Is it easier to hack 98se vs 2000?

[trudi]

I'm not asking as a how to or anything I have two computers, one 98 and one 2000. Both are connected to my cable router and have ZoneAlarm installed. I get absolutely no errors that someone is trying to get into my 2K system but I now am getting a couple messages a night on the 98 one - I assume that someone is trying to find an open port because the 3 messages I've gotten from ZA so far are from the same IP, same time of day but different ports trying to be accessed. I just thought that this was strange that it would try to access the one and not the other. Or are they getting into my 2K and it isn't registering on ZA?

 

[Psychoholic]

It all depends on how you have W2K setup. Are you using NTFS??? Do you use File Encryption???

That all may be a moot point however. Did you really mean to say cable router, or did you mean to say cable modem??? If you actually have a router and have it correctly configured it should prevent access to anything behind it.

 

[dadx2mj]

Kind of odd I jsut switched from Win 98 to Win2k. When I had 98 I hardly ever got a Security alert from my firewall but right after I switched to win2k I started getting Security Alerts all the time. I have had Win2K for over a month now and I get 3-4 alerts a day of someone trying to gain access to my PC. I don't know if it has anything to do with the OS but it is strange that it started when I switched.

 

[Techwhore]

They might not have seen the IP for the 2k box yet... if you notice the same IP is hitting you, u can report it. Is it on the same subnet?

To answer your question about 2k being more secure than 9x, it's not really. It can become more secure than 98 without the use of 3rd party software, but just having 2k installed doesn't necessarily qualify as more secure than 98. Running ZA on both machines is good though, if the permissions are set right ZA is pretty effective and tight. If you're concerned about security, you can buy a hardware firewall or build one from an old machine and achieve "layered" security by being behind the filter and still running ZA on your workstations.

I would definitely report it though, perhaps they'll lose their IP and suffer

 

[Woodie]

Well, out-of-the box W2K is more secure than W98 out-of-the box.

It's much easier to tighten security on W2K, than on W98--heck, I can't even lock down my son (5) on the W98 machine!

--Woodie

 

[trudi]

Thanks! Yeah its a cable router, Linksys 4 port - it was the easiest way to allow both machines to run off of the cable modem. I thought that was supposed to keep people out too!

I have 2K set up with NTFS but really haven't wanted to mess anything else up so I've left it as is, it uses my memory better than ME so i'm happy. Is there anything specific I should do? I realize that I'm not supposed to use the Admin on a daily basis but everything works so well and I've read all of these posts where people are having a terrible time adding a power user that I don't know if its worth it.

I know that there isn't a great difference in security between the two but I just was interested more in if 9x were easier or more common targets. I had a sub7 virus on my 2K machine but I reformatted and reinstalled and now come out clean with virus checks so I am well aware that neither is perfect. Guess I was just trying to rationalize it. The 98 is my parents machine and I'm going to have to change ZA because when they turn it on and get those alerts they freak - its hard for me to explain too since I haven't gotten anything.

Is there some web page I can go to to check the background / ownership of the IP address???

 

[Techwhore]

<< The 98 is my parents machine and I'm going to have to change ZA because when they turn it on and get those alerts they freak >>



I don't think that's necessary... seeing the alerts is kind of a good thing. It lets you know that they were blocked. I'm not so sure that seeing no alerts would be good at all becuase it's silly to assume that people aren't port scanning and probing you.

What you can try is unplug the cable modem, cut the power. Before you give it power again, make sure all machines are on, then plug it back in. This will reset the modem and should give out new IPs to your machines. The reason they need to be on is so the modem can find their MAC address. This will change your IP so whoever is trying hack you will have to find you again. This will only work if you're not using DNS or Dynamic DNS services (which you're probably not).