My PC what I have & what I don't!!!

Discussion in 'privacy general' started by WaterTech, Nov 3, 2002.

Thread Status:
Not open for further replies.
  1. WaterTech

    WaterTech Registered Member

    Joined:
    Aug 27, 2002
    Posts:
    6
    Ok, here it is in a nut shell! I have a new PC, less than a year old. I have Norton's Anti Virus, no fire wall protection of any kind, use ICQ, children use Messenger, KazAa & all the other fun stuff, that I know nothing about.

    Here's the kicker, I have this over-protective friend, who says I need more than Norton's to keep this contraption safe. Is this friend right?

    Be gentle on me, since I'm a virgin to all of this!

    I also was told to mention that I'm on dial up & am using Xp-Home. This rather pushy friend thinks I may have some type of fire wall, but I'm not sure.

    Thank you
    Hedgie
     
  2. snapdragin

    snapdragin Administrator

    Joined:
    Feb 16, 2002
    Posts:
    8,415
    Location:
    Southern Ont., Canada
    LOL - WaterTech! Yup, i am the over-protective pushy friend....:D :D....but i am having a dickens of a time convincing WaterTech that he really DOES need more protection than what he has right now.

    He is not that familiar with his new pc yet and thinks he may have ZoneAlarm free...but it may not be "installed" and running.

    i hope with the advice he will see here he will have a better understanding of what he needs right now to ensure he is safe.

    (WaterTech....i didn't know you had KaZaa too!? ~covers mouth~ Ooooooo!! )....... :rolleyes:
     
  3. root

    root Registered Member

    Joined:
    Feb 19, 2002
    Posts:
    1,723
    Location:
    Missouri, USA
    Hi WaterTech, and welcome to Wilders. Hi Snap. :D
    Some basics. Make sure you keep your Nortons Anti Virus updated regularly. If it came installed on your new computer, it may only be good for 6 months, before renewal is necessary, possibly a year.
    You should also have an Anti Trojan program. Since you are new to this, if you can spend a little money, Trojan Hunter Or BO Clean would be your best bet. If money is an issue, as it is with most of us, I think Ants is coming along nicely, but someone else will have to help with free AT recommendations.
    You definitely need a firewall. XP has a built in firewall, but it offers no outbound protection, which means it is worthless against Trojans that may somehow get on your machine. It is best disabled if you have another firewall on your computer.
    For a beginner, Zone Alarm is the easiest to use out of the box, and if you have it, if it is the 2.6 version, then I would install it to at least get some protection started. There are more comprehensive firewalls available, but I would not try to take on everything new at once. The new version, 3 can be found here:
    Zone Labs Grid
    but it does not seem to be as popular as 2.6 was.
    If you wish to try for something that will give you more control, I and others will be glad to help you. I strongly recommend Outpost Firewall, but Sygate, LookNStop, and Kerio are also excellent firewalls.
    About email - neither you or anyone in your family should ever click on an attachment in any email, ever, with one exception. That is if you know someone is sending you an attachment, and they send you a note with it using your name, so that it cannot be a virus created message like Hi, just found this great program. Check it out.
    As for your children using Kazaa, messenger, and stuff like that. That is just asking for trouble. The children very seldom have any security concerns, and I doubt theres much you can do to get your children concerned much about security. They have other priorities.
    So, make sure, if you have any important information, that it is backed up off of your harddrive to floppies or a CD. Never put any information on your computer, you do not want the rest of the world to see. It is not unusual in a family setting that there are several users, each doing their own thing, and before you know it, a trojan has been installed. Once that happens, if your firewall does not stop it, what is on your computer, now belongs to someone else.
    Sorry, but that's real life. We try not to be paranoid around here, but the fact is, people get viruses, trojans, and worms. They cause a lot of damage.
    The best defense is the brain. You should start by spending a little time each day, looking around this forum and reading what's going on with other folks. You will soon see what you are dealing with on the web.
    Hope to see you around often. Ask if you have questions. No one is born with the knowledge needed to surf safely. We all have to learn, from the beginning.
    By the way, I don't think Snap is over protective. She just cares. :D

    - Fixed long link / page wrap problem - LowWaterMark
     
  4. Pieter_Arntz

    Pieter_Arntz Spyware Veteran

    Joined:
    Apr 27, 2002
    Posts:
    13,312
    Location:
    Netherlands
    Hi Watertech,

    Welcome to the board.

    Yor pushy ;) friend is right IMO.
    I would indeed at least install a firewall. I´ll leave it to the specialists [EDIT] root already did so [/EDIT] to advise you which one to choose, but here´s a start: http://www.wilders.org/firewalls.htm
    Since your offspring has taken to Kazaa installing Adaware and/or Spybot S&D would be a good idea as well.

    Regards,

    Pieter
     
  5. the Tester

    the Tester Registered Member

    Joined:
    Jul 28, 2002
    Posts:
    2,854
    Location:
    The Gateway to the Blue Hills,WI.
    Hi Water Tech.You will get some excellent advice from the folks here about security.I have xp home edition also.I've been on the net less than a year.I formerly used kazaa myself.I got rid of it after getting a virus from an infected music file I downloaded.There are risks like that and also you will get spyware from kazaa.Spybot is an excellent recommendation.When I first got security conscious the must haves for me were:a firewall,an anti-virus program,an anti-trojan program,Spybot.A very important task you should do daily is check for updates for your programs.It's painless,may take a little time,but it's a neccessity!Programs get less effective if you don't keep current on up-dates.Another thing that really helps is education.The Wilders web-site has been huge for me!The recommendations about security on the home page and especially in this forum have helped me a lot!! Have fun and enjoy the forum.
     
  6. eyespy

    eyespy Registered Member

    Joined:
    Feb 20, 2002
    Posts:
    490
    Location:
    Oh Canada !!
    Hi Tester !
    You did get a virus that was imbedded into a music file ??

    bill ;)
     
  7. Smokey

    Smokey Registered Member

    Joined:
    Apr 1, 2002
    Posts:
    1,513
    Location:
    Annie's Pub
    Hi Bill!

    You should know "The Tester" got this name because he is testing everything on virussen, even "music" files! ;) :D :D :D :D
     
  8. the Tester

    the Tester Registered Member

    Joined:
    Jul 28, 2002
    Posts:
    2,854
    Location:
    The Gateway to the Blue Hills,WI.
    Hi Eyespy.At the time I was having all kinds of problems with my computer's performance.I noticed that McAfee(which was pre-installed and never updated :doubt:)was damaged and there was a message about something called VBS Loveletter virus.OOOPS!It mentioned a particular music file.Being very inexperienced,I dumped everything that related to kazaa.I freaked!Uninstalled McAfee and ran AVG.(with all the bumbling that I did,I managed to get rid of that virus.I did have to dump H/P select though.It was growing by leaps and bounds!) Not long after that episode I started surfing and researching kazaa.That's when I became aware of spyware.I started out with Adaware and found an enormous amount of that stuff.Well over 100 detections!Gator was the worst.FYI at the time I had no firewall.Never updated McAfee.I basically got on-line and did my surfing.I learned a lot the hard way. ;) That's one reason why I got interested in security.And testing.One thing I will never test again is my luck with kazaa or any P2P program.
     
  9. eyespy

    eyespy Registered Member

    Joined:
    Feb 20, 2002
    Posts:
    490
    Location:
    Oh Canada !!
    I agree that P2P file sharing can be dangerous.
    WinMx is a good "spyware free" P2P proggie !

    best regards,
    bill :)
     
  10. Primrose

    Primrose Registered Member

    Joined:
    Sep 21, 2002
    Posts:
    2,743
  11. eyespy

    eyespy Registered Member

    Joined:
    Feb 20, 2002
    Posts:
    490
    Location:
    Oh Canada !!
    TY Primrose !
    First I've heard of that !
    Where will it end ??

    regards,
    bill ;)
     
  12. Pretender

    Pretender Registered Member

    Joined:
    Apr 23, 2002
    Posts:
    670
    Location:
    Virtual Paradise
    sorry that you asked us watertech?

    keep a good eye on any transactions made on the internet. credit cards and financial information are primary targets of the bad guys. bob

    welcome to the board.
     
  13. snapdragin

    snapdragin Administrator

    Joined:
    Feb 16, 2002
    Posts:
    8,415
    Location:
    Southern Ont., Canada
    Primrose - i was just wondering, if someone had their anti-virus on (like Amon that scans each active file) and say a anti-trojan "guard" that is also actively scanning...what would be the possibility of an infected mp3, or any file being downloaded from the net, not being caught while d/l'ing is in process??

    Isn't that what on-resident scanners/guards are suppose to do?? Just curious since i do d/l quite a few zip files for my picture editing program along with .exe files off the net, and wondering what the difference would be in a peer-to-peer d/l? (hope that made sense).

    i know quite a few kids will turn off the anti-virus and even the firewall to get faster download speed, but if they are left up and running....would they not catch something nasty if an infected file was being d/l'ed?

    snap
     
  14. Detox

    Detox Retired Moderator

    Joined:
    Feb 9, 2002
    Posts:
    8,507
    Location:
    Texas, USA
    Proxomitron is also a REAL nice thing to have methinks, even though I still use default settings and not a nice list like there are available. All it means is one more click before surfing.
     
  15. LowWaterMark

    LowWaterMark Administrator

    Joined:
    Aug 10, 2002
    Posts:
    17,842
    Location:
    New England
    If you are running the resident scanners of good AV and AT products on your system, with up to date defs, then you are very likely to catch and kill any piece of malware coming down at you, regardless of type. (A key exception to this is, of course, some compression formats may get the bad boy past your scanner initially, depending upon the product and compression format, but, when you decompress it, the scanner should jump all over it.)

    Of course, at this time, as Primrose's link notes, there aren't any real viruses inside actual .mp3 files, as mp3's don't actually execute. Just a few hoaxes, for now. But, who knows, maybe when the mp3 players get more intelligent, the files themselves may become in some ways executable, and so could be the target of malicious code.

    Good to see you again Snap :)
    LowWaterMark
     
  16. FanJ

    FanJ Guest

    Blaze's Newbie Survival Guide might also give some hints to WaterTech.
    You can find it here:
    http://www.wilderssecurity.com/showthread.php?t=4146
     
  17. pin

    pin Registered Member

    Joined:
    Nov 4, 2002
    Posts:
    116
    though infecting an mp3 right now isn't possible, i guess we just have to look out for sneaky things like file.mp3.exe or file.mp3.vbs.

    there is a plugin that allows ppl to share music through their winamp player (it lists the contents of their playlist). since you can actually share any file whatever by putting it in your playlist (i gave a .gif file to a friend by putting it in my winamp playlist, and he could d/l it no problem) i am thinking this is a ripe place to put those kind of double extension viruses!

    so watch out!
     
  18. snapdragin

    snapdragin Administrator

    Joined:
    Feb 16, 2002
    Posts:
    8,415
    Location:
    Southern Ont., Canada
    ~whew!~ thank you LowWaterMark! i thought that's what Nod32's Amon, and TrojanHunter's Guard would do, but appreciate you're confirming it for me! i always scan again after i d/l a file and after installation, just in case something slipped past the scanners.

    the other reason i had wanted to know about this was because WaterTech had mentioned his kids using KaZaa, would something get past Norton's Antivirus? i don't know much about Norton's Antivirus or if it even has a scanner, so i am not able to help him much there.

    i must have been more tired then i realized - apologies to you Primrose, i misunderstood what i read in your link and wasn't sure if you were saying that a virus can now be inside (or attached to?) an MP3 file......i don't d/l MP3 files myself but i know many who do and i appreciate the clarification - don't wanna add to anyone's hoax or give out the wrong information.

    'tis great to see you too LowWaterMark! :D

    thank you for lifting the fog again...LOL! it just seems to keep rolling in with every year that goes by. ;)

    snap
     
  19. snapdragin

    snapdragin Administrator

    Joined:
    Feb 16, 2002
    Posts:
    8,415
    Location:
    Southern Ont., Canada
    FanJ! yes...thank you! (hangs head in shame because she forgot Blaze's Newbie Guide) i have it bookmarked too!

    Thank you Blaze!! :D

    snap
     
  20. root

    root Registered Member

    Joined:
    Feb 19, 2002
    Posts:
    1,723
    Location:
    Missouri, USA
    Just a little opinion from me about such things as viruses in MP3s.
    True, it looks like virus imbedding in MP3s has been nothing more than hoaxes up to this point. One of the thinks I like to take into consideration is that new exploits come out almost daily. Soon, perhaps there will be a virus that is triggered when an MP3 plays. I remember the first time I surfed to a website and as soon as I got there I had been nailed by one of the javascript exploits.
    I don't like to be paranoid. I like to have fun on the web. Why else would I use it except for information and learning? But - we must use our heads before all else. If we totally rely on our programs to protect us, we will eventually lose. Remember all protection from malware comes after it has been running loose in the wild. I do not want to be one of those that gets the next big worm crawling all thru my machine, because I relied on an AV program that did not have the definition yet.
    So, I preach. Practice safe hex. Use your head. If it looks like you are looking for trouble, you probably are. If a website seems to be questionable, it probably is. If the origin of a file is uncertain, then so is its safety. If you are swapping files, be assured there are those that are going to make mischief with you. The script kiddies are out there. They have turned in their mail box bashing bats, and grafitti spray painting cans for trojans, mailbombers, and viruses.
    Be safe and surf with fun and sense.
     
  21. luv2bsecure

    luv2bsecure Infrequent Poster

    Joined:
    Feb 9, 2002
    Posts:
    713
    root,

    It seems like every time I turn around you are writing something I would write. But better! You are always full of wisdom and you are SO RIGHT about all you wrote. It was basically a call for vigilance mixed with plain old common sense. I'm so glad you are here.

    John
    Luv2bSecure
     
  22. root

    root Registered Member

    Joined:
    Feb 19, 2002
    Posts:
    1,723
    Location:
    Missouri, USA
    Thank you John. I am a firm believer in common sense as you are. Besides, you write a lot of things I wish I had said.
    There is a lot of experience on this board in the form of many many people. I wish more would share what they have to offer. ;)
     
  23. WaterTech

    WaterTech Registered Member

    Joined:
    Aug 27, 2002
    Posts:
    6
    Thanks to all that replied to my post. I guess all this time I've been too darn stubborn & deffinately to naive. This computer age has came along way & if I plan on bieng on the net, along w/my children, then I'm going to have to keep up w/the times....Thanks again.

    A special thanks to Snap. Sorry
     
  24. Primrose

    Primrose Registered Member

    Joined:
    Sep 21, 2002
    Posts:
    2,743
    I post this in another forum some time ago and thought you might find something useful.....

    __________________
    Is my system protected or not?


    Yes, but when you decide to execute(open) any file or attachment that you know could be dangerous to any system instead of deleting it in the first place, you are already breaking the rules that are preach all over the Internet of
    1. know first who sent it to you
    2. Even if you think you know, scan it first
    3. Even then determine if you really want/need to see this unknown file just how imfortant is that need, based upon the facts you already know about security. There are new "badboys" written each day and no AV or AT can protect you from those 100 percent even if you tried to update them once a day.

    To put it in plain english Steve. I would never send You an .exe or a .com and a few other type file formats in the first place. For those reading this post, be aware that I could do that for I have Steve's email address. I just do not send files like that to any of my friends. If they start getting used to opening that kind of file on MY account...one day my email addy will be spoofed and then I would be the indirect cause of putting him at risk.


    The other tests one can do anyplace is to test the mail program you ARE using to determine if you are vulnerable just by downloading email to your PC in the first place without even opening up any attachments.

    Most email clients nowdays allow MIME or HTTP viewing automatically with hooks and binding into standard applications you all have on your PC such as Audio players, all the way from the standard M$ mplayer that came with the OS to now the new generation M$ is now putting in XP...not to leave out Sonic...crescendo..and 15 other types of embedded audio players which have now been download from the web and are "associated" by default into your mail client.

    That automation has been exploited by Nimda and so many other virus/trojan/worms to get into your system, unannounced, it is no wonder they all still thrive today.


    I see so many people who have been around these forums and boards, who know all these things and more...yet still insist they have it all covered with a patch, a fix, a program, a killer, a stopper, a "realtime scanner", a firewall with loggers...so they jump in there with both feet and test the technical "limits" (in their opinion) of how they have their system setup.

    I also see many people still forwarding email they got from a friend of a friend with everyones email addy in the headers as they forward them..not as a blind copy..but rather a .cc or just put everyone in the "send to" that is in their famous .WAB (Windows Address Book).

    My suggestion..start breaking that chain...be nice to your friends if you forward those emails and clean them up first before you send them..and for your friends..instruct them how to do the same. If they can't or will not do it...ask them to take your address out of their .wab or any other address book that is used by any flavor of Outlook.

    If you do not..your email addy floats all around the world for spammers and badboys to get your addy as they auto search unprotected systems of people you do not even know.

    Hope this helps some members..

    Best to ya Steve,
    John
     
  25. snapdragin

    snapdragin Administrator

    Joined:
    Feb 16, 2002
    Posts:
    8,415
    Location:
    Southern Ont., Canada
    yes you have....but i WUV you anyways! ;)

    You must stay on the net for a VERY long time because i still haven't beat you at cards yet! LOL! (and i think you still owe me a game.)

    You are very welcome Hedgie, and thank you for starting this thread. Everyone has posted some great ideas and links to get you started, and i am sure this thread will help many more who are just beginning to look into securing their computers. And you never need to say sorry to me....~smyle~....i am very lucky to know you, and glad you are my friend.

    snap
    -------

    Primrose - that was a great post with good advice in it - your friend, Steve, has a good friend in you.
     
Loading...
Thread Status:
Not open for further replies.