^Going with Windows 98SE on the internet is akin to passing through the rain-forest while being fully naked. Sure, you can technically do that, but.. Oh well, never mind. 😅

All I can say is that the threats from the internet didn't decline, but increase in the following years after the year 2000. At home, we also had Windows 98SE on-line in early 2000s, via dial-up.
But I do admit it was via T-Online gateway, which was a bit special due to it's BTX past and the T-Online software. Not a typical ISP experience. More like AOL experience.
We had used Windows 98SE simply because it was the latest OS available at the time, before XP was available. Windows 2000 Workstation did exist, but wasn't meant for home use, as the name suggests.

Also, there are (were) "drive-by infections". I remember them. You didn't have to open an e-mail attachment or do visit a naughty website to get infected.
Back in the day, I was visiting ordinary websites when the guard of H&B EDV's AntiVir (aka Avira Antivir) was suddenly intercepting, telling you which file had just been deposited on your PC.
It happened on both OSes, 98SE and XP. An anti-virus program was really important back then, even though I know of people who claimed they didn't need one.

The main difference was that Windows 98SE had no self-defense built-in. No firewall, no system restore, nothing like this. It's like a tourist with a Hawaii shirt and sandals, when XP is wearing knight armor.
On Windows 9x, the memory protection is much less strong than on the NT line. Windows XP had the ability to restore DLLs from DLL cache if they had been modified.
- Which it normally did if you play around in Windows folder. So normal malware without XP in mind perhaps did fail here. Back in the day. XP SP1 had gotten a simple firewall, too.

So yeah, Windows 98SE is not safe in its own right. The protection that happens through NAT, firewall and IP filters is the work of another system. Router, hw firewall etc.
And that's not how it should be, I think. Depending on someone else to care of everything isn't exactly responsible. But that's just me, maybe.

That's why I also tried to make things reasonably safe by installing the Kerio firewall software back then (+AntiVir). To give Windows 98SE the ability to filter ports, to block them.
Unfortunately, it didn't work. I'm still wondering to this day why the software didn't fulfill its purpose. I just remember checking all settings back then and that I didn't find a mistake. 🤷

The experience I had on Windows 98SE when I upgraded that persons PC in mid-late 200s was about the same one I had on Windows XP a few years earlier, all in all:
A few seconds after establishing the internet connection, the damage was done. And it happened repeatedly, over and over again, not just once. 🙁
With the one difference being that Sasser did merely shut down the XP system via remote command and that SP2 fixed the vulnerability later on.
No idea what Windows 98SE got as a "present" back then, however. 🤷

But anyhow, dial-up connections have become rare these days, that's right. But the danger isn't gone just because of this change. Cable modems and DSL modems not always have a router capability.
Here in Germany the usually do have router capabilities by default, of course, because Fritzbox systems are the reference for years and do have it enabled by default.
Along with them having TAE ports by default for using analogue modems (VOIP), a feature which also isn't exactly the norm. Some even have ISDN ports (S0 bus), to attach digital ISDN-based hi-quality phones, fax machines etc.
By contrast, in other places around globe, some cable modems and DSL modems are exposing the PC directly to the internet. Or did, at one point. Just like dial-up connection used to do.

But there's another threat, maybe; many DSL/cable routers do have a pass-through feature that can be enabled, in which they act like an non-intelligent modem.
It's being used when the cable or DSL user wants to use its own router, but the ISP or homeowner refuses to give physical access to the internet cable.
In such a situation, the router does not do much processing anymore, but simply sends/receives packets. Edited.

Good night. 😴

Jo22 wrote on 2024-10-07, 19:25:

^Going with Windows 98SE on the internet is akin to passing through the rain-forest while being fully naked. Sure, you can technically do that, but.. Oh well, never mind. 😅

Win98SE was my daily driver until ~2010 and I had other issues with it then infections (f.e. limited GDI ressources or some weird Windows Explorer bug - both required a restart of Win98SE). BTW I also used (and still use on XP) Avira Free Antivirus, guess I use it since ~1999.

Over the years the chance to get an infection declined from my point of view when you were using your brain to avoid such situations. They moved from direct infection (because of modems were replaced with routers) to attachments, downloads, Javascript aaaannndd Flash (remind Flash 🤣, the last two were typical for drive-by-infections). After switching to Firefox in 2005/6 and using NoScript the risk has been relatively low.

We had the AOL Modem/ISDN flat which needed the ugly software, but I just used it for connection. When we got DSL ~2003 (!?) I used the PPPoE driver and access data so I didn't need the crappy T-Online software.

A software firewall (I used Sygate Personal Firewall back then) is only needed to stop programs from connecting to the internet when using a router as you have NAT and the router has its own firewall. And of course - Win98SE isn't save, no Windows is save, no Linux is 100% save. If someone wants to get in and you are f.e. target of a secret service then there is a way, no matter which systems you're using. But I guess we are not important enough to be such a target.

Jo22 wrote on 2024-10-07, 19:25:

So yeah, Windows 98SE is not safe in its own right. The protection that happens through NAT, firewall and IP filters is the work of another system. Router, hw firewall etc.
And that's not how it should be, I think. Depending on someone else to care of everything isn't exactly responsible. But that's just me, maybe.

In my opinion it exactly should be that way. If everything would be on the device you're using, you'd have a lot more attack vectors to compromise the device.

Jo22 wrote on 2024-10-07, 19:25:

Unfortunately, it didn't work. I'm still wondering to this day why the software didn't fulfill its purpose. I just remember checking all settings back then and that I didn't find a mistake. 🤷
...
No idea what Windows 98SE got as a "present" back then, however.

Hm...since you don't know which virus/worm/... it was it's impossible to say anything additional which isn't just guessing.

Jo22 wrote on 2024-10-07, 19:25:

Here in Germany the usually do have router capabilities by default, of course, because Fritzbox systems (includes Speedport line) are the reference for years and do have it enabled by default.

I think this is standard in Europe if not most parts of the world, everywhere in Europe where I have been the last years there were wifi routers.

Jo22 wrote on 2024-10-07, 19:25:

Along with them having TAE ports by default for using analogue modems (VOIP), a feature which also isn't exactly the norm.

This shouldn't work!? Did you try to establish a dial-up connection over a TAE port of a router? Is this dial-up tunneling over VOIP? 🤣

Jo22 wrote on 2024-10-07, 19:25:

But there's another threat, maybe; many DSL/cable routers do have a pass-through feature that can be enabled, in which they act like an non-intelligent modem.
It's being used when the cable or DSL user wants to use its own router, but the ISP or homeowner refuses to give physical access to the internet cable.
In such a situation, the router does not do much processing anymore, but simply sends/receives packets.

But it's still no problem because your own router is behind the router which is set to modem mode.

Hopefully I didn't forget anything... and no offense, anyway...in German it would be easier to explain but training our English is also not that bad. 😉

kind regards
soggi

soggi wrote on 2024-10-07, 21:01:

Over the years the chance to get an infection declined from my point of view when you were using your brain to avoid such situations.
They moved from direct infection (because of modems were replaced with routers) to attachments, downloads, Javascript aaaannndd Flash (remind Flash 🤣, the last two were typical for drive-by-infections).
After switching to Firefox in 2005/6 and using NoScript the risk has been relatively low.

There's a site which says (I think) that the peak of drive-by infections was in second half of the 2000s.
https://tinyurl.com/y3s278v8

The problem here also is that the website owner wasn't even aware of the issue in most cases.
A drive-by infection often happens because the web server running the website had been infected.

soggi wrote on 2024-10-07, 21:01:

After switching to Firefox in 2005/6 and using NoScript the risk has been relatively low.

Now that's some real wisdom! 😁 The blog site in the link says same thing. Unfortunately, most sites were inoperable without them at the time. 🤷
At least if you use your computer for more than hobby. Most sites with a forms function or an online catalog had a need for scripts.
Things like home banking sites, the website of the city library, sites used by city administration and so on.

Anyway, we did use pop-up blockers in the family early on, of course.
It's just an bit of an irony that most harmless pages did rely on using pop-ups, as well.
- Which meant that you had to allow pop-up windows manually each time, despite having a blocker installed.
Which wasn't just annoying, but pop-ups also were the same technique used by malware very often. 🙁

That being said, the drive-by infections I mentioned before did happening while normal browsing.
Things weren't happening when allowing pop-ups manually. Just saying, so it won't give a false impression here. 😓

soggi wrote on 2024-10-07, 21:01:

Jo22 wrote on 2024-10-07, 19:25:

So yeah, Windows 98SE is not safe in its own right. The protection that happens through NAT, firewall and IP filters is the work of another system. Router, hw firewall etc.
And that's not how it should be, I think. Depending on someone else to care of everything isn't exactly responsible. But that's just me, maybe.

In my opinion it exactly should be that way. If everything would be on the device you're using, you'd have a lot more attack vectors to compromise the device.

Well, that's not wrong but I do have a little bit different opinion here. The internet isn't a safe place, never was, I think.
And a microcontroller can't do heavy lifting of a router, that's understandable. But any appliance or PC with internet capabilities shouldn't have its ports wide open, at least.
And if it's a multi-tasking OS meant for network use, a network OS if we will, then it should have to be using some privileges/access rights and memory protection.

And that's why in general I'm worrying seeing Windows 98SE being used on the somewhat radical internet of today.
The internet was never safe, but in the 90s, when Windows 9x was born, it was rather innocent in comparison, still.

Many of the early online providers like CompuServe, AOL, Genie or T-Online didn't use TCP/IP protocol, even.
They had a terminal session running, exchanging ASCII characters like a BBS/Mailbox would do.
And on the other end were 1970s mainframes, mini computers. Not fancy servers running Apache server or something.

And when you ran Mosaic, Netscape 2 or early IE 3, the proprietary software of those services would switch over
and provide an internet gateway, by tunneling the internet data.
Which means that the whole TCP/IP was provided at the application level (winsock etc).
System services of the OS didn't use TCP/IP or UDP or something. They didn't even know them.

This had changed with Windows 98 and later OEM releases of Windows 95, rather.
That's when Windows 9x had been exposed to the internet through use of "Bordmittel" first time.
You could specify an dial-up connection (DFÜ Verbindung) directly on the Windows desktop.

However, Microsoft didn't add any security features at same time. Probably because it wasn't seen as a necessity.
A dial-up connection was slow and users didn't leave their PCs connected to the internet all the time.

And when the time came it got a necessity to have such features, Microsoft saw Windows 9x as obsolete, anyway.
From what I remember, Microsoft didn't just try to replace the DOS-based Windows line by the time Windows XP came out.
They tried way back in the 90s, with Cairo and Neptune but the projects didn't come to be.

All in all, Windows 9x is like Windows for Workgroups in terms of networking; ie, it never was meant to be used on the vast internet in first place, I think.
Both were designed with LANs in mind, rather. Small server environment or peer-too-peer networking.
Closed networks with a clear hierarchy and administrators/users who take care of the network.

Windows NT was similar, but did also orient itself on the Unix workstations. That's why it has all these security features, I think.
It was meant to be used as a server technology right from the start. It did aim to replace the remaining OS/2 servers at Microsoft, as well.

soggi wrote on 2024-10-07, 21:01:

Jo22 wrote on 2024-10-07, 19:25:

Unfortunately, it didn't work. I'm still wondering to this day why the software didn't fulfill its purpose. I just remember checking all settings back then and that I didn't find a mistake. 🤷
...
No idea what Windows 98SE got as a "present" back then, however.

Hm...since you don't know which virus/worm/... it was it's impossible to say anything additional which isn't just guessing.

Indeed. I should have written it down 17 years ago in case I may need this information again.. 🙁
The interesting part was, however, that the web browser wasn't even running when it happend.
I merely did run the dial-up script (for arcor). That's at least how I remember. Maybe my memory is playing tricks on me. 🤷

soggi wrote on 2024-10-07, 21:01:

Jo22 wrote on 2024-10-07, 19:25:

But there's another threat, maybe; many DSL/cable routers do have a pass-through feature that can be enabled, in which they act like an non-intelligent modem.
It's being used when the cable or DSL user wants to use its own router, but the ISP or homeowner refuses to give physical access to the internet cable.
In such a situation, the router does not do much processing anymore, but simply sends/receives packets.

But it's still no problem because your own router is behind the router which is set to modem mode.

Hi, from my side it's not about being a problem or not. I just meant to say that this security threat in form of an unfiltered internet access still exists.
Just like there are un-encrypted WLANs sometimes, for whatever reasons. We have no idea what weird configurations might out there.

From the little I have learnt working with IT and end users is that nothing is impossible.
There are people out there doing things that are beyond rational. Seriously! 😵

soggi wrote on 2024-10-07, 21:01:

Hopefully I didn't forget anything... and no offense, anyway...

No, I don't think so, it's all good! ^^

soggi wrote on 2024-10-07, 21:01:

[..] in German it would be easier to explain but training our English is also not that bad. ;)

Yup. Reminds me a bit about this classic about two Germans meeting! We did better, though! 😁

It's in the attachment! Have Fun! 😀

Best wishes, Jo22

kmeleon 74 works fine in 98 using KernelEx, but i cant remember if i login in vogons using it, and i already format this laptop to install NT4

I think there was some SSL and security cert expiries in late spring this year, and something changed again a month or two ago, so anything that "used to" get on Vogons more than a couple of months ago, is probably not all that helpful for doing it now.

TLS works with both Retrozilla/K-Meleon but couldn't log in to VOGONS.

TLS doesn't work with IE5 but the login fields do appear (I didn't try logging in with IE5).

Haven't tried it since 2019:
Re: Very New VOGONS on Old Systems: using the 2020 era forums on retro PCs
Keep in mind that you might possibly be enabling SSL3 with these instructions , if those cyphers don't work mabye others need to be enabled but they worked back then. Unknown what was used, ssl3, tls1.2 or tls1.3.

https://github.com/rn10950/RetroZilla/issues/47
https://browserleaks.com/tls

Also
Re: Very New VOGONS on Old Systems: using the 2020 era forums on retro PCs

or WebOne Proxy or WRP proxy

Norton Commander wrote on 2024-10-08, 18:11:

TLS works with both Retrozilla/K-Meleon but couldn't log in to VOGONS. […]
Show full quote

The attachment Screenshot from 2024-10-08 13-42-18.png is no longer available

The attachment Screenshot from 2024-10-08 13-47-43.png is no longer available

TLS works with both Retrozilla/K-Meleon but couldn't log in to VOGONS.

The attachment Screenshot from 2024-10-08 14-01-12.png is no longer available

TLS doesn't work with IE5 but the login fields do appear (I didn't try logging in with IE5).

I'll try k meleon.
Right now I'm having some kernel ex problems but I'll see what I can do

DosFreak wrote on 2024-10-08, 18:59:

Haven't tried it since 2019: Re: Very New VOGONS on Old Systems: using the 2020 era forums on retro PCs Keep in mind that you mi […]
Show full quote

Haven't tried it since 2019:
Re: Very New VOGONS on Old Systems: using the 2020 era forums on retro PCs
Keep in mind that you might possibly be enabling SSL3 with these instructions , if those cyphers don't work mabye others need to be enabled but they worked back then. Unknown what was used, ssl3, tls1.2 or tls1.3.

https://github.com/rn10950/RetroZilla/issues/47
https://browserleaks.com/tls

Also
Re: Very New VOGONS on Old Systems: using the 2020 era forums on retro PCs

or WebOne Proxy or WRP proxy

Cool I'll check out these links

I have several old systems I hope to make space for and connect to the internet with...
My plan is to take my old belkin router, and plug it into my current netgear router as an access point.
Then the various vintage computers I would connect through that, since it supports WEP, whereas the netgear doesn't.
it has 4 rj45 ports as well as the wireless.
hoping to connect a 120mhz pentium laptop, a Mac SE/30, an Amiga 3000, and hopefully a 486 desktop.
I'm hoping that retro-proxy program will work to connect these (and similar) systems to sites requiring tls, and because they're on the access point, any attacks can be kept from harming my modern computers.

Hamby wrote on 2024-10-12, 12:13:

I have several old systems I hope to make space for and connect to the internet with... My plan is to take my old belkin router, […]
Show full quote

I have several old systems I hope to make space for and connect to the internet with...
My plan is to take my old belkin router, and plug it into my current netgear router as an access point.
Then the various vintage computers I would connect through that, since it supports WEP, whereas the netgear doesn't.
it has 4 rj45 ports as well as the wireless.
hoping to connect a 120mhz pentium laptop, a Mac SE/30, an Amiga 3000, and hopefully a 486 desktop.
I'm hoping that retro-proxy program will work to connect these (and similar) systems to sites requiring tls, and because they're on the access point, any attacks can be kept from harming my modern computers.

Use retrozilla and do this to make sure the compatibility is maxed out:
https://github.com/rn10950/RetroZilla/issues/47