Enough is Enough!

I remember the days when all one needed to surf the net was a fairly recent update of a good AV.

Today? One needs software & hardware firewalls, an AV that was updated just minutes ago, multi-layered anti-spy defenses composed of real time blockers, scanners, removers, a locked-up host file, an IDS & log analyzer plus registry protection apps, process guards, a ready DPF and the latest version of the indispensable HijackThis app.

Worse, inspite of all these, we still worry big time! Enough is enough!

To bring back the joy of surfing, I use the barest of machines loaded with the recommended multi-layered defenses enumerated above. My HDD is partitioned rather simply with C:\ for the system and D:\ for everything else. My simplistic approach (perhaps even naive) has returned the joy to surfing the net since I now surf the net without worry. I then scan all downloads for sleazeware, trojans, worms and viruses before I transfer them to my PC that never gets connected to the net. I sleep better and if my naive approach gets my machine infected, it won't be with anything that a good format and reinstallation can't remedy.

In the workplace, I let our sysad worry about what gets picked up in the net while I worry about what my employer is putting in our network to monitor the things I do. Now, that is the bigger worry!

In the few hours I've been reading stuff here, I've really learned a lot. But more important, its comforting to know that there are still a lot of good guys ready to extend a helping hand to those who need assistance.

Thanks a lot!

 

Seein' as how I remember the days of rotary telephones with 5-digit phone numbers/"party lines", of just 3 channels on a TV with no remote control (other than Dad saying, "Change the channel, son!") and of vacuum-tubed computers filling large rooms (and used only by scientist/military-types)....I sometimes find all this a bit amusing. We used to control machines. I think the roles somehow got reversed over the decades.

 

I think part of the problem was just everyone (especially Microsoft) trying to make it easier for everyone to control their computer, and the result was that it made it easier for other people to control your computer as well. I think we'll return to the day that you only need a couple apps to be safe, but it'll take a little while for the industry to catch up. As far as running a million apps, I think if you added something like Process Guard and/or Prevx to the normal setup (AV plus firewall, secure down Windows' settings) you'd probably be good to go, but that's just not as fun for us geeks, no matter how much grumbling you may hear

 

Hi Notok

I have been reading about what you guys do in this forum and can only imagine how you tempt the gods when you're on the net. Makes me wonder if one of you has a thumbdisk filled with a collection of viruses and download them on your c:\ drive every now and then just to find out how long before they gum up your system. LOL!

I'm just glad that the WSF is around.

 

Hi,

I don't want to blame Microsoft, because the people to blame are the crackers/spammers/malwares writers etc... but we have to notice that
most of the internal malware attacks are possible because Windows OS provides the functions (API) to do illegitimate activities without any kind of control.
In mind I have the APP_INIT DLL registry entry where you can add a value for that every (almost all) program starting will load the malicious DLL of your choice.
I have in mind too the possibility to call CreateRemoteThread() to add code into another process not belonging to us, gracefully provided by Windows, in case it would have been too harder unless for the malwares to attack other programs...
There is no real security in Windows because the whole OS has not been built from start with that in mind, unlike more secure OS such as FreeBSD or OpenBSD.

Then about the spyware, I don't have a single, without any anti-spyware product, whereas I see a lot of people running many anti-spyware apps.
Of course we will all have our preferences, but in my opinion, a good setup against spyware is :
- alternative browser (FireFox, Opera, etc...)
- alternative email client (Thunderbird, FoxMail, The Bat, etc...)
- antivirus
- personal firewall
- sandbox (Process Guard, Tiny, etc...)
- all Windows critical updates

With this you control which app starts, you check if they are not a virus or common trojan, you check once ran if the app tries to connect out, if it tries to hijack another process memory, you are immune from ActiveX and all common spyware infection vectors, you are immune from the lastest known vulnerabilities.

Of course I have nevertheless Ad-aware to scan from time to time, but it always found 0 items.

I agree that the time where a single AV was sufficient is from the past, but we are not at the opposite where you need 5 softwares per threats (anti-spyware + popup blocker + ActiveX blocker + ADS/cookie blocker + etc...) when you can have all in one with an alternative browser such as FireFox.

I don't want to seem to be a Microsft basher because I am not, because I really like this OS (despite his security scheme), but to get rid of IE and OE
and keeping Windows up to date is already most of the job done IMO.

regards,

gkweb.

 

Hi gkweb,

I'm not saying anything against MS. I simply stated that I miss them good ole days. You have been fortunate (to say the least) for having avoided a major infestation. You must really practice safe HEX and I commend you for that!

Now... if I wanted to talk against Mr. Gates, I would have written about what his new girl friend said after spending the night with him! "Gee Bill... Now I know why you named it MicroSoft...!"

Have a nice day!

Still Longhorn

 

Welcome to Wilders, Longhorn! I guess the proper analogy would be remembering when people left their doors unlocked or relied on a simple chain lock. Now we have storm doors, deadbolts, alarm systems, motion detectors....security in any phase of life no longer comes as easy as it once did. Glad to have you here at Wilders!

 

The roles have reversed for sure when it comes to the work place. Now the thing tells your boss when you miss a deadline. What your production was. Some work places use something called Etime (time clock)They scan our machines regularly for content. They scan our web activity our emails looking for forbidden key words. On....and on....

 

I think you have the right idea: the Windows Era actually began *before* the Internet Era. Microsoft was actually late {behind Netscape} getting to the Net. And then, the Net in Early Days wasn't nearly so hostile place as it is now. So, I don't think anyone dreamed {at that time} there would be Slammer Worm, msBlaster, Sasser, and countless other worms and exploits aimed at Windows O.S. It is probably correct that to design a BulletProof O.S. one would have to start from the ground up. And one would probably sacrifice user-friendliness and functionality as well. So there is a tradeoff between: (1) expecting O.S. to protect you at the sacrifice of some richness of functionality and user-friendliness; (2) reactive and retrofitting security into Windows even though it wasn't initially designed primarily for Security but for Functionality and User-friendly GUI. Also possibility (3) a separate Security Industry of third-party apps {AV/AT/AS/PSFW, etc.} designed to enhance security and protect against malware, spyware, rogue apps, etc.

 

Hi still_longhorn,

Neither I said you were doing that, may be I was a bit unclear and so I am sorry.
I was just saying what for me was bad in Windows, that's all

regards,

gkweb.

 

Hi luv2bsecure,

I liked your analogy...

I guess the problems we have now is primarily due to the fact that the Local Area Network, a concept that was designed for an environment of trust was forcibly extended to cover the internet. We sometimes fail to realize that the things that make it possible for us to access a database on the net is a two way street, thus making it easy for the other end to connect to us, too.

Plus Bill, in his sincere effort to make Windows everything to everyone gives us plug and play where the default in everything is turned on upon delivery.

Regards,

Still Longhorn

 

That's peculiar. I don't need any of that and still, I never seem to be infected with either worms, viruses or malware.

-k0nsl

 

my system stays safe with what i believe to be just the basics;

1 AV Nod32
1 firewll ZAP Beta 5.5
Adaware & Spybot

keep windows updated and i use firefox.
sometimes i will run an online scan for a second opinion or an
anti trojan pro if i think there may be a problem, but my system is fast, reliable an secure. to me anything else is overkill.

 

Hi k0nsl!

Stay that way! Practice safe HEX! Don't download anything, not even those cute vacation pictures from momma. No MP3's, too.

Regards

Still Longhorn

P.S. Where can I email you a hardbound edition of 3 Hail Marys...
(Sorry mod, couln't resist it! LOL)