Re: Reboot And Modem Speed..
- From: Bit Twister <BitTwister@xxxxxxxxxxxxxxxx>
- Date: Sat, 08 Sep 2007 21:40:23 GMT
On Sat, 08 Sep 2007 20:31:24 GMT, JD wrote:
And that's going to take how long? I guess I should have stated in the
original post that the speed loss can happen in two days or 14 days.
Doesn't sound like my computer is compromised.
Why not. Crackers are creating dns entries with a short life time to
servers of their malware. Your system may be part of that network and
it takes awhile for the bot master to get back to using your system.
Also, don't you think that four different programs designed to find
malware, spyware, trojans, and/or viruses would find the compromise?
Check for yourself http://www.pcmag.com/article2/0,1895,2135092,00.asp
So what if your AV misses 1% of 600,000
NOTE: Following urls pulled from stuff I read 2006/2007.
No idea if they are still valid or not.
When was the last time you booted in the safe mode to do a
Antivirus can of your system.
http://www.eweek.com/article2/0,1895,2136282,00.asp
I check http://isc.sans.org/diary.html everyday and several times I
see them talk about some new piece of malware and sometimes they say
something like only 2 or 3, or 4 or 6 out of 32 AV vendor products
were able to detect it as of this writing. :(
Some AV product is just another AV product repackaged under another name.
All AV products have to catch a copy of the malware, figure out how to
find it, test it, deploy to server and you get the download installed.
Thats about an 18 hour turnaround to get you protected.
Saw an article where the malware was constantly being morphed to foil
the scaners and infected websites had malware watching the ip
connecting to it. If it was a known AV hunting site, regular content
was served up. If ip was not in the database, it would try and push
out malware. That means AV vendors have a harder time getting it for
their product to detect it.
Saw an article where a couple was selling some malware for a year before the
AV crowd received a copy to look at.
Some malware goes after the AV software on the system and makes it
skip reporting it. Malware count crossed 600,000 quite awhile back.
Some AV vendors are dropping signatures for old malware to keep
performance up on their product. :(
You say you play safe hex on the internet and try to stay on safe
sites. Here http://sla.ckers.org/forum/read.php?3,44, click Last and
work backwards to see the kinds of sites with known exploits.
Bank of India was cracked not long ago and was serving up malware.
Pfizer had been cracked for 6 months.
Check out http://research.eeye.com/html/alerts/zeroday/index.html for
software with known exploits.
Some other links to give you a warm feeling about AV software.
http://isc.sans.org/diary.php?date=2006-06-06&isc=8569abaed05ac39b12e7de2e7865e3a0
http://isc.sans.org/diary.php?storyid=1334
http://www.it-observer.com/articles/1135/state_spyware/
http://isc.sans.org/diary.php?storyid=1335
http://www.cio.com/blog_view.html?CID=23011
http://theinquirer.net/default.aspx?article=33061
http://www.theregister.co.uk/2006/10/15/targeted_trojan_attacks_on_the_rise/
http://www.av-comparatives.org/seiten/ergebnisse_2007_05.php
http://www.av-comparatives.org/seiten/ergebnisse_2007_02.php
http://blogs.zdnet.com/security/?p=475
My solution, quit using Micro$not and run linux.
.
- Follow-Ups:
- Re: Reboot And Modem Speed..
- From: JD
- Re: Reboot And Modem Speed..
- References:
- Reboot And Modem Speed..
- From: JD
- Re: Reboot And Modem Speed..
- From: JD
- Re: Reboot And Modem Speed..
- From: JD
- Re: Reboot And Modem Speed..
- From: JD
- Re: Reboot And Modem Speed..
- From: Bit Twister
- Re: Reboot And Modem Speed..
- From: JD
- Reboot And Modem Speed..
- Prev by Date: Re: Reboot And Modem Speed..
- Next by Date: Re: Reboot And Modem Speed..
- Previous by thread: Re: Reboot And Modem Speed..
- Next by thread: Re: Reboot And Modem Speed..
- Index(es):
Relevant Pages
|
|
