-
November 28th, 2005, 01:01 PM
#11
There are a number of ways spywares can get into your pc.
1) Bundled with legit softwares - be careful with this, always check out the EULA if it mentions anything about an "additional 3rd party component". Usually thats all they need to waver off any complains.. coz you agreed to the EULA.
2) Downloaders & Droppers - malwares also download and drop different kinds of other malware or variants of itself. Just coz you let one file in, doesnt mean it wont be 50 within minuts.
3) Drive-By - this is the hardest one to avoid, as it infects you while you are surfing a website or such. Usually a link is scripted to take u to the page that you clicked and at thesame time download a tiny malware that will either download or drop other components.
4) ActX, Java, Web Scripts - I think this also comes down as Drive-By's, only difference is in some cases u are informed of a download, or request for authorization. Only difference with Drive-By is that in Drive-By's it totally happens in the background.
5) Missleading files/apps - some malware do pretend to be something legit looking. ie. a "tool" that does cool things like gives u "faster" internet speed, or gives us some monitoring gadgets so u can monitor ur pc's activities, and such.
So to protect urself,
1) Be weary on what u downlaod or click on... or sites you visit.
2) Get some decent firewall, be weary on what application is openning connection to ur pc.
3) Get some Anti-Spyware and AV
4) Make sure that NO file is hidden from you. Try to view as much as you can.
5) Make image backups (if you have this privilage). ie. ghost images.
6) Keep yourself informed on the latest threats
7) Get yourself familiarized with your files and registry so you would know what to look for.
8) There are some great tools out there like HijackThis, Proccess Explorer, TCPView, RegMon, FileMon, IceSword, RootkitRevealer. (IceSword is good, nothing can hide from it, even rootkits)
I hope this would be enuff... I know there is more to say, but this is all i can think of for now.
-
November 29th, 2005, 12:30 AM
#12
prevention
preventing spyware is very simple. I am an expert on this and I know what I am talking about.
1.) changing browers is not necessary. Explorer works fine if you know how to use it.
2.) using a ad blocker that blocks java scripts is rule 1 . I use ad subtract pro 2.55 and it blocks ads, popups, java scripts, etc etc.
3.) when visiting suspect pages turn off actice-x scripts in ur IE settings. jus disable them in ur security settings.
4.) the only bundled software i ever got spyware from was screen savers. so watch out for those. well also download accelerator had sum but nothing major.
5.) firewalls r useless for personal use unless ur in an office using an ethernet intranet networking system then firewalls serve their intended purpose. zone alarm is such a farce making money off people who believe that firewalls help their security. whatta laugh whatta scam.
from here on out is easy sailing...
oh yeah update ur security updates in ur windows updates that will help.
-
November 29th, 2005, 06:06 PM
#13
Re: prevention
Erm...I have a few comments about this 'experts' post...
Originally posted here by isle_of_infamy
3.) when visiting suspect pages turn off actice-x scripts in ur IE settings. jus disable them in ur security settings.
So you are leaving JAVA turned on? Hrm, not a good idea...that should be shut off as well.
4.) the only bundled software i ever got spyware from was screen savers. so watch out for those. well also download accelerator had sum but nothing major.
This is not true and a dangerous comment for the newbies to read. Screen savers are NOT the only software that could infect you with spyware...ever hear of 'HELPER TOOLBARS' like HotBar? That's choke full of spyware. Not to mention all the shareware that's been bundled with trojans and alike malware.
5.) firewalls r useless for personal use unless ur in an office using an ethernet intranet networking system then firewalls serve their intended purpose.
What in the heck are you talking about? This is another dangerous comment. A firewall at your Internet border and/or at least on the computer itself is mandatory in order to keep at the least the basic worms from scanning and infecting you (course you need to be fully patched too). I AGREE that firewalls alone are not the right approach...defense in depth is required. This could be in the form of:
* Hardened operating system (only needed services enabled for example)
* Fully up-to-date with patches
* Up-to-date antivirus running
* Firewall installed (software on computer or at least at Internet border of network)
* Run web browsers using non-admin accounts and/or privileges
* Locked down web browser settings
* Intrusion Prevention System software like Prevx (no, I dont work for them), etc.
oh yeah update ur security updates in ur windows updates that will help.
Now that I agree with. :-)
-
November 30th, 2005, 05:22 PM
#14
I realize this may be a bit off track, but I have a question here.
Originally posted here by DocSkurlock
Use firefox instead of internet explorer.
I can agree that Firefox is safer than IE... for now. Isnt the biggest reason IE is so unsafe at this time due to the fact that most of the world uses it? If I'm a malicous user and want to drop spyware, I am going to do it for IE, that would be my best chance of success.
If we all start switching to Firefox, (or any other borwser for that matter) sooner or later, they hackers will evolve to attack that as well!
Realistically, there is not a solution that is a sure fix. At best, switiching to Firefox will provide you with a temporary solution.
If you know the enemy and know yourself, you need not fear the result of a hundred battles. If you know yourself but not the enemy, for every victory gained you will also suffer a defeat. If you know neither the enemy nor yourself, you will succumb in every battle.
- Sun Tzu, The Art of War
http://tazforum.**********.com/
-
November 30th, 2005, 05:58 PM
#15
A bit OT but a valid question.
It's true that some of IE's problems are due to it's popularity. It is the main browser of choice and that makes it the prime target for those who produce spyware/malware.
Its not quite that straightforward though. IE's use of ActiveX allows website to carry out actions deep within windows ,such as install software. Its tight integration within the windows OS also means that vulnerabilities within IE can allow more access within the OS than a vulnerability within an application that is not so ties to the OS.
Now Firefox benefits from not being the prime target but that benefit is dissapearing as FF becomes more popular. Firefox does not use ActiveX and is not tied to the OS in the same way as IE.
This is not to say FF is perfect it has vulnerabilities as well but these do tend to be fixed quickly and in general present less risk than many IE vulnerabilities.
In addition many (including myself) have the opinion that FF is simply a better browser then IE from a ausers point of view.
IE can be secured (I think Catch defends that point strongly) but I think that out the box for an average user FF will provide more security than IE.
<edited> for criminal abuse of the '
-
December 2nd, 2005, 11:45 PM
#16
I agree with you that most users just be better off using FF until they know how to secure their own settings.
Sadly, there may not ever be a fool-proof way to secure ourselves from Spyware and keep the functionality of today's Interet.
-Deeboe
If you know the enemy and know yourself, you need not fear the result of a hundred battles. If you know yourself but not the enemy, for every victory gained you will also suffer a defeat. If you know neither the enemy nor yourself, you will succumb in every battle.
- Sun Tzu, The Art of War
http://tazforum.**********.com/
-
December 3rd, 2005, 09:21 PM
#17
good points
So you are leaving JAVA turned on? Hrm, not a good idea...that should be shut off as well.
if u read my post with closer attention span you would see i included java in point number 2 .
This is not true and a dangerous comment for the newbies to read. Screen savers are NOT the only software that could infect you with spyware...ever hear of 'HELPER TOOLBARS' like HotBar?
how is it a dangerous comment i think ur over reacting jus a tad because we both know that it is atleast half true. as far as tool bars go your not gonna get those if you're blocking java scripts or active x scripts so they are already covered. tools bars in bundled software can be eliminated easil;y with hijack this ur going out on a limb seemingly to make points from right field...
What in the heck are you talking about? This is another dangerous comment. A firewall at your Internet border and/or at least on the computer itself is mandatory in order to keep at the least the basic worms from scanning and infecting you
but if u don't have worms to begin with what the hell good is it ? firewalls are worthless for protecting u against worms and viruses a good hacker can exploit them with utmost ease ok and if you're smart enough to monitor your ports you can see which ones are open that may be a potential trojan threat and knowing that combined with a trojan/spyware cleaner I am pretty certain that it can be cleaned. firewalls won't clean your system I can tell you that much, and they won't protect you from a good hacker neither. worthless dung...
on the flip side; you all make good points of some I may have forgotten to include. thanks for feedback.
-
December 3rd, 2005, 10:58 PM
#18
I don't think you know what a worm is ...
Do you remember the infamous blaster worm? That could have been easily blocked by setting your firewall to block certain ports... So I'd say firewalls definitly have their purposes...
-
December 5th, 2005, 05:31 AM
#19
worm
if i had a worm i wouldn't be on the internet to begin with i'd be cleaning it off my system.
-
December 5th, 2005, 06:20 AM
#20
just reading through and thought i'd comment on a few things people have misconceptions on.
there is no need for ad blocking software, operating systems come with a very good ad blocker built in. its called the hosts file.
furthermore, java and javascript are not the same thing, java.sun.com will explain what java is. although both share the prefix java, they have very little in common from there.
anti-virus is a very good idea for the average home user. downloading anything off the internet nowadays is a risk. why not have a program warn before you unknowingly use an exectuable that will run havoc on your computer. the common complaint that anti-virus software eats up resources is very far fetched. modern computers come with such high-end processors and amounts of ram that anti-virus program will make little if no difference to the average user. furthermore, most anti-virus programs are now able to detect, warn, and stop you before you harm your computer. why give up that layer of security when it is available to you?
firewalls, although they recieve very harsh criticism on this site, are very helpful to the average computer user. having a firewall running during the many wild virus rampages these past few years would've saved many users many hours of worrying and removal.
monitoring your ports does little if a service or program using a trusted port is flawed. most virii don't attack discrete ports, they attack common services and then are spread using unknown or obscure ports. i can sit at my computer all day watching ethereal and running netstat, but if my version of apache is vulnerable to buffer overloads, what good does it do?
to the confused soul who said s/he would not be online if s/he were infected with a worm; then where would you figure out how to remove the worm? the internet is a very good resource for removing virii, companies such as symantec and mcafee spend enormous amounts of money helping users learn how to remove virii, why would you not use them when they are available?
but the truth is that securing yourself online is learning more and more about the tools available to you and the truths of security rather than mangled opinions over which browser is more secure when in reality, security is created by the user.
:-)
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|