Re: Identity P/W and Security question
From: Frode (news_at_mascot.REMOVETOREPLY.dyndns.org)
Date: 08/30/03
- Next message: remove/valid: "Re: Best Kept Secrets"
- Previous message: Snake Plissken: "Re: Security, Hacking, Encryption, Programming and Various other links [LONG]"
- In reply to: mto: "Re: Identity P/W and Security question"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sat, 30 Aug 2003 12:35:14 +0200
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
mto wrote:
> I wasn't actually referring to virii but to various and sundry
> spyware/malware programs that seem to be pretty prevalent lately as
> driveby downloads even at prominent sites (maybe I should say especially
> at prominent sites) that download, install and execute completely behind
> the scenes and without permission.
Strange. I regularly surf a lot of the larger US news sites without ever
having such a thing happen to me. Even when surfing the more seedy places
on the net I've never had anything install without IE popping up a dialog
asking me if I wish to allow it to happen or not. I run Spybot once in a
while to be on the safe side but never had it find a single piece of
malware apart from Gator which I've left the registry entries for to keep
DivX working (the Gator itself is disabled).
> I've found Avenue A a frequent
> offender at msnbc over the last several months - luckily Spybot S&D
> halted the download of that each time.
If it's not too much hassle, drop me an URL if you're able to isolate one
at some point. I'm curious about this issue and whether it'd blast straight
onto my disk as it apparently does on yours.
> During the same period my
> daughter (casual user much as you describe your family, new computer)
> managed to pick up so many BHO's (including a porn tool bar) that the
> browser window on a 21 inch monitor provided a 3 inch high viewing area
> and two different dialers that ran up phone bills in the many hundreds of
> dollars.
My sister has several kids surfing like nuts and the only thing I've ever
had to clean off her machine has been a toolbar that it turned out one of
her daughters had installed. I've never once seen or heard of this behavior
before so I'm very curious about a URL so I can check it out. Now that I
think about it, I've had Norton Antivirus at times block files about to
execute that would've exploited unfixed IE holes so that could be a way in
for those not running antivirus I guess. I've never had that happen on
"serious" sites though and extremely rarely on any category of sites. I've
read warnings of the dialer programs before and the remedy has always been
listed as "if infected, run xxx to remove it. If not infected, be very sure
before you click 'yes' on anything that pops up to avoid infection" so an
autoinstaller version of that too would be interesting.
> virii department. Tracking down where your F11 key went or why you
> suddenly get dragged off to some page you've never seen is a little more
> of a problem.
Not one I've ever had. Although allowing popups can pop up windows all over
the place of course, including ones going fullscreen and refusing to back
down without killing the task of the originating window etc. Not something
I've ever had happen to me on anything but seedy sites either and never
after installing a popup killer
>> Ah, you're more picky than me then. I don't care about an ad in the
>> margin of the window and stuff like that.
> More likely the difference is that you are on an adsl line and I live in
> an area where that is not available and so I function on a dialup. You
> likely never notice just exactly how long those 12 ads on a typical msnbc
> page take to load but I most definitely do :)
Indeed. I count myself lucky not to be bandwidth challenged. I pay next to
nothing for my 2mbit due to a corporate deal. The only bad thing is it
becomes an addiction. I wouldn't even consider buying a house now unless it
was in a broadband enabled area.
>> A few hundred million internet users would likely disagree. I have a
>> hardware firewall that came with my adsl subscription so I don't run one
>> on my main box,
> AHHHH - but if you had NOT gotten that hardware firewall with your adsl,
> would you then feel perfectly safe with just the XP firewall, the Google
> toolbar and a virusscanner? Bet not :)
Actually, yes. In fact I did run with it as the only protection for a short
while (a week or two). If the need should arise again I would probably take
the time to run a few portscans and actually verify that MS hasn't decided
to let a few select ports through though. The only thing the XP firewall
doesn't do that my hardware firewall now does (and my Linux one in the past
did) is allow me to setup forwarding rules that I require. In other words,
it allows me to reduce the security. If I didn't need that it would be just
fine. For the family members though I prefer installing something that
alerts of outgoing port usage as well. That way they call me right away if
something odd starts happening so I can clean them out before the box is so
mucked up I have to spend an evening reinstalling. Adding the spybot
immunization process to the list of to-dos for the family might be an idea
though, just in case. They just love to click "yes" to way too much.
- --
Frode
-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0.2
iQA/AwUBP1B94OXlGBWTt1afEQKylQCg5+ja3eNYmEkJyLX/tyw8IrDkZPkAoIpW
WJYDly/AmFQVru2NPTxTnb/3
=mdlg
-----END PGP SIGNATURE-----
- Next message: remove/valid: "Re: Best Kept Secrets"
- Previous message: Snake Plissken: "Re: Security, Hacking, Encryption, Programming and Various other links [LONG]"
- In reply to: mto: "Re: Identity P/W and Security question"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
