How do you get infected?

[Lucifers_Ghost]

Sleep with disease infested hookers.

Oh .. on the computer? My bad ........

[mats.hogberg]

You can get infected by doing nothing. A few years ago, a Swedish PC mag did a test. Fresh XP install, hooked the computer up to the Internet. Waited. Within 5 minutes, it had been infected. I think this was in the Blaster virus days.

/Mats

[lordsmurf]

You can get infected by doing nothing. A few years ago, a Swedish PC mag did a test. Fresh XP install, hooked the computer up to the Internet. Waited. Within 5 minutes, it had been infected. I think this was in the Blaster virus days.
/Mats

That sounds hinky and I just don't believe it.

[TBoneit]

No it is true. Back in the day the Blaster Virus could infect a Win2K or Xp computer that was not up to date and hooked up to the internet.

We made some money cleaning the blaster worm out and doing the updates. You could always tell if you had caught the blaster worm since once you hooke dup the computer to the internet it would give a windows shutting down in five minutes message and shut down. Stay off of the Internet and it would run forever.

[jman98]

You can get infected by doing nothing. A few years ago, a Swedish PC mag did a test. Fresh XP install, hooked the computer up to the Internet. Waited. Within 5 minutes, it had been infected. I think this was in the Blaster virus days.
/Mats

That sounds hinky and I just don't believe it.

slashdot.com has in the past had articles about similar studies, including one that the Washington Post ran. The bottom line is that any Windows box (prior to Vista at least) that wasn't running a firewould WOULD be compromised within 20 minutes tops of being put on the internet.

[fLYtRap]

You can get infected by doing nothing. A few years ago, a Swedish PC mag did a test. Fresh XP install, hooked the computer up to the Internet. Waited. Within 5 minutes, it had been infected. I think this was in the Blaster virus days.

/Mats

That's true, moreover I just re-installed Windows and before I got connected to the Internet I run a spyware program and to my surprise I found 3 Alexa related tracking cookies - how about that

[Dv8ted2]

You can get infected by doing nothing. A few years ago, a Swedish PC mag did a test. Fresh XP install, hooked the computer up to the Internet. Waited. Within 5 minutes, it had been infected. I think this was in the Blaster virus days.
/Mats

That sounds hinky and I just don't believe it.

I can attest to the fact that it is true. It happened to my in laws. It was before SP2, because the firewall was disabled by default back then. It got infected while trying to get the updates from Microsoft.

[SCDVD]

There were two facets to this problem. No firewall AND open ports. There were evil doers who did automated IP scans looking for open ports. When it found an IP address that answered when it said hello, it shoved a piece of malware up its open port so to speak. If and how long it took to get hammered was random luck / bad luck.

[betamaxman]

As far as firewalls go, I see some talking of being behind a router and running a firewall. If you have a router than a software firewall is not needed. Anyway one main reason OSX and linux may be more secure is that most do not run them as admin as I would guess most all windows users do.
A nice antispyware manager app I have come across and use is hitman pro.

[Nelson37]

Most people's experience is similar to the OP, certain they have not caught anything because they have not looked for it. Just make the effort to look and how many has he found, five counting the cookies?

Staying away from "unsafe" areas helps but is by no means secure. One of my customers caught a virus by paying his well-known oil company credit card. The HD had just been replaced and he went on a long trip, booting only long enough to pay the card and shutting down and leaving. upon his return system never got back on line. Several hours messing with Dell and he called us, problem solved in less than one hour. I forget the virus name, it was a fairly common one.

Avoiding viruses is like avoiding panhandlers, they are everywhere and ignoring them does not make them go away.

Nat on the router, AVG, Spybot, Hijack, registry and activity monitoring, something no one has mentioned is cleaning both the Windows and User Temp directories, many crapware hide here and there are other performance benefits as well.

The real key is to know how your system should respond and being aware when something changes.

By far the biggest danger is teenagers. Mine do not touch my PC, that is why they have their own. My worst case ever was a doc with two teenage boys, how can I say it the doc and his wife were not shy and into photography, wife an absolute stunner and appeared to be all natural. Anyways, these kids had 80,000 spyware infections, that is eight-zero thousand. The scan and clean took slightly over 24 hours. Many of my spyware cases come after there have been "guests" in the home which included a teenager. For customers with one in the family, if the PC is business use I recommend either keep the kid off, get him or her their own PC, or be prepared to have the machine unavailable for business use.

[redwudz]

But I find it much easier to set up a software firewall than to try to program my routers advanced firewall capabilities. The router does some blocking, mostly of problem ports and it does block internet access for my servers. I also have several computers on my LAN, and they have different reasons to access the net, so need different security settings.

And my router doesn't do much of anything to block outgoing packets and that's where my software firewall really excels. If malware can't 'phone home', it has much less effect on my system if it gets entry to my setup in the first place.

In my experience, if the different anti-malware systems don't interfere with each other, they're all useful.

[isogonic]

you have a router than a software firewall is not needed

the software firewall is for outbound traffic. stuff that likes to phone home for whatever reason, or for trojans. a firewall will not protect you from downloading and installing malware, only (should) alert you to one leaving your computer, in which case its already on your computer.

of course understanding and using a software firewall requires some thinking on the users part. most people just click right thru the prompts. alot of malware can launch other window components to use a connection causing even more confusion for the user. before you know it your loaded with malware despite all that anti this and that software you have installed. No amount of software can save you (from yourself.)

so you get it all cleaned up then contniue the same habits or bad decsions and pretty soon you have it again.

[fLYtRap]

you have a router than a software firewall is not needed

the software firewall is for outbound traffic. stuff that likes to phone home for whatever reason, or for trojans. a firewall will not protect you from downloading and installing malware, only (should) alert you to one leaving your computer, in which case its already on your computer.

of course understanding and using a software firewall requires some thinking on the users part. most people just click right thru the prompts. alot of malware can launch other window components to use a connection causing even more confusion for the user. before you know it your loaded with malware despite all that anti this and that software you have installed. No amount of software can save you (from yourself.)

so you get it all cleaned up then continue the same habits or bad decisions and pretty soon you have it again.

I think you are a little bit wrong here. Firewall is not only for outbound traffic but also for inbound. A good one like for example Jetico or ZoneAlarm will give you alert when a Windows program is opening in a hidden window for example or writes or injects. Than if you are not sure whether its a hacker or your own system you can deny and further investigate. You don't really want to wait for malware and Trojans to be installed and blocking them from calling home, that doesn't make to much sense. If you tweak your browser correctly no malware or Trojans will get through it. For example if a malware comes with a cookie and your browser is set to block or prompt than you will no what is coming. The same apply for running programs in ActiveX, scripts or opening in IFRAME. When you understand how the infection gets on your machine than you know how to prevent from doing it in the first place. At least this is what I have learned in the past 2 weeks or so. 8)

One more thing that just came to my mind is that some malware or other infections like viruses don't ever "call home". Some of them just gets on your computer to destroy it...just like that for fun.

[gadgetguy]

you have a router than a software firewall is not needed

the software firewall is for outbound traffic. stuff that likes to phone home for whatever reason, or for trojans. a firewall will not protect you from downloading and installing malware, only (should) alert you to one leaving your computer, in which case its already on your computer.

of course understanding and using a software firewall requires some thinking on the users part. most people just click right thru the prompts. alot of malware can launch other window components to use a connection causing even more confusion for the user. before you know it your loaded with malware despite all that anti this and that software you have installed. No amount of software can save you (from yourself.)

so you get it all cleaned up then continue the same habits or bad decisions and pretty soon you have it again.

I think you are a little bit wrong here. Firewall is not only for outbound traffic but also for inbound...

He's not wrong in the context of the discussion. Yes, Firewall software is for both inbound and outbound use, but when you are behind a properly configured router you are invisible to attack. No one from the outside can establish a connection to your computer to upload anything without you initiating it first which renders the protection from inbound traffic meaningless. This is why betamaxman considered firewall software behind a router superfluous and why isogonic correctly identified why it is not.

[fLYtRap]

you have a router than a software firewall is not needed

I think you are a little bit wrong here. Firewall is not only for outbound traffic but also for inbound...

He's not wrong in the context of the discussion. Yes, Firewall software is for both inbound and outbound use, but when you are behind a properly configured router you are invisible to attack. No one from the outside can establish a connection to your computer to upload anything without you initiating it first which renders the protection from inbound traffic meaningless. This is why betamaxman considered firewall software behind a router superfluous and why isogonic correctly identified why it is not.

You took this sentence out of the contest. I didn't said that he was wrong only about a firewall being for an outbound connection...

[gadgetguy]

I didn't mean to take the sentence out of "contest", I just didn't think it was necessary to quote the whole thing over again so let me be clear, you are wrong (about him being wrong). A hacker cannot access your computer if it's behind a properly configured router unless you or something on your computer initiates the connection. A firewall can not stop you from downloading malware. It can and should warn you if that malware tries to access the internet. From your example, if a Windows program is opening a hidden window to access the internet, that is the type of outbound traffic isogonic was talking about. If you access a website that exploits a vulnerability in your browser, the firewall can not stop it from installing the malware, but it can warn you and stop it if it tries to "phone home".
Then you went on and discussed tweaking your browser which while certainly on topic for the thread, has nothing to do with what isogonic said, much less demonstrate any part of it that was wrong (even a little bit), since he was only talking about firewalls and routers. If anything, it reinforces what he said about people needing to learn how to use the software correctly.

Anti-Virus and Anti-Malware software can prevent most instances of virus/malware from being installed, but the firewall can't. That's why you need a full suite of products (not necessarily from the same vendor), to combat infection.

[fLYtRap]

If you access a website that exploits a vulnerability in your browser, the firewall can not stop it from installing the malware, but it can warn you and stop it if it tries to "phone home".

Not let me take some of yours out of contest because you obviously haven't read my reply carefully.
That is exactly what I was referring to. If you have your browser tweaked correctly a web site can not exploit a vulnerability in it

Results like that + a good firewall and anti-virus and you are OK.

http://bcheck.scanit.be

[gadgetguy]

I did read your post, and again you are wrong. You cannot protect against a vulnerability that hasn't yet been patched by the developers no matter how up to date or "tweaked" your browser is. Much like there is period of vulnerability every time a new virus comes out before the anti-virus developers can provide protection. Until a vulnerability has been discovered, it can't be closed and if the one who discovers it first is the malware pusher, some will get infected before the vulnerable area is closed.
There is always a chance of becoming infected, but by adopting good practices, learning how to use security/privacy tools, and keeping all of your protection software up to date you significantly reduce that chance.

BTW the term is CONTEXT not contest.

[fLYtRap]

BTW the term is CONTEXT not contest.

So now are we mowing to the contest of check spelling

BTW the word "internet" from your previous post starts with a capital letter -> Internet

I know that risk of getting infected is high even when everything is up to date and running. All it takes is to for example go to Astalavista.

[gadgetguy]

So, in what way was isogonic wrong?
Which if you recall is what I took exception with.

[fLYtRap]

I think I explained this already.
Perhaps someone else can do this better...

[gadgetguy]

I have disputed your explanation as being incorrect. You seem to have agreed with me by saying:

I know that risk of getting infected is high even when everything is up to date and running. All it takes is to for example go to Astalavista.

What else is there to explain? Isogonic was not wrong and you owe him an apology.


As for your consistant misuse of the word contest instead of context, I tried to correct you in a subtle way by enclosing it in quotes. You obviously didn't get the hint so I made it more overt. This is a case of my trying to help you communicate better since the two words mean very different things.

So now are we mowing to the contest of check spelling

This response indicates that I wasted my time. A word of advice: If you want to challenge someone on spelling or grammar you need to at least start with a coherent sentence.

[fLYtRap]

What else is there to explain? Isogonic was not wrong and you owe him an apology.

Perhaps we should let him decide whether I owe him apology or not

[fLYtRap]

[quote="gadgetguy"]I have disputed your explanation as being incorrect. You seem to have agreed with me by saying:

I know that risk of getting infected is high even when everything is up to date and running. All it takes is to for example go to Astalavista.

BTW ...I have not agree with you on anything...I just wanted to end this nonsense and you are keep bringing it up...

bring it

[betamaxman]

Back to software firewalls, if I may.
Many malware apps these days are quite adapt at fooling firewalls screening outbound traffic, especially the free ones most people will use. I also find them to aggressive in their bonding to windows. The net is full of people trying to uninstall this or that firewall. Especially that wounder full 360% product.

Any way open a cmd terminal and run 'netstat' once in a while after booting up and you will get a much better picture of out bound traffic than any software firewall. IMO..

[gadgetguy]

Unfortunately, you are correct that many of the available firewall programs (commercial or free) don't do a good job. The best information I have found on this subject can be found at Steve Gibson's site. Click here

[fLYtRap]

Any way open a cmd terminal and run 'netstat' once in a while after booting up and you will get a much better picture of out bound traffic than any software firewall. IMO..

So, what do you suggest to do with any established connection that will be found in netstat?

Never mind that question I already figure it out 8)

There are whole bunch of programs that shows all connections with options to terminate them or close open ports, among them AntiTrojan, AutoRuns and ActivePorts.

It is a nice feeling to be able to cut someone off

[Dv8ted2]

Any way open a cmd terminal and run 'netstat' once in a while after booting up and you will get a much better picture of out bound traffic than any software firewall. IMO..

So, what do you suggest to do with any established connection that will be found in netstat?

Never mind that question I already figure it out 8)

There are whole bunch of programs that shows all connections with options to terminate them or close open ports, among them AntiTrojan, AutoRuns and ActivePorts.

It is a nice feeling to be able to cut someone off

Gee, for someone who was playing with fire by not using an antivirus program and unknowingly infected, you seem to be talking smack. :P

Let's play nice :P , or you will have to take a five yard penalty and punt.

People usually need more than a firewall. A firewall can only do so much. You realistically need a combination of an IDS, multiple firewalls, and antivirus clients to be somewhat safe, but the human equation still falls into this. All the protection in the world does no good if you open strange attachments, keep open ports, have unpatched holes in the operating system.

[fLYtRap]

Gee, for someone who was playing with fire by not using an antivirus program and unknowingly infected, you seem to be talking smack. :P

Let's play nice :P , or you will have to take a five yard penalty and punt.

People usually need more than a firewall. A firewall can only do so much. You realistically need a combination of an IDS, a multiple firewalls, and antivirus clients to be somewhat safe, but the human equation still falls into this. All the protection in the world does no good if you open strange attachments, keep open ports, have unpatched holes in the operating system.

I am ready to go to war with all the hackers in the world

Anyways I found out that I have about 10 ports open all the time, regardless the fact that am currently running 4 firewalls Plus I notice that every time I am connected to someone (a web site or network) that port is open to, so I am really not sure yet how to deal with that. For now I just disconnect those they I fell like they shouldn't be connected, like for example some network company from Amsterdam...why would they be looking in my PC

[fLYtRap]

One thing you can do to roam the dark alleys is create a ultimate boot CD, Disconnect the hard drives, boot off of the CD. Use a flash drive for storage. Malware can't install to a read only CD.

Darn good way to slow down a fast computer but safest way.

Some of these sites clicking Yes or No doesn't matter they both mean yes!

That is kinda intresting How do you create a bootable CD with XP on it?

This is the one I tested was from here http://www.ubcd4win.com/index.htm I liked the look of it as it comes with a whole bunch of usefull tools including AV and Antispyware with updateing instructions Reg fixes and cd burning and so on, List here http://www.ubcd4win.com/contents.htm

Good Luck

I was looking at their web site for some info about cookies. I was wondering how can you browse web sites without possibilities for enabling cookies? I know it is possible to view most sites without cookies, but for some sites like for example eBay or Paypal you need cookies. So I was wondering if you are using that CD and if so are you able to work out this problem?