Security Software for ageing computers

[Freddy]

With the latest worm/virii hitting the mainstream press, I've been getting more than a few requests for people to check out their computer because 'it's acting funny', that they may have the virus. The computers had no maintenance and they didn't know what to do other than ask their geekiest friend [its amazing the stuff the lay person doesn't realize is stored when surfing. You never really know someone until you check their cache!]I did the usual - updates, patches, av, spyware, firewall, registry cleanup, etc. Now while all this stuff works on their computers (a few are win 95), boot time is slothlike and performance takes a hit - which may eventually force them to uninstall when the percieved threat disappears. I also know they won't bother getting the latest updates when available.So my question is what av, firewall and spyware software do you recommend that runs fast and has, hopefuly, an autoupdate feature?

[Guest LilBambi]

BTW: How much memory do these Win95 boxes have? That could be a large part of the slowdown. Also, cutting out any unnecessary TSRs that might be running in the system tray.As I am sure you already know but Norton no longer supports Win95 as many others are doing as well.Below are some free or free for personal use options that still work on Win95 and where the AV software does have auto-update features for you to look into:Antivirus software:Grisoft's AVG (Free for personal use)Avast! (Free for home use)Firewalls:ZoneAlarm (Free edition)Sygate Personal Firewall (Free for personal use)There are more. The following site, although maybe not totally up to date, provides a nice jumping point.The site lists free, demo and shareware programs under the following software categories:Antivirus, Networking (which includes firewalls), Miscellaneous Software (which includes spyware removal programs, etc.).There is also a configuration and uninstallation section for various types of security related software.HackFix.org - Software Reviews

[Peachy]

So my question is what av, firewall and spyware software do you recommend that runs fast and has, hopefuly, an autoupdate feature?

Zone AlarmAVG AV by GrisoftSpybot Search and DestroyorLavasoft's Ad-aware

[nlinecomputers]

There comes a time when you've got to tell a customer you don't support it any more. I no longer work on 95 boxes. If they can't spend a few bucks to upgrade to something newer then that then they can't afford me and I'm only $60 per hour. You can get dirt cheap computers that would run rings arround a 95 box for $200-300 dollars.

[Guest LilBambi]

Short and sweet Peachy and my exact general preferences as well.However, there are a few things with the Spyware Removers:Ad-aware no longer supports Win95:

Ad-aware is compatible with Microsoft® Windows® 98/Me/NT/2000 and XP Home and Professional.

SpyBot S&D (Search & Destroy) does still support Win95 with a few caveats.They have the following recommendation for Windows 95:64 MB memory recommended (more info here)

[Guest LilBambi]

There comes a time when you've got to tell a customer you don't support it any more.  I no longer work on 95 boxes.  If they can't spend a few bucks to upgrade to something newer then that then they can't afford me and I'm only $60 per hour.  You can get dirt cheap computers that would run rings arround a 95 box for $200-300 dollars.

Some folks really can not afford to upgrade.Some folks are lucky to have what they have and count themselves blessed to at least able to have a computer.I do however strongly suggest that they consider upgrading as soon as they can, but I will still help anyone who needs it whether they are able to upgrade or not.

[Rons]

There comes a time when you've got to tell a customer you don't support it any more.  I no longer work on 95 boxes.  If they can't spend a few bucks to upgrade to something newer then that then they can't afford me and I'm only $60 per hour.  You can get dirt cheap computers that would run rings arround a 95 box for $200-300 dollars.

Hi Freddy,Nlinecomputers is correct. Trying to get 95 boxes to run some of the newer software is sometimes futile. Most major software manufactures are no longer providing support for 95. PS I liked your term 'slothlike'.

[Freddy]

All -First thanks for the responses. But these are friends with aging computers - sorry if that wasn't clear. Not everyone is willing to get a new computer when they have one that works just fine for them - except for a minor crisis every year or so. After all, they did spend several thousand dollars, even if it was a millenium ago.I love retro-puting.

[greengeek]

I won't part with my old age pensioner computers either, one won't run anything higher than Win3.1. I don't use them on the internet so I don't run AV and they have never had a virus since I've had them.

[Jeber]

Freddy, you may have just put a name to my efforts with an old 133 box I inherited! I love it!

I love retro-puting

[ibe98765]

All -First thanks for the responses.  But these are friends with aging computers - sorry if that wasn't clear.  Not everyone is willing to get a new computer when they have one that works just fine for them - except for a minor crisis every year or so.  After all, they did spend several thousand dollars, even if it was a millenium ago.I love retro-puting. 

If you can't make your system safe for the internet, then you shouldn't be allowed on the net. Keep your box off the net and go to a library when you need to do something online. I believe that it is only a matter of time until some lawyer starts a chain reaction by suing someone who has passed along a virus for computer negligence. Should be an interesting case...

[Marsden11]

To encourage people to use non-securable OSes like Win 95 on the Net is nothing short of irresponsible.<<Some folks really can not afford to upgrade.>>There are many organizations that re-furbish and reload computers with a minimum of Win 98. They turn around and give the machines away to those in need. I belong to such a group. Our group gives away an avarage of 30 machines a month.There are always alternatives... especially when it comes to safe computing.

[Rons]

I believe that anyone using the Internet should be required to obtain a license - after demonstarting sufficent knowledge on how to maintain and secure their equipment. Some of us actually need our computers for business purposes and not just to email 'Aunt Tilly' or play solitaire. Having people on the net with unsecure systems is a risk to all of us.ibe98765 - you are correct. Some lawyer is going to sue a user for passing on a bug and damaging a system. Best part is that the law will support this type of damage.

[Freddy]

Thanks again. The _one_ person who had a win95 laptop got a new-used computer when she saw how slow it would be loaded with the safe-surfing software. Rons - I agree in principal, but unfortunately for too many people the inner workings of a computer is as much a mystery to them as that of their cars.

[nlinecomputers]

Rons - I agree in principal, but unfortunately for too many people the inner workings of a computer is as much a mystery to them as that of their cars.

How many people know how to fix cars? Not many. How many drivers know that you need to perfrom some kind of PM every few months. Most do.It is the same with computers. You hire someone to change your oil every 3 months you should do something much like that with your computers. The end user doesn't need to know how to maintain their computer they should only know that it needs to be done and hire someone to do it.If one persons computer is causing a problems for another user then the infastrucure of the internet needs to be changed. My house has circut breakers and fuses. Part of the reason for that is so that when I do something stupid and plug up the hair dryer and drop it in the tub I don't blow the entire electric grid. Why does the random port calls of an infected computer even reach me? Most ports should be blocked by the ISP and they should do a better job of filtering and identifing end users that are infected. If you sending out 10,000 viruses your system should be cut off from the net. If I have a Gas leak in my house I've got to be inspected and recertified safe before the gas company will reconnect me. Same rules ought to apply to internet use.

[redmaledeer]

Security concerns should be addressed, but it seems a pity to throw out older computers that are just fine for email (which is all that many people want), and maybe light surfing. A lot of people are left out of our new world because they can't even afford that..Hey, I'm writing this on a 133 PC (Windows 98, 48Meg RAM, 1G, IE 5.5). I have Grisoft AV, Spybot, PestPatrol, and a few smaller odds and ends. It grinds slowly sometimes, but a lot of people would be glad to have it..I ask out of total ignorance: Would Linux be inherently more secure, and perhaps use fewer resources, on these older computers?.redmaledeer

[nlinecomputers]

Well It would be more secure from the majority of malware out there that ignorant end-users tend to stumble into. But a good Linux box needs a firewall just as a good windows box does. But it is harder to do things on a Linux box as many things on such a box need root level acces.As for resources I would think most modern distros would be as much of a resource hog as a windows box. Anyone know of a good distro for older stuff?

[ibe98765]

Security concerns should be addressed,  but it seems a pity to throw out older computers that are just fine for email (which is all that many people want),  and maybe light surfing. A lot of people are left out of our new world because they can't even afford that.

But the simple act of connecting to the net for email use or "light surfing" exposes the machine to either infection or allows it to propagate infections. Computers are still too complicated for the average person and likely will continue to be so into the foreseeable future. Yes, MS and others can and should do more to simplify operations and maintenance. They should also do more to protect the neophyte from hurting themselves and others. OTOH, the more code that is put into an OS to achieve these goals means the more bloated the system becomes and less likely that it will run on older, slower computers. Dammed it you do and dammed if you don't...As far as I can see, there is really only one practical solution going forward: A nationwide ASP where all the applications and data is kept somewhere other than your personal PC. Yes, I know this will open up another Pandora's box and will raise a huge hue and cry, but it is the only solution that will work for the average person. I'm thinking that this solution will not be mandatory. However, if you choose not to participate in the ASP and due to negligence on your part, you become a propagator of a viral infection by making a net connection from your system, then you will be financially and criminally liable. For this to get started, laws would have to be passed specifying liabilities and of course, broadband will have to become ubiquitous and much cheaper than now. I was reading in Wired magazine a couple of months ago how the former SoftBank company in Japan is now marketing broadband branded by Yahoo at 12mbs for $21/month!

[Peachy]

We were hit with a Welchia worm on Thursday and Friday at work. Talking to the ITS guys this morning, they hypothesized that someone brought in a laptop and plugged it into the network. The way these worms work I think it is going to change IT practises. No more rouge laptops plugged into the network without AV scans and patched to the current levels. That's coming down the road if it hasn't already been implemented. This is one reason why we haven't let people loose on our wireless infrastructure, yet. IT isn't convinced it has the resources to prevent security breaches similar to this. The scary part is this worm managed to bypass VLAN ACLs!

[Cluttermagnet]

For this to get started, laws would have to be passed specifying liabilities and of course, broadband will have to become ubiquitous and much cheaper than now.  I was reading in Wired magazine a couple of months ago how the former SoftBank company in Japan is now marketing broadband branded by Yahoo at 12mbs for $21/month!

Bingo! There's my price point. If we had any _real_ competition in my part of the US, we would have deals like this right now, and I would have already switched from dialup to broadband. Instead, my 'buy' decision is looking out over a broad chasm: dial line + ISP for USD 26.25 per month vs. 60.00 for broadband cable (without cable TV; 50.00 with an existing cable TV subscription).BTW, one of my industry magazines (fiberoptics sector) has a lead editorial this month claiming that their presently moribund industry is looking seriously at the possibility of FTTP starting to take off in the next year or so ("fiber to the premises", not FTP). They are not betting large amounts of money just yet, but they do sound quite serious. The piece made mention of early installations beginning as soon as 2004- that's next year!That couldn't come soon enough, as I see it, as the power industry and its servants in the federal government appear ****- bent on unleashing BPL (broadband over power line) and essentially trashing the HF radio communications of present day users they are supposed to protect. If anyone in the computer field is ever faced with the option of choosing BPL as a supposedly less expensive broadband option, I recommend they think long and hard before jumping in with that mode. They may well get burned and left holding modem hardware that quickly becomes obsolete, useless junk. Expect a pitched battle to continue on between present users of the HF radio spectrum on the one side and the power industry and government on the other. One possible negative for early adopters of BPL- it there happens to be an amateur radio station or other HF communicator in their neighborhood, they can count on taking a severe hit on their data rate whenever the radio station is transmitting. BPL has been shown to be severely susceptible to such interference. BTW a user who has a BPL modem would have little recourse, as the hardware is supposed to 'accept' such interference without detrimental effects. Recent tests show clearly that it will not. As for my own geriatric computer, a 486-66/ 36M/ 0.4G HD/ Win 95, I keep it fairly up to date for sentimental reasons, and it is unlikely to get hacked because of the infrequent and conservative manner I use it in, with very little online time. I do not surf to unfamiliar websites, either, and would only be visiting a limited few well- known and trusted sites. I have AVG and Zone Alarm on it, and use a safer email client (Pegasus) and have gotten the Kmeleon 0.7 browser to run very well on it. I would not put this system in the hands of a rookie, of course, and it will not be seeing many more internet hours. It will probably end up as a router/firewall of some sort, or more likely a dedicated computer for doing radioteletype in radio communications work- entirely in offline mode, of course. "Retro- puting" is a great term, Freddy. It may catch on.

[ibe98765]

We were hit with a Welchia worm on Thursday and Friday at work. Talking to the ITS guys this morning, they hypothesized that someone brought in a laptop and plugged it into the network. The way these worms work I think it is going to change IT practises. No more rouge laptops plugged into the network without AV scans and patched to the current levels. That's coming down the road if it hasn't already been implemented. This is one reason why we haven't let people loose on our wireless infrastructure, yet. IT isn't convinced it has the resources to prevent security breaches similar to this. The scary part is this worm managed to bypass VLAN ACLs!

There's been too many instances of this happening over the years. Are there any solutions to this problem (e.g other than the obvious of making sure anything connecting has undergone a scan first)? I'm thinking something like a code exchange at connection verifying that the connecting unit has been scanned?

[Rons]

redmaledeerPost your Linux question in the Linux forum - I am sure you will receive plenty of assistance. There are some small distro's - limited functions & GUI - that can be used on older systems.

[Freddy]

How many drivers know that you need to perfrom some kind of PM every few months

You'd be amazed how many people don't actually perform maintenance on a timely basis. How often do you see a car with 100,000+ miles? Those owners take good care of their car.

[ibe98765]

For this to get started, laws would have to be passed specifying liabilities and of course, broadband will have to become ubiquitous and much cheaper than now.  I was reading in Wired magazine a couple of months ago how the former SoftBank company in Japan is now marketing broadband branded by Yahoo at 12mbs for $21/month!

Bingo! There's my price point. If we had any _real_ competition in my part of the US, we would have deals like this right now, and I would have already switched from dialup to broadband. Instead, my 'buy' decision is looking out over a broad chasm: dial line + ISP for USD 26.25 per month vs. 60.00 for broadband cable (without cable TV; 50.00 with an existing cable TV subscription).

Comcast is offering 1.5M/256k in a signup special for $19.95/month for 6 months. Then $42.95/month if you have their cabel service or $56.95 if not. Modem rental is $3/month.After 6 months, you could revert to dial-up...