Stop Microsoft
Operating Systems => Linux and UNIX => Topic started by: Lord C on 30 April 2005, 12:04
-
Ok, so the best game I ever played was called Neocron (http://www.neocron.com), and the sequell Neocron2 (http://www.neocron2.com).
The only problem is, it only works in Windows :(
As much as I really, really, really don't want to install that OS again - I really wanna play Neocron 2 again :/
As you can see, i am in a dilemma here.
I am a sci-fi mmorpg person (see my site so-pro.co.uk (http://www.so-pro.co.uk)), and I have been playing Anarchy Online with Cedega - but it just isn't the same.
Install Windows XP, Firewall, Anti-Virus/Malware, Shitloads of Drivers just for a game?
Rar - it's times like this that proprietary software really pisses me off.
Death to DirectX :(
-
I take it you've tried WineX, oh well you'll just have to dual boot or have a separate Windows machine for games. You could also buy a games console.
-
A lot of games run in Wine these day. GTA3 runs at near native speed.
You can also grab a copy of VMware (best app ever created) and run Windows in that. The game might work, but then again VMware doesn't do graphics very well.
-
Install Windows XP, Firewall, Anti-Virus/Malware, Shitloads of Drivers just for a game?
Why would you bother to install a third party firewall, AV, and anti-spyware/adare when you are just going to play games on it?
Here's what you do.
1) Unplug the Rj45 cable from your PC
2) Install XP
3) Turn XP's firewall on
4) Plug in the RJ45 cable
5) Update windows
6) Update drivers
7) Install game
8) Play game
9) Boot back to [insert non-windows OS here] when you are done playing.
-
I think you missed the part where he said the game would be online when he plays it. As much credit as I give Windows Firewall, it still has the capability of being switched off by malicious third-party software, so it IS a good idea for him to be running BitDefender Free Edition (http://www.bitdefender.us/bd/site/downloads.php?menu_id=21), SpywareBlaster (http://www.javacoolsoftware.com/sbdownload.html), SpywareGuard (http://www.javacoolsoftware.com/sgdownload.html), and possibly AdAware SE Personal (http://www.download.com/Ad-Aware-SE-Personal-Edition/3000-8022_4-10045910.html?part=dl-ad-aware&subj=dl&tag=top5) to cutoff any potential nasties that could get in without a router safeguarding all possible ports.
Then again, it might work just as well in VMware, who's to say? I consider it to be fully worth the $189 price tag (few things are these days) to have VPCs, so you can "toss the computer in the dumpster" - should something go wrong - without jeopardising your expensive hardware. But then, I've been using evals as much as possible. ;)
-
No. I didn't miss that part at all. XP's firewall is as good as any other firewall for what it does - inbound blocking. Inbound blocking is all you need - especially if you're only going to play games with Windows.
IMO, firewalls are not even really necessary to stay secure - even with Windows. I don't run one - I have my BSD DSL router forward large groups (Ports 5000-12000 Tcp/udp) of ports over to my box which has FreeBSD/XP, so when I need to open up a port on that box, i just pick one from that range and it works.
Don't want people connecting to your Windows machine? Turn the various services that Windows turns on by default off. Turn off file and printer sharing, and Netbios for TCP/IP in your internet connection properties and there will be no ports exposed for any script kiddies/worms to hit.
If you perform these two steps above, the only way you could get hit with malware is if the actual game you were playing had a vulnerability.
A closed TCP port is a closed TCP port. There is no magic way (aside from lUser interaction) for malware to break into a Windows computer that isn't listening.
-
If you perform these two steps above, the only way you could get hit with malware is if the actual game you were playing had a vulnerability.
Your saying that tells me that you did, in fact, miss the point. I never meant to say that the vulnerability was in Windows itself. Then again, where do you get off saying the firewall isn't responsible for blocking a vulnerability in the game? If I block port 8080 inbound, I don't expect to see inbound traffic on it, even if the game allows it. That's defending a security breach, as far as I'm concerned.
That's why my boxes are behind a router, because the firewall is SOFTWARE ONLY. It doesn't block third-party connections over legit ports for crap.
A closed TCP port is a closed TCP port. There is no magic way (aside from lUser interaction) for malware to break into a Windows computer that isn't listening.
Evidently not, or you wouldn't have made the prior comment. Apparently, the "magick" way would be to run a third-party application under a first-party OS with sufficient security privs to allow such a breach. Excuse me for seeing that as a shortcoming.
-
So you are advocating that a Windows machine which is not listening on any TCP ports is more vulnerable than one which has a third party program blocking all it's ports? A third party program can help and it can also add one more layer of potentially exploitable code. Do you remember the worm which infected 12,000 Windows boxes running Black ICE awhile back? The worm exploied a hole in Black ICE itself. If these machines wern't running Black ICE, they wouldn't have been exploited and damaged.
Now if you're going to surf goat porn sites with IE logged on as an administrator, and use outlook express to access your Gmail account, some third party protection would defitnitely be in order, but this machine is only going to be used for gaming. If you turn the windows services off, then the only route of remote exploitation would be through the game itself. Installing a bunch of programs to protect against such an improbable threat, just seems a tad bit paranoid to me.
-
So you are advocating that a Windows machine which is not listening on any TCP ports is more vulnerable than one which has a third party program blocking all it's ports? A third party program can help and it can also add one more layer of potentially exploitable code. Do you remember the worm which infected 12,000 Windows boxes running Black ICE awhile back? The worm exploied a hole in Black ICE itself. If these machines wern't running Black ICE, they wouldn't have been exploited and damaged.
Quite the opposite (that is to say, a Windows machine running a software firewall is less secure than one that's blocking all inbound ports via a hardware layer), and I'll thank you not to twist my words to mean something other than what I said. You also miss the point that the Windows firewall has no basis in hardware, it exists solely in the Application protocol layer. There are literally hundreds of scripts out there that allow raw intrusions into the /dev/hda1 space itself by ignoring anything above the Network layer. You need something where you can block traffic at the Physical layer and higher.
Now if you're going to surf goat porn sites with IE logged on as an administrator, and use outlook express to access your Gmail account, some third party protection would defitnitely be in order, but this machine is only going to be used for gaming. If you turn the windows services off, then the only route of remote exploitation would be through the game itself.
Maybe you've forgotten about that nice little Sub7-style backdoor in Doom II that iD hardcoded into the game.
Installing a bunch of programs to protect against such an improbable threat, just seems a tad bit paranoid to me.
You must be new here.
-
Quite the opposite (that is to say, a Windows machine running a software firewall is less secure than one that's blocking all inbound ports via a hardware layer), and I'll thank you not to twist my words to mean something other than what I said.
Wrong. Firewalls block data on the network layer. It's impossible to apply any type of traffic rules on the physical layer because the physical layer contains absolutely no type of addressing information. It is possible to block traffic on the datalink layer, but the data link layer contains only mac address information, which is only usefull if the device you want to blocking is on the same logical network as you.
Now, when you said physical layer, I wasn't sure if you were talking TCP or not, but then you came up with this laugher....
You also miss the point that the Windows firewall has no basis in hardware, it exists solely in the Application protocol layer.
Whoops! Wrong again. The Windows firewall is based upon IPSEC which has control of the TCP stack at the network and transport protocal layers. Every firewall, even expensive uber firewalls like the Cisco PIX rest on the network protocal layer.
There are literally hundreds of scripts out there that allow raw intrusions into the /dev/hda1 space itself by ignoring anything above the Network layer. You need something where you can block traffic at the Physical layer and higher.
Huh?? Okay, now I'm not so sure if you even know what you're talking about. I'll have take some guesses as to what you meant.
First of all, if you want to block traffic on the physical layer, unplug the RJ45 cable from your PC, or turn off your router, firewall or switch. It's the only way.
If you were talking about malware that can disable the Windows firewall...
Yes - this is definitely possible, in fact, it's easy if the code has admin priveledges, but how does the malware get onto the PC in the first place? If you are running a game tha has an exploit, and a worm comes through the game onto your PC, how does an external 'hardware' firewall going to help you? Answer - it won't, unless it blocks all outbound connections too. That would be rather inconvenient.
If you were saying you know of scripts can get to a remote host without knowing it's IP address and port, and then put data on the targets hard drive...
Wow. Who Whoever wrote those are some talented mofos, considering it's technically impossible. I'd sure love to meet them so I could bow down to them at the alter of programing gods.
Maybe you've forgotten about that nice little Sub7-style backdoor in Doom II that iD hardcoded into the game.
Never heard of it as I've never played any of the Dooms, but I did a quick Google. That backdoor, was listening on the same port the game listened on. If you played Doom II, then you would have had to tell your firewall to alllow traffic on that port.
Besides that, can you link me to some other major exploits of online games, and some documented cases of people being explioited by them?
To close, you're whole notion of "hardware firewalls" being so superior to "software firewalls" is bunk. There really is little difference between a "hardware firewall" and a "software firewall". "Hardware firewalls" from cheapy $30 linksys boxes, all the way up to $50,000 Cisco PIX are nothing but computers which sole purpose is networking. They have a processors, a motherboard, a BIOS, network interfaces, permanent storage media, and they run operating systems, which do networking, and sometimes other things. The Windows XP firewall has as much control over the machine's network interface as any Linksys box has control over it's network interface. A hardware firewall is tantamount to a bouncer at your door with a guest list. They definitely have their uses but they aren't anything particularly special. Hardware firewalls biggest advantage is the ability to manage traffic for multiple hosts.
-
Hang on just a second, sorry I've not read your long posts but, if you use a hardware firewall running BSD the it's obviously going to be more secure than connecting your Windows box directly to the internet.
-
Well, I shoved another 80gb hard drive in and installed XP.
I expected Grub to mess up, which it did (Windows overwrote my MBR).
So I used a LiveCD to restore it etc....
Windows had decided it wasn't happy with the 80gb I had given it, and chose to overwrite another ext3 drive (which had all my downloads in it), which I wasn't happy about.
I then discover that my /home drive has also been fucked up.
Which had me livid!
I did perform a small backup before installing XP, so I have some of my files, luckily.
Damn I hate windows.
Looks like I have to reinstall Ubuntu tomorrow.
The thing I miss most is my bookmarks.html :( fs.
---
My original post displayed the fact that I used cedega (formely WineX) to play one game, so I am very aware about the Cedega product, and of course I did try the game with it.
Also, playing a game in VMware is not an option.
Well, maybe Solitaire, but an online 1st person shooter MMORPG? Nah lol.
-
Hang on just a second, sorry I've not read your long posts but, if you use a hardware firewall running BSD the it's obviously going to be more secure than connecting your Windows box directly to the internet.
Maybe....but the amount of increased security to can get by blocking all ports with an external device depends on what the boxes behind that device are doing. If your Windows box is not listening on any ports, then all you accomplish is redundancy, and increased complexity. You might gain an iota of security this way, but IMO, time is better spent on other aspects of security, like priveledge use, and process isolation.
Of course the occasional TCP stack vulnerability (http://www.microsoft.com/technet/security/bulletin/MS05-019.mspx) pops up from time to time, but these type of vulnerabilities generally affect every Operating System that run TCP/IP and they are extremely difficult to carry out. I've never heard of a case of remote code execution happening via a TCP vulnerability. Regardless of the operating system, you would want to apply a patch to any type of TCP exploit immediately anyway.
Interestingly enough, "software" firewalls, including the built in XP firewall will mitigate the vulnerability I linked to above.
Note, that my BSD box doesn't run any type of firewall. it does NAT for the two boxes connected to it and it freely forwards ports to the two machines conencted to it. Technically, requests to most of the lower ports 1-4999 do stop at my BSD box, but this is only because I don't want to pay for multiple public IP addresses from my ISP. If they offered multiple IP's for a cheaper price, I would have all of my machines directly connected to the net through my BSD box.
-
Well, I shoved another 80gb hard drive in and installed XP.
I expected Grub to mess up, which it did (Windows overwrote my MBR).
So I used a LiveCD to restore it etc....
Windows had decided it wasn't happy with the 80gb I had given it, and chose to overwrite another ext3 drive (which had all my downloads in it), which I wasn't happy about.
I then discover that my /home drive has also been fucked up.
Which had me livid!
That's fucked. Sorry to hear that. You have to be carefull when installing Windows on a machine with other OSs. I've installed Widnows on a machine that allready has BSD on it, and besides the automatic overwriting of the MBR, it didn't screw with my BSD slice.
-
I think it somehow fucked the repartitioning up, so Windows thought it had the whole 80GB to play with. I have Vector Linux installed on a separate hardrive and I didn't modify the MBR on my main hard disk, instead of having a crappy menu when I start my PC, I just change the boot order on the bios to boot the slave before master and vice versa.
-
I think it somehow fucked the repartitioning up, so Windows thought it had the whole 80GB to play with. I have Vector Linux installed on a separate hardrive and I didn't modify the MBR on my main hard disk, instead of having a crappy menu when I start my PC, I just change the boot order on the bios to boot the slave before master and vice versa.
Same here. I have BSD on a seperate hard drive. If I press ESC during the POST, my BIOS gives me a boot menu.
-
Looks like I have to reinstall Ubuntu tomorrow.
The thing I miss most is my bookmarks.html :( fs.
You might want to try this extension (https://addons.update.mozilla.org/extensions/moreinfo.php?application=firefox&category=Bookmarks&numpg=10&id=14) for firefox. I found it a few weeks ago. I have synchronized bookmarks on both my XP/FreeBSD partitions at home, and on my two PC's at work. It works like a dream.
-
You might want to try this extension (https://addons.update.mozilla.org/extensions/moreinfo.php?application=firefox&category=Bookmarks&numpg=10&id=14) for firefox. I found it a few weeks ago. I have synchronized bookmarks on both my XP/FreeBSD partitions at home, and on my two PC's at work. It works like a dream.
Synch kicks much ass.
Good on ya for linking a decent extension. ;)
-
how about this one? if you reallymust run windows, only giveit access to the port it needs to connect to the game, and deny allother ones,and make sure your router is in hardware.....preferably running something like SElinux, then agian, my ass is pariniod.actaully, do us all a favor and put that windows machine behind a wall.....i hate it when some windows virus takes down parts of the net i like.