just for clarification, you think my performed test of New Moon 28 gives incorrect results on my computer. You consider Pale Moon browsers vulnerable in general, unlike current Firefox browsers. Right? Edited June 9, 2023 by AstroSkipper Update of content 3 Link to comment Share on other sites More sharing options...
Cixert Posted June 11, 2023 Share Posted June 11, 2023 (edited) On 4/30/2023 at 2:49 AM, Cixert said: Congratulations on opening the thread, now we can make a nice list in the header. Perhaps the disadvantage is that in search engines users will look for the word antivirus, not the word malware, although I don't see a very much problem. Here are a few programs to add to the alphabetical list. I order them like I have these on my computer, rate these however you like. ANTIVIRUS Avast Free Antivirus 18.8.4804 https://install.avcdn.net/iavs9x-xp/avast_free_antivirus_setup_offline.exe Avast definitions 12-18 https://install.avcdn.net/vpsnitro/vpsupd.exe Avast Clear (uninstall) https://files.avast.com/iavs9x/avastclear.exe AVG Antivirus Free 18.8.4804 (offline downloader) https://install.avcdn.net/avg/iavs9x-xp/avg_antivirus_free_setup_offline.exe AVG Antivirus Free 17.9 (offline downloader) https://install.avcdn.net/avg/iavs9x-xp/avg_free_antivirus_setup_offline.exe AVG Internet Security 18.8.4084.0 (trial) https://install.avcdn.net/avg/iavs9x-xp/avg_internet_security_setup_offline.exe AVG Clear XP (uninstall) https://install.avcdn.net/avg/iavs9x-xp/avgclear.exe ClamWin http://es.clamwin.com/content/view/18/46/ Clan Sentinel (real time protection for ClanWin) https://clamsentinel.sourceforge.net/ Dr. Web Cure It (free with send statistics or paid) https://free.drweb.com/ eScan https://www.escanav.com/ Panda Dome (free or paid) https://www.pandasecurity.com/es/homeusers/free-antivirus/ I can't find an official offline downloader do you know of any? please comment. Virus Total.com (file analysis online multi-antivirus) https://www.virustotal.com Wise Vestor StopX https://update2.wisevector.com/WiseVector_StopX.exe ANTI-SPYWARE Adware Removal Tool https://www.techsupportall.com/adware-removal-tool/ ComoboFix ??? http://www.combo-fix.com/ Malwarebytes Free & Premium 3.5.1.2522-1.0.365-1.0.5292 https://downloads.malwarebytes.com/file/mb3_legacy Sophos HitmanPro https://www.hitmanpro.com/en-us/downloads SpywareBlaster (for browsers) http://www.brightfort.com/spywareblaster.html FIREWALL Agnitum Outpost Firewall (old) PORTS SCANNERS CurrPorts https://www.nirsoft.net/utils/cports.html The Nmap Security Scanner https://nmap.org/download OTHERS OLD VERSIONS Anti-DDOS Bothunter TrendMicro Housecall 1.50.0.1154 TrendMicro RUBotted 2.0.0.1034 beta Anti-PUP AdwCleaner 6.047 (2017-05-19) (last Windows XP) MalwareBytes Junkware Removal Tool JRT 8.1.4 (2017-09-07) Antirootkit Avast antirootkit aswar 1.0.0.1 beta (gmer based) Avast MBR scaner 0.9.9.1771 Karpesky TDSS rootkit removing tool 2.8.16.0 Malwarebytes Anti-Rootkit (Beta) mbar-1.08.3.1004 (2014-11-18) gmer 2.1.19357.0 Randoms system information tool RSIT 3.3.6.1 Disinfectant Microsoft Windows Malicious Software Removal Tool (Windows-KB890830-V5.39-32-bit) (2016-08-10) (last Windows Xp) I have tried almost every antivirus for Windows XP in the past, but that was more than 10 years ago, when I decided to stick with Avast 6.0. Unfortunately now, in 2023, I am looking for a new antivirus. I'll test if any from the past are currently working and comment. I forgot to mention that SuperAntispyware still works on XP. The program is paid. There is a 14 day trial version.I have tested that work the latest version 10.0.1252 (173 MiB) from 2023 and version 6.0.0.1250 (30 MiB) (2017-12-22) with updated database. But the "System tools" option stays frozen looking for items in the latest version (I have waited 10 minutes). While in version 6 it works fine. https://www.superantispyware.com/ Edited June 11, 2023 by Cixert 1 Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now