I've been using WinXP and Windows 2000 on the internet every day for years. It's really not a big deal. I'd put Win98 or Win95 on the internet without hesitation.

Use a firewall, a simple NAT router is fine. (does anybody plug their computer directly into the internet in 2015?)
Don't host services on it. Since the NAT shouldn't be forwarding any ports to it, cross this off.
Web browser should have a script blocking plugin or just no script support installed at all, if not needed.
If you don't want viruses, don't install them. Install clean software.

In January, because the power supply of my main system died, I had to use my old Celeron 600 with win98SE for about 2 months. First I Installed an inofficial service pack for Windows. Next KernelEx to be able to get Firefox 9.x.x to run. It was terribly slow, but it worked better than I thought it would 🤣
There was no firewall installed. AV was AVG free antivirus 7.5

I remember about 7-8 years ago, I used Sygate Firewall + AVG on that same system. But don't ask me for the versions of those ^^
They totally did it for me back then

PeterLI wrote:

There are billions of devices online so the changes of being targeted are < 1%

You're overestimating how difficult it is to mass scan the internet and how many attacks are actually targeted to a specific computer.

shamino wrote:

Use a firewall, a simple NAT router is fine. (does anybody plug their computer directly into the internet in 2015?)

While there might be a very simple hardware firewall on my ISP's side, I'm pretty directly connected to the internet. If I was running any vulnerable services (and Windows Firewall allowed them), I would have problems.

A key question is: who cares? When you have no PII on the Windows 9X machine there is nothing of value to be taken by cyber criminals.

If you're connecting it to the internet, it's usually to browse the web. People who browse the web usually store passwords. There you have something worth going after.

Oh and let's not forget that Win9x machines aren't entirely useless as botnet machines either.

Precisely this. I seriously doubt any malware makers are targeting Windows 9X-based systems, if only because of the age.

Specifically targeting, maybe not. Using exploit kits that will hit Win9x all the same? Probably.

I got hit by the WMF exploit when I was running Win7. It would affect Win95 just the same. Except you wouldn't be getting an automatic update to fix the exploit in Win95.

ZellSF wrote:

You're overestimating how difficult it is to mass scan the internet and how many attacks are actually targeted to a specific com […]
Show full quote

PeterLI wrote:

There are billions of devices online so the changes of being targeted are < 1%

You're overestimating how difficult it is to mass scan the internet and how many attacks are actually targeted to a specific computer.

shamino wrote:

Use a firewall, a simple NAT router is fine. (does anybody plug their computer directly into the internet in 2015?)

While there might be a very simple hardware firewall on my ISP's side, I'm pretty directly connected to the internet. If I was running any vulnerable services (and Windows Firewall allowed them), I would have problems.

A key question is: who cares? When you have no PII on the Windows 9X machine there is nothing of value to be taken by cyber criminals.

If you're connecting it to the internet, it's usually to browse the web. People who browse the web usually store passwords. There you have something worth going after.

Oh and let's not forget that Win9x machines aren't entirely useless as botnet machines either.

Precisely this. I seriously doubt any malware makers are targeting Windows 9X-based systems, if only because of the age.

Specifically targeting, maybe not. Using exploit kits that will hit Win9x all the same? Probably.

I got hit by the WMF exploit when I was running Win7. It would affect Win95 just the same. Except you wouldn't be getting an automatic update to fix the exploit in Win95.

Yeah, I thought some of the previous arguments sounded a bit naive / over optimistic. What you say makes sense.

King_Corduroy wrote:

I have heard that because it's so old and no one is using it that it's much safer than Windows XP but being a fairly paranoid person about getting computers infected (I use linux day to day) I'm not sure I see the logic in that.

If you were paranoid enough, you'd have dug a little deeper and figured out 9x isn't safer than XP in any way shape or form, and that on top of 9x being virtually useless for going "online" even under the most liberal interpretation of the word.

If you really must put yourself through this inconvenience, I'd say make sure all ports are closed, use Sygate (firewall), double check downloaded files with a good external AV and relegate the machine to telnet and ftp.

Lo Wang wrote:

King_Corduroy wrote:

I have heard that because it's so old and no one is using it that it's much safer than Windows XP but being a fairly paranoid person about getting computers infected (I use linux day to day) I'm not sure I see the logic in that.

If you were paranoid enough, you'd have dug a little deeper and figured out 9x isn't safer than XP in any way shape or form, and that on top of 9x being virtually useless for going "online" even under the most liberal interpretation of the word.

If you really must put yourself through this inconvenience, I'd say make sure all ports are closed, use Sygate (firewall), double check downloaded files with a good external AV and relegate the machine to telnet and ftp.

Thank you for stating the obvious...