Microsoft Phasing Out Win98 !?

"Dan" <spamyou DeleteThis @user.nec> wrote in message
news:%23YK5OqfIFHA.2428@TK2MSFTNGP10.phx.gbl...
 > Well to each his own but remember that XPPRO does have more entry points
 > by
 > hackers and does not have a true underlying MSDOS or anything else
 > operating

Where do you get your info from? XP Pro is much more secure than 98 in any
flavor, period, end of story!

 > system.
 >
 > "Pete" <Pete DeleteThis @nospam.com> wrote in message
 > news:8u4Wd.9932$Lr3.1810@newssvr31.news.prodigy.com...
 > :
 > : > And everybody agrees that win98 is the most reliable and
 > : > most stable of os that microsoft has ever produced. so it
 > : > will have least problems.
 > : >
 > : > ---
 > : I would say by experience that XP is the better operating system,
 > followed
 > : closely by 98se.
 > : =Pete
 > :
 > :
 >
 ><!-- ~MESSAGE_AFTER~ -->
 >> Stay informed about: Microsoft Phasing Out Win98 !? 

Okay, Brian you are right and I am wrong.

"Brian A." <gonefish'n@afarawaylake> wrote in message
news:%23yzBrcgIFHA.3484@TK2MSFTNGP12.phx.gbl...
: "Dan" <spamyou.DeleteThis@user.nec> wrote in message
: news:%23YK5OqfIFHA.2428@TK2MSFTNGP10.phx.gbl...
: > Well to each his own but remember that XPPRO does have more entry points
: > by
: > hackers and does not have a true underlying MSDOS or anything else
: > operating
:
: Where do you get your info from? XP Pro is much more secure than 98 in any
: flavor, period, end of story!
:
: > system.
: >
: > "Pete" <Pete.DeleteThis@nospam.com> wrote in message
: > news:8u4Wd.9932$Lr3.1810@newssvr31.news.prodigy.com...
: > :
: > : > And everybody agrees that win98 is the most reliable and
: > : > most stable of os that microsoft has ever produced. so it
: > : > will have least problems.
: > : >
: > : > ---
: > : I would say by experience that XP is the better operating system,
: > followed
: > : closely by 98se.
: > : =Pete
: > :
: > :
: >
: >
:
 >> Stay informed about: Microsoft Phasing Out Win98 !? 

On Sat, 5 Mar 2005 22:44:32 -0600, "Brian A."
 >"Dan" <spamyou DeleteThis @user.nec> wrote in message

  >> Well to each his own but remember that XPPRO does have more entry points
  >> by hackers and does not have a true underlying MSDOS or anything else
  >> operating

I'd clarify that into two points:

1) XP (both Home and Pro) have more entry points, thus risk: True
2) XP does not have an underlying DOS: True, but that's good

I'd re-phrase (2) as:

2) XP does not have a maintenance OS: True, and that's Bad

<a style='text-decoration: underline;' href="http://cquirke.mvps.org/whatmos.htm" target="_blank">http://cquirke.mvps.org/whatmos.htm</a> refers on maintenance OS

 > Where do you get your info from?

School of hard knocks? Can you say: Lovesan? Sasser?

Win9x does not have a single direct worm network attack, unless you
bind F&PS to Internet (Opaserv etc.) or run an SQL server (Slammer).

Any version of XP older than SP2 will be attacked within minutes if it
is installed as shipped and is connected to the Internet.

That's a very material difference in safety, which concerns most home
users more than security.


XP is NT, which was built from the ground up as a new post-DOS OS, and
is designed to be a network client. Unfortunately, it treats the
Internet as just another big network, and offers various services to
it that can be exploited. That's why it is "more secure"; it *has* to
be, given that by design, it takes greater risks.

Win98xx is Win9x, which was also built from the ground up as a new
post-DOS OS, but with a higher degree of backwards compatibility - in
fact, it still includes an updated DOS that can be booted instead of
Windows (though WinME removed this ability).

Unlike NT, Win9x was not designed first and foremost as a securable
network client. It was designed as a stand-alone OS that included
networking ability, but (unlike NT) there was no attempt to lock it
securely into this role. So yes; it's less secure, in that it cannot
be subjugated entirely to the will of a remote administrator. The
upside is, it doesn't allow entities on the 'net to remotely control
it by persuading the OS that they are the "administrator",

 >XP Pro is much more secure than 98 in any flavor, period, end of story!

False.

Or should I say, out of the box, XP is a considerably more exploitable
OS, and this does translate directly into real-world mileage.

Don't confuse improved sysadmin control with consumer safety.



 >---------------- ----- ---- --- -- - - - -
Cats have 9 lives, which makes them
ideal for experimentation!
 >---------------- ----- ---- --- -- - - - -<!-- ~MESSAGE_AFTER~ -->
 >> Stay informed about: Microsoft Phasing Out Win98 !? 

cquirke (MVP Win9x) wrote:
 > On Sat, 5 Mar 2005 22:44:32 -0600, "Brian A."
  >> "Dan" <spamyou.RemoveThis@user.nec> wrote in message
 >
   >>> Well to each his own but remember that XPPRO does have more entry points
   >>> by hackers and does not have a true underlying MSDOS or anything else
   >>> operating
 >
 > I'd clarify that into two points:
 >
 > 1) XP (both Home and Pro) have more entry points, thus risk: True
 > 2) XP does not have an underlying DOS: True, but that's good
 >
 > I'd re-phrase (2) as:
 >
 > 2) XP does not have a maintenance OS: True, and that's Bad

Yeah, and that one scares me a bit, at least at this point in time. I've
had to go down to DOS on a few occasions, including reinstalling and/or
"fixing" windows, and losing that "maintenance OS" capability kinda bothers
me (even if you do have a "Recovery Console" in XP)

But then again, I'm quite content with Win98SE, so no problemo (for me - at
least for a good while).

 > <a style='text-decoration: underline;' href="http://cquirke.mvps.org/whatmos.htm" target="_blank">http://cquirke.mvps.org/whatmos.htm</a> refers on maintenance OS<!-- ~MESSAGE_AFTER~ -->
 >> Stay informed about: Microsoft Phasing Out Win98 !? 

Wow, thanks for bringing the truth to this discussion, Chris. You continue
to amaze me. You and Gary S. Terhune as well as Hugh Candlin make quite a
force to be reckoned with in the world of computers. Could you elaborate on
this one point for me a little more so I can understand it better. Thanks in
advance.

"Win9x does not have a single direct worm network attack, unless you
bind F&PS to Internet (Opaserv etc.) or run an SQL server (Slammer)."

I understood the rest of your points.

"cquirke (MVP Win9x)" <cquirkenews RemoveThis @nospam.mvps.org> wrote in message
news:1bjl21t8310ll4c293lhuppntf7tg5fif4@4ax.com...
: On Sat, 5 Mar 2005 22:44:32 -0600, "Brian A."
: >"Dan" <spamyou RemoveThis @user.nec> wrote in message
:
: >> Well to each his own but remember that XPPRO does have more entry points
: >> by hackers and does not have a true underlying MSDOS or anything else
: >> operating
:
: I'd clarify that into two points:
:
: 1) XP (both Home and Pro) have more entry points, thus risk: True
: 2) XP does not have an underlying DOS: True, but that's good
:
: I'd re-phrase (2) as:
:
: 2) XP does not have a maintenance OS: True, and that's Bad
:
: http://cquirke.mvps.org/whatmos.htm refers on maintenance OS
:
: > Where do you get your info from?
:
: School of hard knocks? Can you say: Lovesan? Sasser?
:
: Win9x does not have a single direct worm network attack, unless you
: bind F&PS to Internet (Opaserv etc.) or run an SQL server (Slammer).
:
: Any version of XP older than SP2 will be attacked within minutes if it
: is installed as shipped and is connected to the Internet.
:
: That's a very material difference in safety, which concerns most home
: users more than security.
:
:
: XP is NT, which was built from the ground up as a new post-DOS OS, and
: is designed to be a network client. Unfortunately, it treats the
: Internet as just another big network, and offers various services to
: it that can be exploited. That's why it is "more secure"; it *has* to
: be, given that by design, it takes greater risks.
:
: Win98xx is Win9x, which was also built from the ground up as a new
: post-DOS OS, but with a higher degree of backwards compatibility - in
: fact, it still includes an updated DOS that can be booted instead of
: Windows (though WinME removed this ability).
:
: Unlike NT, Win9x was not designed first and foremost as a securable
: network client. It was designed as a stand-alone OS that included
: networking ability, but (unlike NT) there was no attempt to lock it
: securely into this role. So yes; it's less secure, in that it cannot
: be subjugated entirely to the will of a remote administrator. The
: upside is, it doesn't allow entities on the 'net to remotely control
: it by persuading the OS that they are the "administrator",
:
: >XP Pro is much more secure than 98 in any flavor, period, end of story!
:
: False.
:
: Or should I say, out of the box, XP is a considerably more exploitable
: OS, and this does translate directly into real-world mileage.
:
: Don't confuse improved sysadmin control with consumer safety.
:
:
:
: >---------------- ----- ---- --- -- - - - -
: Cats have 9 lives, which makes them
: ideal for experimentation!
: >---------------- ----- ---- --- -- - - - -
 >> Stay informed about: Microsoft Phasing Out Win98 !? 

I agree with you, Bill. I also have had to go into MS-DOS to fix things that
I could not within the GUI (Graphical User Interface) of Windows even in safe
mode I have been unable to fix everything at different points in time.
Thanks Chris and Bill because I was at a lose for words to explain my
theories to Brian A.

"Bill in Co." <someone.RemoveThis@earthlink.net> wrote in message
news:ebggqGjIFHA.588@TK2MSFTNGP15.phx.gbl...
: cquirke (MVP Win9x) wrote:
: > On Sat, 5 Mar 2005 22:44:32 -0600, "Brian A."
: >> "Dan" <spamyou.RemoveThis@user.nec> wrote in message
: >
: >>> Well to each his own but remember that XPPRO does have more entry
points
: >>> by hackers and does not have a true underlying MSDOS or anything else
: >>> operating
: >
: > I'd clarify that into two points:
: >
: > 1) XP (both Home and Pro) have more entry points, thus risk: True
: > 2) XP does not have an underlying DOS: True, but that's good
: >
: > I'd re-phrase (2) as:
: >
: > 2) XP does not have a maintenance OS: True, and that's Bad
:
: Yeah, and that one scares me a bit, at least at this point in time. I've
: had to go down to DOS on a few occasions, including reinstalling and/or
: "fixing" windows, and losing that "maintenance OS" capability kinda bothers
: me (even if you do have a "Recovery Console" in XP)
:
: But then again, I'm quite content with Win98SE, so no problemo (for me - at
: least for a good while).
:
: > http://cquirke.mvps.org/whatmos.htm refers on maintenance OS
:
:
 >> Stay informed about: Microsoft Phasing Out Win98 !? 

On Sun, 6 Mar 2005 02:48:31 -0700, "Bill in Co."
 >cquirke (MVP Win9x) wrote:

  >> 2) XP does not have a maintenance OS: True, and that's Bad

 >Yeah, and that one scares me a bit, at least at this point in time. I've
 >had to go down to DOS on a few occasions, including reinstalling and/or
 >"fixing" windows, and losing that "maintenance OS" capability kinda bothers
 >me (even if you do have a "Recovery Console" in XP)

You can have the best of both worlds; the safety and maintainability
of FATxx with the stability and scalability of XP. Tips:

1) Keep C: as a FAT32 < 7.9G

This will ensure 4k clusters, which fit the processor's natural page
size for best virtual memory performance.

There are other goodnesses to a small C:
- keeping C: de-bulked makes for sustained performance
- faster defrag and Scandisk / Chkdsk / AutoChk for C:
- most writes, thus corruption risk, kept on C: (page/temp/TIF)
- as data is off C:, it's safer from file corruption

2) Install a Win9x DOS mode to HD

Easiest way is to format C: /S from a Win9x DOS mode before installing
XP; that way, the XP installation process will preserve the DOS mode
as a "Microsoft Windows" Boot.ini boot alternative.

3) Use DOS Mode Scandisk, not XP's file system checker

I suspect XP's file system checker is pretty useless on FATxx volumes,
because if you rt-click such volumes and go Properties, Tools, Check
for errors, it zips through the process so quickly that I doubt if it
does anything at all. I suspect this is where the XP vs. FATxx horror
stories come from; plain lack of decent file system maintenance.

4) Shrink Temporary Internet Files (TIF) for each user account

FATxx is less efficient than NTFS when it comes to large numbers of
entries per directory - and that's a big problem with IE's ludicrous
huge duhfault TIF size. Huge TIF also means the tiny files within TIF
get ancient before they are finally FIFO's out; hello, fragmented file
system! Note that TIF is repeated for each user profile.

5) Locate shell folders off C:

Now that you have volumes other than C: that are safer for data, you
want to relocate "My Docs" etc. off C:, and I'd also un-nest the bulky
"My Pics", "My Vids" and "My Music" and the dangerous "My Received
Files". TweakUI for XP can do this, but once again, it has to be
repeated for each user account - and any newly-created user accounts
will start off with MS's duhfault shell locations and huge TIF.

6) Use a compitent partitioning/formatting tool

XP is worse than useless when it comes to FAT32 volumes over 32G in
size, plus you want all volumes to be aligned such that if you do
convert to NTFS later, you won't be cursed with s-l-o-w 512-byte
clusters. BING from <a style='text-decoration: underline;' href="http://www.bootitng.com" target="_blank">www.bootitng.com</a> fits the bill on all counts; you
don't need to install it to HD, just use it to manage partitions.

7) Know the limitations of FATxx!

Choosing FATxx over NTFS is throwing away per-user security as a
tradeoff for better safety. Many of XP's per-user and per-file
security features require NTFS to work, and if you convert a C: to
NTFS later, the installation will not be set up with the appropriate
NTFS security attributes that would have been in place had you set the
system up as NTFS in the first place. Also, remember that NTFS is
required if you want single files to exceed 2G in size.


If you don't want to lose the security benefits of NTFS, but want some
measure of maintainability, you can use a hybrid approach; a mixture
of NTFS and FATxx volumes. For example, you can route all incoming
material through FATxx so that it can be virus-scanned from DOS mode
as a pointer to what may have infected the system.

You'd need to make decisions about C: as well as your data locations,
as to whether you want NTFS or FATxx for these. If you see value in
security settings that require NTFS in order to protect the OS, you
may choose an NTFS C:; if you don't mind losing the ability to recover
data via Diskedit etc. and want NTFS's security benefits, you might
choose NTFS for your data set as well.

There's still no interactive file system repair tool (like Scandisk)
for NTFS, but you can formally scan NTFS from a Bart's PE CDR and
Trend's SysClean that you can drop and run from a USB stick. Both
Bart's PE and Linux boot CDRs require USB sticks to be present at time
of boot, unlike XP which will detect them on the fly.


 >-- Risk Management is the clue that asks:
"Why do I keep open buckets of petrol next to all the
ashtrays in the lounge, when I don't even have a car?"
 >----------------------- ------ ---- --- -- - - - -<!-- ~MESSAGE_AFTER~ -->
 >> Stay informed about: Microsoft Phasing Out Win98 !? 

On Sun, 6 Mar 2005 08:10:46 -0700, "Dan" <spamyou RemoveThis @user.nec> wrote:

 >"Win9x does not have a single direct worm network attack, unless you
 >bind F&PS to Internet (Opaserv etc.) or run an SQL server (Slammer)."

OK, let's chew this one out definitively

Viruses are malware than "infect things" (i.e. add thier own code to
existing disks, files or systems) while worms are malware that spread
themselves through networks. In practice, many auto-spreading malware
exhibit both worm and virus behaviour; these terms should be viewed as
refering to behaviors, rather than as nouns.

The purest code file virus (e.g. CIH) would exist purely as code
within existing code files. It would spread by infecting other code
files on the system, and then rely on these files being distributed
off the system for the opportunity to infect other systems.

The purest network worm would spread via network packet traffic to
enter and run as an in-memory process, perhaps without ever existing
as a file. It would send itself out from the hosts it infected, to
seek other hosts via the network, etc.

Pure worms often never attempt to create files or integrate itself
into the startup axis, so that it's gone after a reboot - but back
again as soon as the server connects to the infected network (and the
Internet is the mother of all infected networks). This makes sense
when you consider that servers are always running, always connected.

The first pure network worm I heard of was Code Red, which spread as
an in-memory server process via a defect within IIS on NT servers.

Sapphire / Slammer operated in the same way, this time by exploiting a
defect within SQL Server. Once again, this was an NT Server issue
with little relevance to end users like me and thee, unless we had an
"SQL Lite" on the PC, as could happen as a side-effect of installing
some recent versions of MS Office.

Sapphire / Slammer set the speed record for malware spread; global
within minutes, and at one point doubling the number of infected
systems every 8 seconds, I think it was. Daily av updates are no
match for a big-bang Day Zero like this.

Pure network works ceased to be a server-only problem, once XP caused
NT to be rolled out to the masses.

First, Lovesan / Blaster and a host of similar malware infected NT,
Win2000 and XP via one of a few defects in the RPC service, which
CANNOT BE DISABLED as NT is structured to rely on this for *internal*
purposes. This is the reason I consider NT's inherent focus on being
a "network client" as an unavoidable safety risk. Next, Sasser and
others attacked NT, Win2000 and XP via a defect in the LSASS servive.

In both cases, the defects attacked by these worms had been patched by
MS. The RPC hole was patched a month before the attacks, and the
LSASS hole was patched 2 weeks before the attacks. The obvious trend
is that the lead time between patch and attack is falling, but the
hidden part of the iceberg is that these defects were present since
NT4 at least; if they had been elegantly exploited for all those years
by professional operators, we'd never know.

Now at this point, someone is going to say "just turn on XP's
firewall, or add a firewall to any version of Windows". Which brings
us to Witty, a pure network worm that exploited a defect in a
3rd-party firewall called Black Ice Defender to infect systems. Witty
had teeth; it tore up data by writing junk to random sectors on the
hard drive, NTFS's notional "security" notwithstanding.

Not all worms are pure, especially when the target is workstations
that are rebooted every day or so. Such malware is more likely to mix
network spread with persistance across runtimes as files linked into
the system in some way. This was the case with Nimda, a very complex
critter that makes you dizzy when you try to follow the whole story.

Even when Win9x has RPC/DCOM added to it, the Win9x form of this code
is not succeptable to attacks crafted for NT,e.g. Lovesan etc. Thus
far, the closest Win9x has to pure network infective attacks are
malware that spread via File and Print Sharing, such as Opaserv;
Opaserv is unique in that this is the *only* way it spreads.

However, Win9x can be knocked over by broken network packets, unless
it is patched for these. This is the crudest form of DoS (Denial of
Service) attack; there's no infection, or entry of malware code, the
broken packets just cause networking to fail or the PC to crash.


 >-- Risk Management is the clue that asks:
"Why do I keep open buckets of petrol next to all the
ashtrays in the lounge, when I don't even have a car?"
 >----------------------- ------ ---- --- -- - - - -<!-- ~MESSAGE_AFTER~ -->
 >> Stay informed about: Microsoft Phasing Out Win98 !? 

cquirke (MVP Windows shell/user) wrote:
 > On Sun, 6 Mar 2005 02:48:31 -0700, "Bill in Co."
  >> cquirke (MVP Win9x) wrote:
 >
   >>> 2) XP does not have a maintenance OS: True, and that's Bad
 >
  >> Yeah, and that one scares me a bit, at least at this point in time.
I've
  >> had to go down to DOS on a few occasions, including reinstalling and/or
  >> "fixing" windows, and losing that "maintenance OS" capability kinda
bothers
  >> me (even if you do have a "Recovery Console" in XP)
 >
 > You can have the best of both worlds; the safety and maintainability
 > of FATxx with the stability and scalability of XP.

Yeah but it *seems* that the consensus is that if you choose to use FAT32,
you must be an idiot, or something! (or at least it FEELS that way to me,
sometimes).

Of course NTFS has advantages. But for a single, non-networked, user?
(Not as many adavantages as otherwise, although still some good ones there,
admitedly).

  >>Tips:
 >
 > 1) Keep C: as a FAT32 < 7.9G
 >
 > This will ensure 4k clusters, which fit the processor's natural page
 > size for best virtual memory performance.
 >
 > There are other goodnesses to a small C:
 > - keeping C: de-bulked makes for sustained performance
 > - faster defrag and Scandisk / Chkdsk / AutoChk for C:
 > - most writes, thus corruption risk, kept on C: (page/temp/TIF)
 > - as data is off C:, it's safer from file corruption
 >
 > 2) Install a Win9x DOS mode to HD
 >
 > Easiest way is to format C: /S from a Win9x DOS mode before installing
 > XP; that way, the XP installation process will preserve the DOS mode
 > as a "Microsoft Windows" Boot.ini boot alternative.
 >
 > 3) Use DOS Mode Scandisk, not XP's file system checker
 >
 > I suspect XP's file system checker is pretty useless on FATxx volumes,
 > because if you rt-click such volumes and go Properties, Tools, Check
 > for errors, it zips through the process so quickly that I doubt if it
 > does anything at all. I suspect this is where the XP vs. FATxx horror
 > stories come from; plain lack of decent file system maintenance.
 >
 > 4) Shrink Temporary Internet Files (TIF) for each user account
 >
 > FATxx is less efficient than NTFS when it comes to large numbers of
 > entries per directory - and that's a big problem with IE's ludicrous
 > huge default TIF size.

I'm using 100 MB for the TIF. I don't see any "big problems".

 > Huge TIF also means the tiny files within TIF
 > get ancient before they are finally FIFO's out; hello, fragmented file
 > system!

Even if it is fragmented, (and it is), I don't really see or feel the
results, in practical terms. (Besides which, I often run Defrag anyway,
just because I like to).

But let's face it: even when the files ARE fragmented, the *observeable*
difference in performance of the application (like Word, or whatever), to
the user, seems minimal, at least from what I've seen.

 > 5) Locate shell folders off C:
 >
 > Now that you have volumes other than C: that are safer for data, you
 > want to relocate "My Docs" etc. off C:, and I'd also un-nest the bulky
 > "My Pics", "My Vids" and "My Music" and the dangerous "My Received
 > Files". TweakUI for XP can do this, but once again, it has to be
 > repeated for each user account - and any newly-created user accounts
 > will start off with MS's duhfault shell locations and huge TIF.
 >
 > 6) Use a compitent partitioning/formatting tool
 >
 > XP is worse than useless when it comes to FAT32 volumes over 32G in
 > size, plus you want all volumes to be aligned such that if you do
 > convert to NTFS later, you won't be cursed with s-l-o-w 512-byte
 > clusters. BING from <a style='text-decoration: underline;' href="http://www.bootitng.com" target="_blank">www.bootitng.com</a> fits the bill on all counts; you
 > don't need to install it to HD, just use it to manage partitions.
 >
 > 7) Know the limitations of FATxx!
 >
 > Choosing FATxx over NTFS is throwing away per-user security as a
 > tradeoff for better safety. Many of XP's per-user and per-file
 > security features require NTFS to work, and if you convert a C: to
 > NTFS later, the installation will not be set up with the appropriate
 > NTFS security attributes that would have been in place had you set the
 > system up as NTFS in the first place.

I'm the only user, so security is a non issue for me.

 > Also, remember that NTFS is required if you want single files to exceed 2G
in size.

Actually, it's 4 GB, but you can't use Windows Explorer to copy or move
files larger than 2 GB, as I recall. You've got to do that in DOS.

 > If you don't want to lose the security benefits of NTFS, but want some
 > measure of maintainability, you can use a hybrid approach; a mixture
 > of NTFS and FATxx volumes. For example, you can route all incoming
 > material through FATxx so that it can be virus-scanned from DOS mode
 > as a pointer to what may have infected the system.
 >
 > You'd need to make decisions about C: as well as your data locations,
 > as to whether you want NTFS or FATxx for these. If you see value in
 > security settings that require NTFS in order to protect the OS, you
 > may choose an NTFS C:; if you don't mind losing the ability to recover
 > data via Diskedit etc. and want NTFS's security benefits, you might
 > choose NTFS for your data set as well.
 >
 > There's still no interactive file system repair tool (like Scandisk)
 > for NTFS, but you can formally scan NTFS from a Bart's PE CDR and
 > Trend's SysClean that you can drop and run from a USB stick. Both
 > Bart's PE and Linux boot CDRs require USB sticks to be present at time
 > of boot, unlike XP which will detect them on the fly.
 >
 >
  >> -- Risk Management is the clue that asks:
 > "Why do I keep open buckets of petrol next to all the
 > ashtrays in the lounge, when I don't even have a car?"
  >> ----------------------- ------ ---- --- -- - - - -<!-- ~MESSAGE_AFTER~ -->
 >> Stay informed about: Microsoft Phasing Out Win98 !? 

Out of the Box wasn't even a thought and Dan mentioned hackers, not
viruses. Are you saying that a hacker has a better chance of compromising
an XP machine? An if so would that be based on code or brute force?

Even though the Sasser couldn't infect a 9x system, it could be run on and
used to infect the intended systems. I may very well look at it differently
and not as in depth as yourself, but in my eyes if it can run on and be used
as a portal I consider that as an indirect infection.

Wasn't the purpose of binding NetBEUI instead of TCP/IP on a LAN to help
protect systems which many most likely didn't do?



--

Brian A.

Conflicts start where information lacks.
<a style='text-decoration: underline;' href="http://www.dts-l.org/goodpost.htm" target="_blank">http://www.dts-l.org/goodpost.htm</a>


"cquirke (MVP Win9x)" <cquirkenews RemoveThis @nospam.mvps.org> wrote in message
news:1bjl21t8310ll4c293lhuppntf7tg5fif4@4ax.com...
 > On Sat, 5 Mar 2005 22:44:32 -0600, "Brian A."
  >>"Dan" <spamyou RemoveThis @user.nec> wrote in message
 >
   >>> Well to each his own but remember that XPPRO does have more entry points
   >>> by hackers and does not have a true underlying MSDOS or anything else
   >>> operating
 >
 > I'd clarify that into two points:
 >
 > 1) XP (both Home and Pro) have more entry points, thus risk: True
 > 2) XP does not have an underlying DOS: True, but that's good
 >
 > I'd re-phrase (2) as:
 >
 > 2) XP does not have a maintenance OS: True, and that's Bad
 >
 > <a style='text-decoration: underline;' href="http://cquirke.mvps.org/whatmos.htm" target="_blank">http://cquirke.mvps.org/whatmos.htm</a> refers on maintenance OS
 >
  >> Where do you get your info from?
 >
 > School of hard knocks? Can you say: Lovesan? Sasser?
 >
 > Win9x does not have a single direct worm network attack, unless you
 > bind F&PS to Internet (Opaserv etc.) or run an SQL server (Slammer).
 >
 > Any version of XP older than SP2 will be attacked within minutes if it
 > is installed as shipped and is connected to the Internet.
 >
 > That's a very material difference in safety, which concerns most home
 > users more than security.
 >
 >
 > XP is NT, which was built from the ground up as a new post-DOS OS, and
 > is designed to be a network client. Unfortunately, it treats the
 > Internet as just another big network, and offers various services to
 > it that can be exploited. That's why it is "more secure"; it *has* to
 > be, given that by design, it takes greater risks.
 >
 > Win98xx is Win9x, which was also built from the ground up as a new
 > post-DOS OS, but with a higher degree of backwards compatibility - in
 > fact, it still includes an updated DOS that can be booted instead of
 > Windows (though WinME removed this ability).
 >
 > Unlike NT, Win9x was not designed first and foremost as a securable
 > network client. It was designed as a stand-alone OS that included
 > networking ability, but (unlike NT) there was no attempt to lock it
 > securely into this role. So yes; it's less secure, in that it cannot
 > be subjugated entirely to the will of a remote administrator. The
 > upside is, it doesn't allow entities on the 'net to remotely control
 > it by persuading the OS that they are the "administrator",
 >
  >>XP Pro is much more secure than 98 in any flavor, period, end of story!
 >
 > False.
 >
 > Or should I say, out of the box, XP is a considerably more exploitable
 > OS, and this does translate directly into real-world mileage.
 >
 > Don't confuse improved sysadmin control with consumer safety.
 >
 >
 >
  >>---------------- ----- ---- --- -- - - - -
 > Cats have 9 lives, which makes them
 > ideal for experimentation!
  >>---------------- ----- ---- --- -- - - - -<!-- ~MESSAGE_AFTER~ -->
 >> Stay informed about: Microsoft Phasing Out Win98 !? 

I have disabled all remote sharing on my PC as well as disabling file and
print sharing in XP PRO. There may be areas of sharing that I have not
disabled but I have gone over XPPRO. fairly carefully to disable such
sharing. Also, I do not share any files or print sharing in 98SE. I do not
use Bluetooth technology due to its ability to be hacked. I use Firefox
because it does not have Active X issues as well as having 256 bit
encryption. I use IE only when necessary. Currently, I am making sure I opt
out of information sharing in the companies that I use. I shred documents
via $150 business shredder that also shreds DVD's, credit cards, staples and
small paper clips. I shred everything with my social security number on it.
I have heard that all crooks need nowadays is a place of birth, as well as a
full name and a social security number and you are in trouble because your
identity could be stolen. It is getting to be a critical problem as I
thought it would be. This year I have had some of my own troubles with a
person or people trying to steal my identity and they will suffer God's wrath
for it whether in this life or the next life. Also, I am the type of person
that will go to the highest level in order to get my one small voice crying
out in the wilderness to be heard. I will do whatever it takes to safeguard
my identity. I also hope to make the world a better place and that is why
"It's a Wonderful Life" with Jimmy Stewart and Donna Reed gives me hope
because if one man could make such a difference in that time and place even
if it is a story why can't one person make a difference in modern day
society.

"The obvious trend is that the lead time between patch and attack is falling,
but the hidden part of the iceberg is that these defects were present since
NT4 at least; if they had been elegantly exploited for all those years
by professional operators, we'd never know."

This is what I have been trying to say all along and only a few have dropped
the blinders from their eyes in order to see the truth. The source code of
NT is not secure. If it was secure why would Microsofts own technicans have
called it "Not There" when it was called "New Technology" if that was the
case. My guess in how NT came to be was that corporate thought they knew
best and forced the rollout of this new technology. I work for a large
company going on 7 years and I know what it is like to have corporate
breathing down our necks. Sometimes, corporate comes out with a decision
that is ludicrious to be implemented at our level here in Tucson, Arizona but
since corporate came out with the idea then it must be implemented at our
level and that is the reason why I am always writing to our corporate to
change the business practices that we must implement and guess what my little
voice does get heard because I keep trying and trying until everything looks
bleak and then I pray to God for change and if change happens then great and
if change does not happen then life goes on and I finally accept it. I will
never give up and keep pushing for the change that I see is right.
Fortunately, I am not so dense as to ignore all criticism and have come to
learn that I make many mistakes but that is part of life and I must go on.
Sorry for the long post. It is becoming like a novel. Have a great night!


"cquirke (MVP Windows shell/user)" <cquirkenews RemoveThis @nospam.mvps.org> wrote in
message news:iaem219lgdsrjmt98emonti9m1ndblcvbs@4ax.com...
: On Sun, 6 Mar 2005 08:10:46 -0700, "Dan" <spamyou RemoveThis @user.nec> wrote:
:
: >"Win9x does not have a single direct worm network attack, unless you
: >bind F&PS to Internet (Opaserv etc.) or run an SQL server (Slammer)."
:
: OK, let's chew this one out definitively
:
: Viruses are malware than "infect things" (i.e. add thier own code to
: existing disks, files or systems) while worms are malware that spread
: themselves through networks. In practice, many auto-spreading malware
: exhibit both worm and virus behaviour; these terms should be viewed as
: refering to behaviors, rather than as nouns.
:
: The purest code file virus (e.g. CIH) would exist purely as code
: within existing code files. It would spread by infecting other code
: files on the system, and then rely on these files being distributed
: off the system for the opportunity to infect other systems.
:
: The purest network worm would spread via network packet traffic to
: enter and run as an in-memory process, perhaps without ever existing
: as a file. It would send itself out from the hosts it infected, to
: seek other hosts via the network, etc.
:
: Pure worms often never attempt to create files or integrate itself
: into the startup axis, so that it's gone after a reboot - but back
: again as soon as the server connects to the infected network (and the
: Internet is the mother of all infected networks). This makes sense
: when you consider that servers are always running, always connected.
:
: The first pure network worm I heard of was Code Red, which spread as
: an in-memory server process via a defect within IIS on NT servers.
:
: Sapphire / Slammer operated in the same way, this time by exploiting a
: defect within SQL Server. Once again, this was an NT Server issue
: with little relevance to end users like me and thee, unless we had an
: "SQL Lite" on the PC, as could happen as a side-effect of installing
: some recent versions of MS Office.
:
: Sapphire / Slammer set the speed record for malware spread; global
: within minutes, and at one point doubling the number of infected
: systems every 8 seconds, I think it was. Daily av updates are no
: match for a big-bang Day Zero like this.
:
: Pure network works ceased to be a server-only problem, once XP caused
: NT to be rolled out to the masses.
:
: First, Lovesan / Blaster and a host of similar malware infected NT,
: Win2000 and XP via one of a few defects in the RPC service, which
: CANNOT BE DISABLED as NT is structured to rely on this for *internal*
: purposes. This is the reason I consider NT's inherent focus on being
: a "network client" as an unavoidable safety risk. Next, Sasser and
: others attacked NT, Win2000 and XP via a defect in the LSASS servive.
:
: In both cases, the defects attacked by these worms had been patched by
: MS. The RPC hole was patched a month before the attacks, and the
: LSASS hole was patched 2 weeks before the attacks. The obvious trend
: is that the lead time between patch and attack is falling, but the
: hidden part of the iceberg is that these defects were present since
: NT4 at least; if they had been elegantly exploited for all those years
: by professional operators, we'd never know.
:
: Now at this point, someone is going to say "just turn on XP's
: firewall, or add a firewall to any version of Windows". Which brings
: us to Witty, a pure network worm that exploited a defect in a
: 3rd-party firewall called Black Ice Defender to infect systems. Witty
: had teeth; it tore up data by writing junk to random sectors on the
: hard drive, NTFS's notional "security" notwithstanding.
:
: Not all worms are pure, especially when the target is workstations
: that are rebooted every day or so. Such malware is more likely to mix
: network spread with persistance across runtimes as files linked into
: the system in some way. This was the case with Nimda, a very complex
: critter that makes you dizzy when you try to follow the whole story.
:
: Even when Win9x has RPC/DCOM added to it, the Win9x form of this code
: is not succeptable to attacks crafted for NT,e.g. Lovesan etc. Thus
: far, the closest Win9x has to pure network infective attacks are
: malware that spread via File and Print Sharing, such as Opaserv;
: Opaserv is unique in that this is the *only* way it spreads.
:
: However, Win9x can be knocked over by broken network packets, unless
: it is patched for these. This is the crudest form of DoS (Denial of
: Service) attack; there's no infection, or entry of malware code, the
: broken packets just cause networking to fail or the PC to crash.
:
:
: >-- Risk Management is the clue that asks:
: "Why do I keep open buckets of petrol next to all the
: ashtrays in the lounge, when I don't even have a car?"
: >----------------------- ------ ---- --- -- - - - -
 >> Stay informed about: Microsoft Phasing Out Win98 !? 

On Sun, 6 Mar 2005 13:42:34 -0700, "Bill in Co."
 >cquirke (MVP Windows shell/user) wrote:

  >> You can have the best of both worlds; the safety and maintainability
  >> of FATxx with the stability and scalability of XP.

 >Yeah but it *seems* that the consensus is that if you choose to use FAT32,
 >you must be an idiot, or something! (or at least it FEELS that way to me).

Yep. There are some very dumb knee-jerks out there; you just have to
clear your head of noise, look at the reality, and steer accordingly.

When I grew up, the consensus in my community ws that our current
social regime was fair and just. That consensus was wrong. I learnt.

 >Of course NTFS has advantages. But for a single, non-networked, user?
 >(Not as many adavantages as otherwise, although still some good ones).

What's your main threat; humans accessing your data, or data loss from
malware or natural corruption?

How good are your backups?

Do you use the Home (as in, a physical location where safety should be
assumed) or Pro (identity-based permissions) security model?

Do you need to host OSs in C: that can't read NTFS?

Do you need to save files larger than 2G?

For me, the answers are; the latter, not so great I'll never need data
recovery, Home, yes, and no. So I avoid using NTFS.

   >>>Tips:

  >> 1) Keep C: as a FAT32 < 7.9G
  >> 2) Install a Win9x DOS mode to HD
  >> 3) Use DOS Mode Scandisk, not XP's file system checker
  >> 4) Shrink Temporary Internet Files (TIF) for each user account
  >>
  >> FATxx is less efficient than NTFS when it comes to large numbers of
  >> entries per directory - and that's a big problem with IE's ludicrous
  >> huge default TIF size.
 >
 >I'm using 100 MB for the TIF. I don't see any "big problems".

By duhfault, IE sizes TIF as a % of volume space, so it's easy to get
a 1G TIF on "one big doomed C:" or 255M on even a "small" C: - and if
you multiply that across 5 user accounts, it's worse. I use 20-40M.

When a new temp file in TIF has to be created, the name has to be
unique - so a poutative name has to be checked against all that exist
to ensure there's no clash. In NTFS, that's reasonably fast because
the directory structure is indexed (downside: expect raw sector-level
repair to be tougher). In FATxx, that's slow because the serach is
linear, from start to end of the dir.

When a temp file in TIF is created, the critical period during which
the dir is open for writes is longer, in the case of FATxx. A dir
with, say, 20 000 entries that has grown slowly over time is going to
be scattered in several cluster fragments across the volume, so the
critical period will be longer due to the extra head travel.

On a good day, it just works. Not all days are good days.

  >> Huge TIF also means the tiny files within TIF
  >> get ancient before they are finally FIFO's out; hello, fragmented file
  >> system!

 >Even if it is fragmented, (and it is), I don't really see or feel the
 >results, in practical terms. (Besides which, I often run Defrag anyway,
 >just because I like to).

Defrag will take a long time if there are more files on one huge
volume, than fewer files on a smaller volume.

 >But let's face it: even when the files ARE fragmented, the *observeable*
 >difference in performance of the application (like Word, or whatever), to
 >the user, seems minimal, at least from what I've seen.

With a small and lean C:, the head travel impact of fragmentation is
small, because even in worst-case scenarios, you have no more than
under a tenth of the head travel (7.9G C: of a 120G HD).

  >> 5) Locate shell folders off C:
  >> 6) Use a compitent partitioning/formatting tool
  >> 7) Know the limitations of FATxx!
  >>
  >> Choosing FATxx over NTFS is throwing away per-user security as a
  >> tradeoff for better safety. Many of XP's per-user and per-file
  >> security features require NTFS to work, and if you convert a C: to
  >> NTFS later, the installation will not be set up with the appropriate
  >> NTFS security attributes that would have been in place had you set the
  >> system up as NTFS in the first place.
 >
 >I'm the only user, so security is a non issue for me.

Yes. Safety is always an issue, but there are better ways to fight
that battle than NTFS security band-aids, which can work against you
in a post-penetration scenario. Malware can and do use unique
features of NTFS, e.g. ADS, permissions lock-out, etc.

  >> Also, remember that NTFS is required if you want single files to exceed 2G
 >in size.

 >Actually, it's 4 GB, but you can't use Windows Explorer to copy or move
 >files larger than 2 GB, as I recall. You've got to do that in DOS.

It comes down to signed or unsigned indexing within the file, and
that's why I prefer the conservative 2G to best-case/YMMV 4G


To paraphrase some dialogue late in "3 Days of the Condor"...

"Let me tell you how it will be. You will start your PC as you
usually do, but it will take longer to POST than usual. It may fail
to start Windows, and when you try to read the HD, the HD LED will
stay on and you may hear cyclical clanking sounds while the PC appears
to be locked up." (Von Sydow passes Redford the gun) "For that day."

The "gun" I'd like to have, for the day that I have to recover data
from a corrupted or dying HD, is a small volume with large clusters
that is as unfragmented as possible.

And a file system I can approach with raw tools such as DiskEdit.



 >------------ ----- ---- --- -- - - - -
The most accurate diagnostic instrument
in medicine is the Retrospectoscope
 >------------ ----- ---- --- -- - - - -<!-- ~MESSAGE_AFTER~ -->
 >> Stay informed about: Microsoft Phasing Out Win98 !? 

cquirke (MVP Windows shell/user) wrote:
 > On Sun, 6 Mar 2005 13:42:34 -0700, "Bill in Co."
  >> cquirke (MVP Windows shell/user) wrote:
 >
   >>> You can have the best of both worlds; the safety and maintainability
   >>> of FATxx with the stability and scalability of XP.
 >
  >> Yeah but it *seems* that the consensus is that if you choose to use
FAT32,
  >> you must be an idiot, or something! (or at least it FEELS that way to
me).
 >
 > Yep. There are some very dumb knee-jerks out there; you just have to
 > clear your head of noise, look at the reality, and steer accordingly.

I guess so! I don't think I've ever seen anyone in here advocate using
FAT32, however. (Well, anyone except maybe you, with those provisos.


 > When I grew up, the consensus in my community ws that our current
 > social regime was fair and just. That consensus was wrong. I learnt.

Yeah, don't get me started on what I think has happened to society over the
last few decades. You don't want to "go there" with me.

  >> Of course NTFS has advantages. But for a single, non-networked, user?
  >> (Not as many adavantages as otherwise, although still some good ones).
 >
 > What's your main threat; humans accessing your data, or data loss from
 > malware or natural corruption?

The latter. The former is nearly non existent.

 > How good are your backups?

Fair. Periodically I'll backup most of my critical stuff to a DVD.
(that's about 4.3 GB max, when all is said and done)

 > Do you use the Home (as in, a physical location where safety should be
 > assumed) or Pro (identity-based permissions) security model?

Home.

 > Do you need to host OSs in C: that can't read NTFS?

At this point this is probably N/A for me.

 > Do you need to save files larger than 2G?

Not really. Although it can simply some things in video work. But it
seems that most good video apps have an option to break down the DVD .vob
files into relatively small segments, like 1 GB, instead of one large
whopper.

 > For me, the answers are; the latter, not so great I'll never need data
 > recovery, Home, yes, and no. So I avoid using NTFS.
 >
   >>>> Tips:
 >
   >>> 1) Keep C: as a FAT32 < 7.9G
   >>> 2) Install a Win9x DOS mode to HD
   >>> 3) Use DOS Mode Scandisk, not XP's file system checker
   >>> 4) Shrink Temporary Internet Files (TIF) for each user account
   >>>
   >>> FATxx is less efficient than NTFS when it comes to large numbers of
   >>> entries per directory - and that's a big problem with IE's ludicrous
   >>> huge default TIF size.
  >>
  >> I'm using 100 MB for the TIF. I don't see any "big problems".
 >
 > By default, IE sizes TIF as a % of volume space, so it's easy to get
 > a 1G TIF on "one big doomed C:" or 255M on even a "small" C: - and if
 > you multiply that across 5 user accounts, it's worse. I use 20-40M.
 >
 > When a new temp file in TIF has to be created, the name has to be
 > unique - so a poutative name has to be checked against all that exist
 > to ensure there's no clash. In NTFS, that's reasonably fast because
 > the directory structure is indexed (downside: expect raw sector-level
 > repair to be tougher). In FATxx, that's slow because the serach is
 > linear, from start to end of the dir.
 >
 > When a temp file in TIF is created, the critical period during which
 > the dir is open for writes is longer, in the case of FATxx. A dir
 > with, say, 20 000 entries that has grown slowly over time is going to
 > be scattered in several cluster fragments across the volume, so the
 > critical period will be longer due to the extra head travel.

Well yeah, theoretically. But in practice I don't see it as much of a
problem (for me at home). But then again, I've limited my TIF to 100 MB.

 > On a good day, it just works. Not all days are good days.
 >
   >>> Huge TIF also means the tiny files within TIF
   >>> get ancient before they are finally FIFO's out; hello, fragmented file
   >>> system!
 >