VOGONS


Reply 40 of 56, by Scythifuge

User metadata
Rank Oldbie
Rank
Oldbie

I have to re-read the thread since there is a lot of information, and my networking abilities are rusty, though things may be quicker if I ask:

I have the modem and router from my ISP, a gigabit switch, and an older wired/wifi (N) router. My main PC has two built-in ethernet ports, for some reason. How can I use these (with any recommended software I may need) to set up an isolated network just for my retro PCs - protecting the main network from evil-doers and their nefarious programs, with the ability to safely send/receive files between my main PC and my retro PC systems (XP, 95, 98SE, WfW 3.11?) I also have ethernet cables out of the wazoo. I don't know what a wazoo is, but I have a lot of cables coming out of it.

Reply 41 of 56, by Scythifuge

User metadata
Rank Oldbie
Rank
Oldbie

Well, the switch died, so that can be removed from the equation.

Reply 42 of 56, by VivienM

User metadata
Rank Oldbie
Rank
Oldbie
Scythifuge wrote on 2024-02-06, 00:42:

Well, the switch died, so that can be removed from the equation.

Well, if you want to run a separate network, you're going to need a separate switch and/or VLANs on a managed switch.

Do you want the retro machines to have access to the Internet in your setup?

Reply 43 of 56, by Scythifuge

User metadata
Rank Oldbie
Rank
Oldbie
VivienM wrote on 2024-02-06, 00:48:
Scythifuge wrote on 2024-02-06, 00:42:

Well, the switch died, so that can be removed from the equation.

Well, if you want to run a separate network, you're going to need a separate switch and/or VLANs on a managed switch.

Do you want the retro machines to have access to the Internet in your setup?

I found out that switch lives; it was the power adapter. It requires 5v@2amps and all I have lying around is a 5v 1.5a (which powers up the switch but is half and amp less than the requirements,) and a universal which is 300ma but jumps from 4.5v to 6v because of course it does. I need to buy some more switches anyway since my other switch died, and the only other spare switch is my old DI-707 10/100 which is too slow.

Unless this switch dies from using the wrong power supply, I do have one until I can replace it with some new ones. I can probably use the 2nd router as a switch. The router from the ISP is only 3 ports for some dumb reason, and they are used, but I can move things around depending on how all of this needs to be set up.

I do want the retro machines to be able to go online, as long as they are isolated and pose no risk to the main systems and devices on the network, while being able to send/receive files between them and my main PC. It will be neat to utilize this thread and everything I learned/am learning on this little project.

Reply 44 of 56, by Scythifuge

User metadata
Rank Oldbie
Rank
Oldbie

I mean 1500ma on the universal. It is the same brand as my 300ma.

Reply 45 of 56, by Scythifuge

User metadata
Rank Oldbie
Rank
Oldbie

Okay so I have the switch running. I think that being short by half-an-amp will be fine as long as I don't use every port. This should get me by until I can order/pickup some new switches.

Reply 46 of 56, by VivienM

User metadata
Rank Oldbie
Rank
Oldbie
Scythifuge wrote on 2024-02-06, 01:23:

I do want the retro machines to be able to go online, as long as they are isolated and pose no risk to the main systems and devices on the network, while being able to send/receive files between them and my main PC. It will be neat to utilize this thread and everything I learned/am learning on this little project.

So what you probably need is a router with three interfaces. Certainly a PFsense/OPNsense/etc box with enough interfaces can do that, I would assume your prosumer type stuff like Mikrotik or Ubiquiti can too; I'm not sure whether your standard consumery router with aftermarket firmware (e.g. Merlin for the Asus routers) could too (your standard consumer router has all of its 'LAN' ports treated as one interface, which is useless for this purpose).

But basically, the idea, you have one interface as your WAN ISP interface, then one interface is 192.168.1.1 and 192.168.1.* is your 'modern' network, and the third interface is 192.168.2.1 and 192.168.22.* is your retro network. Set up appropriate firewall rules between the three networks, and any additional security things you may want. Potentially you could put some devices on both networks though that then runs the risk that things you don't want could go from one network to the other.

The big risk, in my mind, of that kind of setup is having some kind of NAS/file server/etc that's on both networks. That's incredibly convenient obviously, but it also means bad things could travel from one network to the other.

Reply 47 of 56, by Scythifuge

User metadata
Rank Oldbie
Rank
Oldbie
VivienM wrote on 2024-02-06, 03:10:
So what you probably need is a router with three interfaces. Certainly a PFsense/OPNsense/etc box with enough interfaces can do […]
Show full quote
Scythifuge wrote on 2024-02-06, 01:23:

I do want the retro machines to be able to go online, as long as they are isolated and pose no risk to the main systems and devices on the network, while being able to send/receive files between them and my main PC. It will be neat to utilize this thread and everything I learned/am learning on this little project.

So what you probably need is a router with three interfaces. Certainly a PFsense/OPNsense/etc box with enough interfaces can do that, I would assume your prosumer type stuff like Mikrotik or Ubiquiti can too; I'm not sure whether your standard consumery router with aftermarket firmware (e.g. Merlin for the Asus routers) could too (your standard consumer router has all of its 'LAN' ports treated as one interface, which is useless for this purpose).

But basically, the idea, you have one interface as your WAN ISP interface, then one interface is 192.168.1.1 and 192.168.1.* is your 'modern' network, and the third interface is 192.168.2.1 and 192.168.22.* is your retro network. Set up appropriate firewall rules between the three networks, and any additional security things you may want. Potentially you could put some devices on both networks though that then runs the risk that things you don't want could go from one network to the other.

The big risk, in my mind, of that kind of setup is having some kind of NAS/file server/etc that's on both networks. That's incredibly convenient obviously, but it also means bad things could travel from one network to the other.

Thank you for your help and information! I was experimenting with ChaptGPT to walk me through a setup based on what I have and their model numbers (I think that Star Wars-style droids are going to become realistic - Japan is working on droids to keep the elderly company!) I put a browser called K-Meleon on my XP machine (I tried browsers from the above links but get errors,) and I *can* get online, and whatever I did yesterday allows me to access my shared game file folder on my main machine and this was I I reset some things so now I can't see the XP machine again. I will research this dlink router I have had for years. I am going to research better routers and switches since I need to buy a new switch. But as of now, using that dlink between my main network and the XP machine is working and I can connect one of my P3s and my 486 to it.

Reply 48 of 56, by Scythifuge

User metadata
Rank Oldbie
Rank
Oldbie

I updated the DIR-655 to the latest available firmware and thought I bricked it, because my XP machine is timing out when trying to access the menu. I connected my WIn10 PC to it and was able to access the menu. It turns out that the firmware adds "features" which are too new for XP and old CPUs to see the menu. This means that when I replace this router with a newer one with USB 3.x and VLAN support, I will need to set it up via my main PC since this issue will probably be present on anything modern.

Now, I am trying to find a decently priced modern router/switch with VLAN support and USB 3 so I can connect a hard drive to it and simply use that for file access for all computers on my network. I cannot seem to find one that is cheap and doesn't look like a futuristic prop from a comic book movie with antennas coming out every which-way. I want one that I can place into a structured enclosure so that I can eventually organize all of this crap, especially the cables. This DIR-655 is nicely plain, rectangular, and flat, with a couple of mounting holes on the back of it.

Reply 49 of 56, by Scythifuge

User metadata
Rank Oldbie
Rank
Oldbie

I got a deal on an ASUS RT-ACRH17, though I am not sure of its capabilities - I made an offer on it (due to thinking I bricked my ancient DIR-655) and it was accepted, and I am going to collect a few more semi-modern routers. I am also looking at a TP Link TL-SG108E switch because it has a web interface with VLAN support. I am researching PFSense and other security measures. This is fun! We are dumping Spectrum because THEY SUCK and are going with a different ISP which is using fiber and much faster up/downloads for less money. I decided to plan for all new cabling and running it professionally throughout the house and setting everything up in my basement in a way that I can see what is going on with everything, and using color-coded cables for each room. I will segment the crap out of my retro machines.

The goal is to get my 486 online through Arachne and whatever I can run on WfW 3.11, along with my two Win 9x P3s, and my super-cool XP machine. I have a Playstation 2 I will connect to the network, along with anything else which can be connected, all organized and segmented. I need to brush up and modernize my "skills," and I have a lot of time on my hands. Of course, this means that playing retro games may take longer or be sporadic, unless this project flows smoothly.

Reply 50 of 56, by stanwebber

User metadata
Rank Member
Rank
Member

if wifi4 is sufficient, i run 2 linksys e6400 routers (usb 3.0) flashed to fresh tomato firmware (newer releases of dd-wrt WILL work with wifi startup script hacks). should be super cheap on ebay by now. originally came with a 2a 12v ac adapter, but you can get by with 1.5a or so. i even run a raspberry pi 4b off the usb 3.0 port with the wifi and bluetooth disabled (it complains about power, but i disable that led). the ea6300 v1 is identical hardware and will take the same firmware.

there are guides online on how to get to dd-wrt then you can flash anything you want. you just need to be on older linksys firmware or use http recovery or tftp to start. for this model i would buy some 1mm copper shims and replace the cpu thermal pad as it tends to shrink over time.

Reply 51 of 56, by Scythifuge

User metadata
Rank Oldbie
Rank
Oldbie
stanwebber wrote on 2024-02-07, 21:47:

if wifi4 is sufficient, i run 2 linksys e6400 routers (usb 3.0) flashed to fresh tomato firmware (newer releases of dd-wrt WILL work with wifi startup script hacks). should be super cheap on ebay by now. originally came with a 2a 12v ac adapter, but you can get by with 1.5a or so. i even run a raspberry pi 4b off the usb 3.0 port with the wifi and bluetooth disabled (it complains about power, but i disable that led). the ea6300 v1 is identical hardware and will take the same firmware.

there are guides online on how to get to dd-wrt then you can flash anything you want. you just need to be on older linksys firmware or use http recovery or tftp to start. for this model i would buy some 1mm copper shims and replace the cpu thermal pad as it tends to shrink over time.

I just found out about custom firmware on routers (in part due to researching the DIR-655 I thought I bricked - but is now mysteriously working and accessible from my XP and main PCs,) and I think that the concept is pretty neat. I read that we can thank Linksys for that. I saw info about the Tomato firmware, and Merlin for Asus routers (of course, the one I just bought can't use it, so I will just add it as another gateway.) I am going to keep researching this stuff and collect more routers and switches, especially if they have VLAN options. I am going to buy that TP Link switch because it has 8 ports and VLAN support for $26.

As of right now, I am getting ready to install a big XP update called Integral, with SP3 and the updates up until 2019. I also finally got my main PC and the XP PC to see each other's share folders, with the main PC requiring a username and password, and when I try to access the XP PC, due to using a 2nd router to segment my retro PCs, I have to input my 2nd router credentials, which I think is cool. I think that technically, my XP machine is behind three firewalls: the Spectrum router, the dlink router, and the built in XP firewall. I am glad to be getting some use out of this old DIR-655, hehe...

We are also ditching Spectrum. In a couple of weeks, we are getting fiber with gigabit up and down. I am excited for that. We are switching to the same company for our landline, so I can still use my dialup modems and call BBSs or play Wing Commander Armada and what not (and maybe build my own BBS,) and that is very cool. Another goal would be to create websites which retro computers can access, with links to other retro-compatible sites.

Reply 52 of 56, by dionb

User metadata
Rank l33t++
Rank
l33t++
Scythifuge wrote on 2024-02-08, 03:51:

[...]

I just found out about custom firmware on routers (in part due to researching the DIR-655 I thought I bricked - but is now mysteriously working and accessible from my XP and main PCs,) and I think that the concept is pretty neat. I read that we can thank Linksys for that. I saw info about the Tomato firmware, and Merlin for Asus routers (of course, the one I just bought can't use it, so I will just add it as another gateway.) I am going to keep researching this stuff and collect more routers and switches, especially if they have VLAN options. I am going to buy that TP Link switch because it has 8 ports and VLAN support for $26.

A tip regarding routers: your requirements for VLAN support put you firmly in the 'SOHO' if not actually 'enterprise' market segment. In that segment, routers tend to be - well - routers and not contain a kitchen sink of other functionalities like WiFi AP or file server via USB. Trying to shoehorn all your networking requirements into a single device just makes your life more difficult and limits choice. Custom firmwars can be extremely powerful, but frequently also lack access to certain proprietary functionality of chipsets, leading to limitations in terms of performance and features - another thing that needs checking when selecting hardware.

Instead I'd recommend to keep it simple: choose your router based on its ability to route (if you want to actually achieve Gigabit speeds while working with firewall rules, this is NOT a trivial requirement!) and use other devices for other functionality. Need a file server? Run a separate file server. Depending on requirements in terms of performance and power draw, a simple Raspberry Pi might suffice, but again, if you want to reach that Gbps, you'll need to invest a little more. Don't expect those speeds from a USB stick in a consumer router, regardless of firmware. Having a Gigabit port does automatically not mean you will reach Gigabit speeds over it.

I already mentioned my hEX router (which would - just - be able to handle 1Gbps WAN to LAN with 25 firewall filter rules). I have an old Core i3 2100 with PicoPSU running under Linux as server. It has very low idle power draw, but is more than powerful enough for anything I throw at it. I'm currently migrating my WiFi from Ubiquiti UniFI to HPE Aruba InstantOn (mainly to get experience with the platform, my UniFi UAP AC Pros are good enough in terms of performance and stability, even if the controller is a weak point whenever it's time to upgrade).

Note that it's possible to use old metal as server or router too, but power consumption will be much higher due to less efficient power management leading to higher idle power - this Core i3 draws less than a quarter of the power of the P3-800 I had a while back. Also, it's more difficult to find up-to-date secured software for old stuff, and unlike with client PCs, that is a risk with stuff that's always on, particularly if you want to expose it to internet.

As of right now, I am getting ready to install a big XP update called Integral, with SP3 and the updates up until 2019.

Wouldn't recommend that. Even with patches up to 2019, XP is fundamentally insecure against things specifically designed to target XP systems after that. And if it's going to be insecure anyway, there's not a huge reason to install SP2 and SP3, both of which massively increase system footprint and reduce performance. XP without SP runs happily with a 512MB RAM, with SP3 it feels slower with 2GB...

also finally got my main PC and the XP PC to see each other's share folders, with the main PC requiring a username and password, and when I try to access the XP PC, due to using a 2nd router to segment my retro PCs, I have to input my 2nd router credentials, which I think is cool.

You mean you need to log into a separate WiFi network?

If so, this only adds security vs eavesdroppers in the wireless domain. As I mentioned earlier, WiFi security only secures the 'wire' between client and AP, it does nothing to secure the content once it's off the air and onto a wire. You've just given yourself an extra administrative hurdle here with no security benefit.

I'm also suspicious of Windows File & Printer Sharing (SMB/CIFS) with out-of-support systems. I prefer using SCP (tip: WinSCP) - or indeed plain old FTP if only on a secure LAN.

I think that technically, my XP machine is behind three firewalls: the Spectrum router, the dlink router, and the built in XP firewall. I am glad to be getting some use out of this old DIR-655, hehe...

Putting on three condoms over each other also doesn't increase protection... You can definitely use firewalls behind firewalls to good effect, but you need to have a very clear design about which one is doing what. Just taking three firewalls you haven't specifically configured doesn't do very much.

Consider that the biggest threat - certainly with an XP machine on the network - is that the machine gets pwned by some software you downloaded after which it becomes part of a botnet, transmitting bad stuff elsewhere. The most important task of your firewalls isn't stopping stuff from outside in, but from inside out - which, once again, isn't part of the default functionality of these things. If they fail at that, you risk getting flagged for abuse and having your internet connection suspended. So for starters I'd recommend focusing on a single firewall and making sure that there's a default 'deny all' rule on outbound traffic from your vintage machines, particularly your not so ancient ones. Then make specific exceptions for traffic you want to allow.

We are also ditching Spectrum. In a couple of weeks, we are getting fiber with gigabit up and down. I am excited for that. We are switching to the same company for our landline, so I can still use my dialup modems and call BBSs or play Wing Commander Armada and what not (and maybe build my own BBS,) and that is very cool. Another goal would be to create websites which retro computers can access, with links to other retro-compatible sites.

Internet-accessible servers are a whole different kettle of fish. By definition you are exposing these machines to potential attack. I would recommend to only host stuff on modern, fully patched machines. If you really want to host on old stuff, take REALLY old machines and OSs and definitely not anything running a Windows NT derivative like XP. Also make sure to have good firewalling rules in place, so only allow access inbound on the specific ports of the services and - even more importantly - only allow outbound traffic from the server on those specific ports. Make sure the server has a completely separate management IP so you can apply different rules (i.e.: can only be managed from the LAN, not from the internet).

Oh, and again on the Gb - Windows XP does not support TCP Receive Window scaling by default; unmodified it will even struggle with 100Mbps throughput, so for higher speeds you'd need to hack the registry (or download 3rd party tools and hope they are trustworthy) to go above that, enabling RFC1323 and increasing TCP Receive window. I honestly don't know how high you can expect to go - this stuff is actually part of my day job, but by the time we were approaching Gbps we weren't considering anything prior to Windows 7. I know that XP can get to 200Mbps but it can probably handle more, although I'd be surprised if you could hit 944Mbps (the max net TCP you can get over 1GbE). Also consider that measuring speed utilizes CPU and even if your network settings could handle speeds, a speedtest site might bring the CPU of your XP box to its knees. Same applies to secured protocols (SCP/SFTP), unless you have a lot of spare CPU and/or hardware offload, the calculations for AES will be the limiting factor. For low-overhead testing, use iPerf3 - but be aware that actual applications may be CPU limited below whatever you measure.

Hmm... this is going a bit offtopic here. What network performance to expect from vintage systems and how to optimize them is worth a topic of it's own.

Reply 53 of 56, by Scythifuge

User metadata
Rank Oldbie
Rank
Oldbie
dionb wrote on 2024-02-08, 07:53:
A tip regarding routers: your requirements for VLAN support put you firmly in the 'SOHO' if not actually 'enterprise' market seg […]
Show full quote
Scythifuge wrote on 2024-02-08, 03:51:

[...]

I just found out about custom firmware on routers (in part due to researching the DIR-655 I thought I bricked - but is now mysteriously working and accessible from my XP and main PCs,) and I think that the concept is pretty neat. I read that we can thank Linksys for that. I saw info about the Tomato firmware, and Merlin for Asus routers (of course, the one I just bought can't use it, so I will just add it as another gateway.) I am going to keep researching this stuff and collect more routers and switches, especially if they have VLAN options. I am going to buy that TP Link switch because it has 8 ports and VLAN support for $26.

A tip regarding routers: your requirements for VLAN support put you firmly in the 'SOHO' if not actually 'enterprise' market segment. In that segment, routers tend to be - well - routers and not contain a kitchen sink of other functionalities like WiFi AP or file server via USB. Trying to shoehorn all your networking requirements into a single device just makes your life more difficult and limits choice. Custom firmwars can be extremely powerful, but frequently also lack access to certain proprietary functionality of chipsets, leading to limitations in terms of performance and features - another thing that needs checking when selecting hardware.

Instead I'd recommend to keep it simple: choose your router based on its ability to route (if you want to actually achieve Gigabit speeds while working with firewall rules, this is NOT a trivial requirement!) and use other devices for other functionality. Need a file server? Run a separate file server. Depending on requirements in terms of performance and power draw, a simple Raspberry Pi might suffice, but again, if you want to reach that Gbps, you'll need to invest a little more. Don't expect those speeds from a USB stick in a consumer router, regardless of firmware. Having a Gigabit port does automatically not mean you will reach Gigabit speeds over it.

I already mentioned my hEX router (which would - just - be able to handle 1Gbps WAN to LAN with 25 firewall filter rules). I have an old Core i3 2100 with PicoPSU running under Linux as server. It has very low idle power draw, but is more than powerful enough for anything I throw at it. I'm currently migrating my WiFi from Ubiquiti UniFI to HPE Aruba InstantOn (mainly to get experience with the platform, my UniFi UAP AC Pros are good enough in terms of performance and stability, even if the controller is a weak point whenever it's time to upgrade).

Note that it's possible to use old metal as server or router too, but power consumption will be much higher due to less efficient power management leading to higher idle power - this Core i3 draws less than a quarter of the power of the P3-800 I had a while back. Also, it's more difficult to find up-to-date secured software for old stuff, and unlike with client PCs, that is a risk with stuff that's always on, particularly if you want to expose it to internet.

As of right now, I am getting ready to install a big XP update called Integral, with SP3 and the updates up until 2019.

Wouldn't recommend that. Even with patches up to 2019, XP is fundamentally insecure against things specifically designed to target XP systems after that. And if it's going to be insecure anyway, there's not a huge reason to install SP2 and SP3, both of which massively increase system footprint and reduce performance. XP without SP runs happily with a 512MB RAM, with SP3 it feels slower with 2GB...

also finally got my main PC and the XP PC to see each other's share folders, with the main PC requiring a username and password, and when I try to access the XP PC, due to using a 2nd router to segment my retro PCs, I have to input my 2nd router credentials, which I think is cool.

You mean you need to log into a separate WiFi network?

If so, this only adds security vs eavesdroppers in the wireless domain. As I mentioned earlier, WiFi security only secures the 'wire' between client and AP, it does nothing to secure the content once it's off the air and onto a wire. You've just given yourself an extra administrative hurdle here with no security benefit.

I'm also suspicious of Windows File & Printer Sharing (SMB/CIFS) with out-of-support systems. I prefer using SCP (tip: WinSCP) - or indeed plain old FTP if only on a secure LAN.

I think that technically, my XP machine is behind three firewalls: the Spectrum router, the dlink router, and the built in XP firewall. I am glad to be getting some use out of this old DIR-655, hehe...

Putting on three condoms over each other also doesn't increase protection... You can definitely use firewalls behind firewalls to good effect, but you need to have a very clear design about which one is doing what. Just taking three firewalls you haven't specifically configured doesn't do very much.

Consider that the biggest threat - certainly with an XP machine on the network - is that the machine gets pwned by some software you downloaded after which it becomes part of a botnet, transmitting bad stuff elsewhere. The most important task of your firewalls isn't stopping stuff from outside in, but from inside out - which, once again, isn't part of the default functionality of these things. If they fail at that, you risk getting flagged for abuse and having your internet connection suspended. So for starters I'd recommend focusing on a single firewall and making sure that there's a default 'deny all' rule on outbound traffic from your vintage machines, particularly your not so ancient ones. Then make specific exceptions for traffic you want to allow.

We are also ditching Spectrum. In a couple of weeks, we are getting fiber with gigabit up and down. I am excited for that. We are switching to the same company for our landline, so I can still use my dialup modems and call BBSs or play Wing Commander Armada and what not (and maybe build my own BBS,) and that is very cool. Another goal would be to create websites which retro computers can access, with links to other retro-compatible sites.

Internet-accessible servers are a whole different kettle of fish. By definition you are exposing these machines to potential attack. I would recommend to only host stuff on modern, fully patched machines. If you really want to host on old stuff, take REALLY old machines and OSs and definitely not anything running a Windows NT derivative like XP. Also make sure to have good firewalling rules in place, so only allow access inbound on the specific ports of the services and - even more importantly - only allow outbound traffic from the server on those specific ports. Make sure the server has a completely separate management IP so you can apply different rules (i.e.: can only be managed from the LAN, not from the internet).

Oh, and again on the Gb - Windows XP does not support TCP Receive Window scaling by default; unmodified it will even struggle with 100Mbps throughput, so for higher speeds you'd need to hack the registry (or download 3rd party tools and hope they are trustworthy) to go above that, enabling RFC1323 and increasing TCP Receive window. I honestly don't know how high you can expect to go - this stuff is actually part of my day job, but by the time we were approaching Gbps we weren't considering anything prior to Windows 7. I know that XP can get to 200Mbps but it can probably handle more, although I'd be surprised if you could hit 944Mbps (the max net TCP you can get over 1GbE). Also consider that measuring speed utilizes CPU and even if your network settings could handle speeds, a speedtest site might bring the CPU of your XP box to its knees. Same applies to secured protocols (SCP/SFTP), unless you have a lot of spare CPU and/or hardware offload, the calculations for AES will be the limiting factor. For low-overhead testing, use iPerf3 - but be aware that actual applications may be CPU limited below whatever you measure.

Hmm... this is going a bit offtopic here. What network performance to expect from vintage systems and how to optimize them is worth a topic of it's own.

Thank you for all of this information. It is definitely food for thought! Creating this thread and reading what everyone has to say and the research I have been conducting has me wanting to get my networking skills up to par with my other IT skills.

I already installed SP3, but if I see any issues, I can wipe and start over. I have yet to get into any heavy projects on this machine, as I have been installing software and getting to know XP and Athlon XP machines again, after so many years. I switched to Vista from XP in 2007 0r 2008 only because of Crysis (needed the next version of DirectX and because I wanted to go with a 64-bit system for more RAM,) and then to 7 in 2010 because I decided to go to college and the bookstore had extremely reduced prices on Windows 10 Pro and Office 2010 Student, and I stuck with 7 until mid-2018.

I will be researching each firewall on the network and how I should set them up. I have been having a lot of fun building, configuring, and testing this modified home network. I am going to buy that TP Link switch and test out its VLAN capabilities by putting retro routers and machines on a VLAN through the switch. Eventually I will invest in some better, more professional gear. The biggest concerns are as you said, bot nets and what not, though if I work on some of my IP projects on the XP machine how I used to, keeping those files secure will be important.

I have considered using my slower P3 system with Windows 98SE as a file server. My main PC is an option, and the ASUS router I nabbed has a USB 3.0 port, and I have an external 8TB USB 3.0 drive, so I have a few options to play with. As far as internet speeds are concerned, I care about that mostly for my main PC. We used to play a lot of games without too much trouble via dialup, hehehe..

I have also been reading up on Raspberry Pi projects for things like this and for other things as well, such as parallel computing with Pi clusters and what not. I will keep reading on these subjects as well (the MT-32 project is of definite interest.)

I am also buying some 3ft SATA power and data extension cables, mostly to utilize an internal blu ray burner on my no-bay glass case (I want to rip all of my movie discs and put them on a media server as part of this network project and burn some system backups to some BD-Rs.) My main drive on the XP system uses a SATA/IDE adapter. On occasion, I will pop the lid off and connect the drive to my main PC and scan it directly for any issues. I used to religiously run spybot, so I am going to run that on the XP machine. I will keep internet use to a minimum on the XP machine and create a strict list of sites (Vogons, GOG, etc) for it.

Reply 54 of 56, by Scythifuge

User metadata
Rank Oldbie
Rank
Oldbie

I forgot to mention that I do not use wifi on my PCs - hardline only. I did mention a wifi option via a cantenna for the XP machine in order to give it online access outside of my network, but I am seeing how things go with my current segmentation (and near future VLAN through the TP Link switch.)

Reply 55 of 56, by Scythifuge

User metadata
Rank Oldbie
Rank
Oldbie

I am getting errors with the mentioned browsers. What is the newest and "safest" browser I can get which will run on Windows XP AND an Athlon XP 3200+? The latest MyPal for 32-bit XP requires SSE2.

Reply 56 of 56, by leonardo

User metadata
Rank Oldbie
Rank
Oldbie
Scythifuge wrote on 2024-02-08, 19:49:

I am getting errors with the mentioned browsers. What is the newest and "safest" browser I can get which will run on Windows XP AND an Athlon XP 3200+? The latest MyPal for 32-bit XP requires SSE2.

Maybe Pale Moon will do? 26.x is "only" two years old at this point.

Scratch that, someone already suggested a modded later version of this:

stanwebber wrote on 2024-02-01, 18:02:

links for previously mentioned roytam1 non-sse2 browser builds:
https://o.rthost.win/palemoon/index.php?sort=date&order=desc
https://o.rthost.win/basilisk/

[Install Win95 like you were born in 1985!] on systems like this or this.