Security

Albert wrote:
> Albert wrote:
>> I've just installed XP and need to surf the web. Do I need to install
>> anything?
>
> To sum up, I need to _install_:
>
> 1. Erunt (use before installing anything)
> 2. NOD32 or Symantec Client Security or Avast (updating everyday)

I believe SCS is no longer offered. SAV Corp Edition v10.2 & $36 per
seat is giving way to Symantec End Point Protection v11.0 soon.

Avira AntiVir Personal (Freeware)

> 3. NTREGOPT
> 4. Acronis True Image
> 5. SAS
> 6. MAM full for IP blocking

You probably meant MBAM.

> 7. Sunbelt
> 8. WinPatrol 2009
> 9. InstallSpy
> 10. SyncBank Freeware
> 11. A HOST file

You probably meant HOSTS not HOST

> 12. Fingerprint
> 13. Spybot - don't use TeaTimer
> 14. Mixmaster
> 15. Mail2news gateway
>
> 15 things!!!

16. Would you like the best tool for rootkit detection & remediation?

GMER: <http://www.gmer.net/#files> (Freeware)

>
> [pause]
>
> What if I wanted to allow malware to wreak havoc on my computer since
> there's nothing important there but _make sure_ I don't send out
> private, personal, important etc. information?

How would you answer your own question if someone asked you if it's OK
to provide a home for mailbots, spambots, Conficker, malware bots,
etc? What's the name of this newsgroup Albert?

Have all of us wasted our time here Albert? I sincerely hope not.

--
1PW

1PW

"nemo_outis" <> wrote in
news:Xns9C8A667F45DBpqwertyu@69.16.185.247:

....
> But sadly, risk management seldom achieves the holy grail of risk
> elimination.
>
> Ain't life a bitch?
>

Before I transmit my rampant privacy paranoia to you, perhaps it might
help to get a little perspective on risk. The internet is overblown!

Life is a risky business - no one gets out alive!

The most dangerous thing I do (or did) was drive to work every day. The
internet is trivial by comparison.

As for the internet, say, stealing your credit card numbers, consider
this:

I have often gone out for dinner with friends, ate and drunk my fill, and
finally blithely handed my credit card to the waiter (whom I don't know
from Adam) who disappeared in the back for a few minutes before coming
back with the bill for me to sign. He could have gotten everything there
was to get from my card in terms of info if he was so inclined. And I
didn't worry about it. Mostly I worry even less for the internet.

Yes, I take precautions, but I don't obsess about them.

Regards,

PS For instance, if you are worried about internet leakage of sensitive
personal info, you could do the following: Have two computers, one for
"ordinary" surfing including some high-risk surfing (porn, warez, etc.)
and a completely separate system (air gap to other one) for sensitive
surfing (online banking, etc.) Or, if you can't afford this, then
approximate it with two virtual machines for low and high risk surfing
(each could be as simple as, say, JanusVM).

I don't do this, but it's not because I don't know how. I know that I
won't put up with the PITA of adhering to the protocol (less charitably
you could say I lack the self-discipline to do so).

I will even tell you that I DON'T use a antivirus full time (I scan
selectively). Why? Because the totality of my protections coupled with
my risk exposure doesn't require it. Anti-virus programs (even the best
using their super-duper heuristics) aren't worth **** except against OLD
exploits and script-kiddie variants (although there's lots of that out
there). Any good virus writer TESTS his new virus against all the major
antivirus programs before issuing it. Anti-virus makers are always
playing catchup. Their brag is that they stop, say, 99.4% of the viruses
out there, but what they don't tell you is that it's the residual 0.6%
hot new ones that only have to be unstoppable for a day or two to do
their work that always get by.

I am reminded of certain folks I know in the "recreational
pharmaceuticals" business who adopt parallel measures. Some for instance
have their own kennels of highly trained sniffer dogs (not overworked
ones like customs) The product doesn't ship until it passes the Fido
sniff test - with multiple dogs! And so with good virus writers.

nemo_outis

On Thu, 17 Sep 2009 21:11:44 -0500, (Todd H.)
wrote:


>
>av-comparatives.org tests antivirus software. Eset's NOD32 is a
>worthy combination of fast performance and strong signature based and
>heuristic based malware detection.

He can do better than NOD32.

Here for his perusal is the latest Virus Bulletin AV tests.

http://www.virusbtn.com/news/2008/09_02

as;dl@dasfkjl.com

On Thu, 17 Sep 2009 23:59:31 -0700 (PDT), Albert
<> wrote:


>What if I wanted to allow malware to wreak havoc on my computer since
>there's nothing important there but _make sure_ I don't send out
>private, personal, important etc. information?

You don't seem to understand the situation. If you "allow" the above
to happen, you will be sending out viruses, trojans, all types of
malware, because your machine will probably turned into a 'bot' by
some of that malware. You will not only be responsible for infecting
god knows how many other machines, but if your ISP has a half of a
brain, you'll end up tossed from their system.

How can you say "...there's nothing important there..." and then say
you're worried sending out "...private, personal, important etc.
information?"

You need an education in exactly what can happen to an infected
machine. An infected machine can end up little else than a doorstop.
There are a myriad of scenarios as to what happens to an infected
machine. You *really* need a general, basic education on the subject.

as;dl@dasfkjl.com

as; wrote:
> On Thu, 17 Sep 2009 21:11:44 -0500, (Todd H.)
> wrote:
>
>
>> av-comparatives.org tests antivirus software. Eset's NOD32 is a
>> worthy combination of fast performance and strong signature based and
>> heuristic based malware detection.
>
> He can do better than NOD32.
>
> Here for his perusal is the latest Virus Bulletin AV tests.
>
> http://www.virusbtn.com/news/2008/09_02

Also:

<http://www.virusbtn.com/vb100/rap-index.xml>


--
1PW

1PW

as;d...@dasfkjl.com wrote:
> How can you say "...there's nothing important there..." and then say
> you're worried sending out "...private, personal, important etc.
> information?"

I don't want my email account or any other account that I've set up
for forms hacked into. If I ever purchase from ebay or amazon, I don't
want my details made available to people. Information need not be
stored on a hard drive.

Albert

Albert wrote:
> as;d...@dasfkjl.com wrote:
>> How can you say "...there's nothing important there..." and then say
>> you're worried sending out "...private, personal, important etc.
>> information?"
>
> I don't want my email account or any other account that I've set up
> for forms hacked into. If I ever purchase from ebay or amazon, I don't
> want my details made available to people. Information need not be
> stored on a hard drive.

Start on your list of 16. The list will probably "improve".

HTH

--
1PW

1PW

1PW wrote:
> <snip _top-post_>
> > What if I wanted to allow malware to wreak havoc on my computer since
> > there's nothing important there but _make sure_ I don't send out
> > private, personal, important etc. information?
>
> How would you answer your own question if someone asked you if it's OK
> to provide a home for mailbots, spambots, Conficker, malware bots,
> etc?

I apologise for asking that question. I didn't think that malware went
into one system and used _that_ system to spread to other systems. I
hadn't realised that making one's system less secure can affect other
people's security. Alright - so my new goal is to minimise the risk of
getting malware on my laptop so that others have less of a chance of
getting the same malware

> What's the name of this newsgroup Albert?

alt.computer.security

Albert

From: "~BD~" <>


| However, have you considered that your BIOS may have been/could be infected?
| A whole new ball-game!

| Some may wish to review here:
| http://www.phrack.org/issues.html?issue=66&id=7

| An interesting subject - ask Google!

| HTH

| --
| Dave


Pure FUD.

The BIOS is NOT infected and should not be considered tobe infected or become possibly
infected!

--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp

David H. Lipman

Albert wrote:
> I've just installed XP and need to surf the web. Do I need to install
> anything?

Now let's stop thinking about this until notified otherwise.

I also have a remaster of PCLinuxOS installed. If I plan to use this
for anything related to the internet and XP for everything else, what
do I need to install on the linux distro?

Albert