How one can surf safely without a resident av or hips or sandbox or anti-spyware

Hello,

Bubba gave me a great topic idea...

Original here: https://www.wilderssecurity.com/showthread.php?t=196103&page=2

So, the topic name is self-explanatory.

This somewhat relates to layers of protection mentioned in yet another thread:
https://www.wilderssecurity.com/showthread.php?t=196655

Anyhow, I'll concentrate here on the user-initiated Internet activities, which means that the outbound has been allowed and packets received and accepted, which leaves the firewall function out of the game right now.

I'll limit my answer to actual surfing, but expand if necessary to other user-initiated activities like p2p, im, email etc.

When browsing the net, the user contacts servers through his browser of his choice. Based on the action, this includes server-side scripting, client-side scripting, downloads, and display of content (temporary downloads so to speak).

Server side scripting - Not much of a direct threat to the user. It could be a threat if the server is corrupted or subverted and private information is delivered, but this is an indirect issue - no different than getting the bank robbed.

Client side scripting - This could be exploited. Therefore, the choice of a browser with a robust self-contained policy (sandbox), like Firefox or Opera, makes the logical choice. Furthermore:

- Use latest plugins to prevent buffer overflows (like java, flash vulnerabilities).
- Configuring the plugins to limited local access (like no flash access to webcam for example).
- Limiting the functionality of plugins and scripting engines.

Downloads as parts of the session - displayed as content within the browser, often mixed with scripts. Most often, the content is static and harmless, therefore little to worry about.

Downloads - once content is downloaded to local hard disk, it leaves the boundaries of the browser. And if executed, it's a different story altogether.

All in all, if you use Firefox / Opera or any other reasonable browser, the vectors of attack are drastically reduced; if client scripting is disabled or limited, the vectors drop to zero. Static content is no more dangerous than Greek statues in a museum.

Downloads are something else; once they become files on the hard disk, they are no longer part of the surfing. They are local payload.

A philosophical question comes into place - shouldn't they be considered of the surfing risks? Well, no. Because you could get the same file from a friend on a CD ... If you want to execute it, that's a new realm.

But pure browsing + risk, very simple issue to mitigate and control.

If you are interested, I'll give you my take on email, p2p, im etc ...

Now, do add your thoughts ...

Cheers,
Mrk

 

I'm not sure of what you wanted to say here.

You place most of the weight of security in the browser and I think that this is a bit optimistic. Sandboxes or behav. blockers complement a strong security setup composed of:
- Mitigation/disaster recovery: rollback/imaging.
- Trusted/reliable code base: up-to-date OS and software + DEP.
- Reduction of exposure: third-party browser w/add-ons used to whitelist content.
- Safe hex: what is allowed to be downloaded/executed.

 

hello,
safe surfing IMO is nearly 100percent of the security.
most of the malware happerns due to users always using an admin account and searching for free movie and music downloads that turn out to have malware with them.
unless you go on a ligitimate site that has been comprimised them most likely you wont get any malware.
so IMO common sence is the almost perfect solution to malware.
the adverage user installs a secuirty suite and thinks they are 100percent protected from everything which is total BS. i learnt from that mistake a few years ago when i relied on a secuirty suite to much and surfed the dark side... for free nero key.
like when my GF thought her game account had been hacked. she ran a scan with avg it said it found nothing so she just changed her password and carried on. now who knows what malware could be on her that it didnt detect.
lodore

 

The main focus of surfing safely for me is not be get bilked or rip offed by a hacker. If the hard drive has been implanted with anything that doesn't compromise my pocketbook, then I don't have any major concern with it (not until it slows down the PC to a great degree). I believe in mitigating the infection outbreak by using multiple PCs (you can get to me once and that's far as it will go). So should one system become a major malware victim, I can switch to another system and continue my merry way.

I do have an old Windows 3.11 486 PC that has the 33.6K modem and has not been updated in over a decade. I don't believe that I can get any security software to run on it (or at least any of the current programs). Do you think that I can safely surf on that system? I think so.

 

Fairly simple-keep away from sites that even a tiny amount of common sense would tell you,are liable to infect.
If some compulsion directs you to them,at least use discretion in what you press and do.
Doesnt need a university degree.
A good starting point is Site Advisor.
It does have some false positives,but does give a reasonable warning where some degree of caution may be required.

 

One would try avoiding going down a dark alley at night because of the dangers that may lurk there. The 'net is no different in that respect.

 

I assume you're talking about using windows system.

up-to-dated system
extra system tweaking tools
image backup
firewall (router+software)
limited account
a good hosts file
firefox(adblock, no script,etc) or opera with a good filter list
ad muncher
site advisor or similar tools
commen sense

 

IMO, while surfing without anything additional (above and beyond Windows itself and a browser of choice) is an interesting experiment/choice, it's not practical. People are human and can make mistakes in judgment. People get in a hurry and knowingly deviate from the normal "safe" approach. And, maybe most important of all, many people just don't want to (or can't) take more time than the quickest/easiest way possible. Surfing without some kind of safety net (and by this I mean an AV/firewall/security suite) would not work for anyone fitting into any of the groups I mentioned. And IMO, most users fall somewhere in these basic categories.

I try to follow and understand many of the things discussed here at Wilders but I fall into the group that I'm only willing to spend so much time at all this. I want/need something to watch my back...

 

This question is too difficult for me.
I had a period long ago, when I surfed to anywhere on the internet without any protection, but after awhile my computer didn't function properly anymore due to numerous infections on board. In those days, I thought my computer was broke or worned out, until somebody told me to run Spybot.
After removing pages of malware via Spybot, my computer was still not fixed, so I reinstalled it manually, because I had no backup.

I don't want to go back, I have to go forward and that means security and backup, otherwise I'm not the boss anymore and I like to be the boss, it feels like being God and who wants to give up that feeling.

PS: I have to go now, my shrink and two male nurses want me back in my cell. End of Internet Therapy.

 

It's all well a good talking about surfing without security but I would feel naked without my Netgear DG834 and Firefox NS. I don't care what the fashion is this year I'm going to continue playing it safe.

 

Well, this might not be the answer anyone is looking for, but to my mind, the only way to surf safely without any resident apps is in Linux, as you know Mrkvonic... it's my solution anyhow...

 

...as I´ve suspected all along...

/C.

 

I aree with Han that some back eyes give more comfort,alternatively then it take almost a master degree in computer science to know really what is needed or not in all this,so as a simple user i rely on what the industry has to offer for protection and i learn a lot here on Wilders to make de right choices for my own situation.

 

Hello,
I seriously believe education in CS is not required to be safe and enjoy the web. On the contrary, most CS engineers I know - and I know quite a LOT are geeky types who really don't care for computer security.
Mrk

 

Peculiar analogy and experience.

Like others i too used to throw caution to the wind and run amuck back then but ran headlong time and again to laced websites that congested my PC so bad i nearly threw it in the dumpster.
A combo of SpySweeper & SpyBot after searching for help on Google when i could get there long enough, showed a whole flurry of reasons for these forced interruptions, and helped remove some of them but not all the leftovers. And i too knew nothing about backups.

To go forward and not backwards, today translates to not only security which is key but something everyone loves, CONTROL!
And a quality ISR + Sandbox + PS + HIPS, all completely preserved along with the system/programs at once by a solid back up program, aka images keeps YOU!, the owner of your investment in total control.

 

Having just restored C: in less than 3 minutes I would say that once you have your data protected ( off site) and a clean image of C: the rest is just stuff.

Surfing without a resident AV or hips or sandboxie or antispyware or FD-I$R doesn't make you go blind no matter what your parents told you.