Re: Download the Earth - Sigh...

2005-09-05, Responding to Navy1...
> On Mon, 05 Sep 2005 00:45:46 GMT, MikesBrain <Mike@xxxx> wrote:
>
><clip>
>>
>>P.S. My virus infestation to date. Zero.
>> Can you guess how I achieved this?
>
> I may need to knock on wood, but I keep my Norton up-to-date each time
> there is an upgrade. I also have it on automatic update and scheduled
> scan once a week. If there is a notification of a new worm, I live
> update and then do a complete scan. I always scan any new program
> and/or demos I download. I never click on "click here to unsubscribe"
> unless it is a message from an address that I am familiar with. I
> have two sons who work in computer fields, so get a lot of advice. I
> also never respond to "get rich in ....." Number 1, to get rich
> because of "found" funds is against my beliefs. Number 2, a lot of
> those offers are illegal. I also use the "filter" part of my email
> program (Eudora).
>
> Any additional suggestions, anyone?



To "get" a virus (often actually little more than an exploit
of a M$ operating system's continuing crapness ;) you need
to download it, and then activate it.

This is easy with WinDOHs as the browser is integrated into
the systemss primary functions, including the Explorer
components of the file managment mechanisms. With no
effective file-permission capacity to protect all the files
that make up the "system", once something is active, it has
unrestricted access to virtually every part of the system.

When you add all those built-in auto-this and auto-that
functions (many of which do things without asking you, or
even letting you know that they are doing something), you
have a paid-up ticket to zombie-town.

The best way to avoid such events is, as you suggest here,
to break the link in the chain between delivery and
activation of malicious code. Step one is of course to avoid
allowing it into your system in the first place, and filters
are a good way to start. Coupled with programs that cannot
be recruited into "performing" also helps, like using a
plain-text only Email proggie, and similar newsgroup
software, dumping Active-X (a HUGE security hole), not
allowing Java etc. all help to reduce that list of routes
into your system.

Of course, non of this is worth a damn if the system these
programs work within is riddled with holes itself.

A firewall can also help, but it has to work independant of
the operating system. For instance, XP's "firewall" is
simply an incoming filter, and limited in what it will
filter too. If something nasty gets into your system, and
accesses all those non-secured files including your system
binaries etc. then it has free range to "send out" via
almost any method it chooses, and can download all the
"extras" it needs to complete it's "tasklist".

Then you have the ever growing list of spyware programs.
some declare their intent to transmit your data to locations
unknown (read the EUA, in depth!) and some will "collect"
the extra bits they need to "set up camp" in your system as
you use them.

Several (most) major software companies use "phone-home"
loopholes (that you agreed to on installation, wether you
knew it or not) that exploiters can recruit to give them
access to at least a regular scan of your system that you
may never know happened, the data from which may be sold on
to others who have their own uses for it, including sneaking
in spyware and zombie control bugs for later use, maybe a
DoS attack where you will be the one(s) the traces lead back
to and so on..

Securing your system is an ongoing process of learning
really. As has been said, security is not a "solution", its
a practice.


Step-1 Don't download the stuff

Step-2 Don't activate it

Step-3 Don't run unsecurable software.


--
----
* Another squeaking wheel @ http://tinyurl.com/6bf56
* Mike's (curious) Brain @ http://tinyurl.com/4872c
- Have a nice day, it really does do you good! :)
.

Relevant Pages

  • [NT] Vulnerability in Microsoft Internet Security and Acceleration Server 2000 H.323 Filter Could Al
    ... Get your security news from a reliable source. ... A security vulnerability exists in the H.323 filter for Microsoft Internet ... Security and Acceleration Server 2000 that could allow an attacker to ... overflow a buffer in the Microsoft Firewall Service in Microsoft Internet ...
    (Securiteam)
  • Re: KB867801 Security Update installs(?) every day
    ... >> I would try deleting the downloaded files which are making the install possible. ... I can't remember where WUv4 downloads to and installs from. ... widen the filter, get some better hints from somebody else, or guess and get lucky. ... I seem to recall that WUv4 tries to download to and install from the partition ...
    (microsoft.public.windows.inetexplorer.ie6.browser)
  • RE: How to restrict users to see data in a mutiuser environment?
    ... interested setting up workgroup security. ... ' Gets the userid of the current user. ... Dim Length As Long ... which you open the form you want to filter. ...
    (microsoft.public.access.modulesdaovba)
  • Re: Do I really need a FW besides WXP
    ... Controlling aleady running programs what ... > Since XP Home doesn't really have good security like XP Pro ... If the "router" is running a packet filter and maybe NAT, ... data security to filter away to hide something. ...
    (comp.security.firewalls)
  • Re: Do I really need a FW besides WXP
    ... Controlling aleady running programs what ... > Since XP Home doesn't really have good security like XP Pro ... If the "router" is running a packet filter and maybe NAT, ... data security to filter away to hide something. ...
    (comp.security.firewalls)