May 3rd, 2003 06:26 PM
DOS Windows ME
Hello, I have a computer on which I still use Windows ME, but sometimes he suddenly crashes;I'm connected to a LAN-network.
Could this be a Denial Of Service atttack ??
If so, which one (cos I was told win ME is less vulnerable for DOS's than the other versions of windows 9x)?
What can I do about it (if I don't want to install a firewall) ?
May 3rd, 2003 06:34 PM
ehh well heres my 2 cents why dont you want to install a firewall? I would if i were you. And windows crashes alot doesent mean your being DDOS but try to install a firewall and see what happens...
May 3rd, 2003 08:16 PM
well if you are on a small lan and someone is DoSing you from outside the lan it would only affect the gateway. now if you are the gateway it is a possibility. windows me has a lot of stability problems and thats most likely it
May 3rd, 2003 09:17 PM
I personally haven't heard about too many ME boxes being DOS'ed. What happens when it crashes? Are any particular programs open when it happens? ME's pretty prone to crashes, especially when you have registry errors. If you honestly believe it's a DOS, as hackerdan said, install a firewall. Otherwise, start keeping track of what you're doing when your computer crashes and see if you can isolate the problem.
May 3rd, 2003 09:24 PM
I agree with adven, windows ME is considered by many to be the worst OS microsoft has excreeted. It's prone to crashing, often 'forgets' it's configuration and is no more secure than 98. In short it is hardly an excuse for microsoft to charge 99.95 or whatever. now as long as you can put up with the crashing a junk, which will continue to happen randomly and probably more frequently since the last time you formated and recovered, as long as you have a good firewall you should be fine.
May 3rd, 2003 09:26 PM
the crashes are unpredictable and don't depent on the programs opened.
I'll probably install a firewall if this is really the only option.
thanks all for your help.
May 4th, 2003 04:29 AM
just pull out the network cable for a while and see if you get the same thing. also you could install a network sniffer like tcpdump (donno if that works on doze) and see if you get an increase in traffic when the crash is.
May 4th, 2003 07:34 AM
May 5th, 2003 03:49 AM
Alrighty, I used to use Winblows ME until I got completely sick of its bugs and moved on to Linux. I basically (with WinME) ended up formatting once a month, reinstalling everything because, within a month, my WinME box was so messed up it wouldn't even boot up anymore. I doubt you're being DDoS'ed or DoS'ed, but hey, its alright to be paranoid and think of it as a very real possibility. I've been told by every computer tech I've talked to, if you want to use Windows, stick with 98SE or XP. I just stay away all together.
As for firewalls, you can find free ones all over the net, such as ZoneAlarm or Sygate. (It actually took me a few minutes to remember, its been a while since I've worried about that now that I use Netfilter iptables, also free, but on Linux )
Just a quick question too, since your on a LAN and connected to the net, are you running it through a hub or a router? I run mine through a router, which has a 'hardware' firewall (basically, NAT) You can get some decent ones for residential use for $200 CAD which use SPI. (Supposed to be better than NAT and are supposed to do a better job of fending off DoS attacks, such as SYN Floods and such) With these, they don't really affect your local resources nearly as much as running something like Norton Internet Security 2003. I'm not bashing Symantec here, just I've noticed that NIS 2003 really uses up some valuable resources! (On the other machine still running WinME)
Lebb, your question on "what would a firewall do?" Everyone, I'm no expert, please correct me if I'm wrong. A firewall, depending what you get, will try to secure your system. I find most Windows-based firewalls are application filtering, which basically means they watch the thread process name and which port it runs on, if its new, it pops up and asks you if you want to allow it or not. They still do (at least Nortons does) watch for ports used for Trojans, and check for port scans, etc. It tries to stop unknown programs from opening up to the internet, and alerts you if a rule is matched. (Such as a trojan opening port 5000!) Ahh, the good ol' Plug'n'Pray! :P
Other firewalls are 'packet-filtering' which, I believe, scan each and every packet header and check them against a set of rules. (Netfilter iptables are like this) Say for example, you don't want to allow any inbound SYN packets (so no-body can remotely set up a connection with your computer) you could block any packet with the SYN flag set. Then comes hardware firewalls like NAT and SPI, which I'm not really familier with, so its likely best I don't try to explain them.
I hope that made sense, please feel free to let me know if I'm wrong. I hope I was accurate, though I'm certainly no expert!
Alcohol & calculus don't mix. Never drink & derive.
May 5th, 2003 09:03 AM
dstevens1958, I'm not connected to a hub (that's all I know about my network).
I 've allready decided that I'll install "norton internet security 2003", and if I still have the same problem, I'll take Windows XP as OS.