History of errors - how did your security creed evolve?

Hello,

We all started somehow. I would like to know if you can see the trend and try to analyze and rationalize it. In the same breath, point out things you have thought were ok, but then you changed your mind and vice versa.

I was always interested in security on a low level, since around the onset of millennium or so, a little before that - regarding the Internet. DOS does not count right now as it is a different world altogether.

Real interest started when I encountered a VX2 infection from a bundled codec, which a moron acquaintance of my girlfriend then (wife now) installed on her computer, to help her with a movie that would not play. This was early 2004, if I recall. I was not there to stop the evil deed from happening.

In those days, I was starting with early versions of Firefox and sampling Spybot and Ad-Aware. The infection was nothing serious, but me being anal, I got exposed to the merits of programs like HJT and such.

So I decided to go deeper and began experimenting with lots of programs that became available, as the Internet broadband boosted and a plethora of programs became available. Linux became a serious interest as well.

However, I quickly trimmed down. I think my 'high' lasted about half a year, during which I discovered how volatile and gentle Windows was and how things had to be put in careful balance in order to work. I also used several computers in a home network and found out that security / service tweaks so popularly advocated all over the net were good for single machines doing nothing but browsing.

Windows was working the best as is, in its insecure default configuration. But then, there was no black magic necessary. Understanding a few basic concept was enough. Most people do not realize this but ... Tools became just a hobby and artistic impression. Testing for the sake of testing. Finding interesting and curious conflicts and such. But not for security. Well, truly, it never was.

I did have machines running heavily fortified, but they were also a part of the experimentation. Most machines were always in their simple configuration, pretty much steady for the last 7 or so years. I even trimmed down further with some.

Since, I broadened my fields of knowledge significantly, mainly via Linux, web and virtualization - not including workplace.

The applications that I have thought were ok but fell out of favor:

Mainly, Spyware Doctor, until they killed the ability to disinfect in their free version - and all of a sudden, FP issues started growing like mushrooms after rain.

I also like than I used to: Ad-Aware, Spy Sweeper, all MS products...

The applications that I did not like but changed my mind:

None such.

Well, your turn to tell how you see your Internet experience.

Cheers,
Mrk

 

Good idea, I think, that just mentioning security would help some people to start.

1-st phase: A complete noob, who gets regularly infected, gets know the internet.

I myself was never interested in security, I used PC without any security aplications and I am quite sure, that I was infected at that time since I had allways problems with porno popups and etc. I had also problem with my dialup modem, that it used to disconnect and connect again. I allways terminated it, because I though, that something is wrong (talking about hardware and Windows), but I had no idea about dialers. I have looked at some forums to solve that problem as well as to find a way to speed up dialup and I have read, that something called AV should be used, because something called viruses might slow down internet connection, so I picked one. Since I am a perfectionist, I wanted the best AV, so I searched for months until I found NOD32. Due to remaning malware problems I got software like Adaware and Spybot and I have also read in a few posts, that there is something called firewall. I have got a manual from my ISP, which lead me right to the interest in firewalls. I was wondering, what is that firewall thing, so I read and read, until I decided to use it. It took me some time till I got Outpost Pro and this is where I got a solid protection.

2-st phage: A common user meets a skilled stranger, who will teach him about the security.

It is Summner 2004. Using NOD32 with Outpost Pro I have tried test pages like pcflank and I have also looked at their forum. At that time, there was one skilled user called Paul, who posted, how to increase Windows security by tweaking bad Windows services along with other registry tweaks. Since I knew nothing about registry or security, I PMed him and he was willingly answering all my noob questions. We became friends and we emailed each other, well, mostly I sent him the questions and he sent me the answers.

3-st phage: A nerd tweaker is born thanks to a skilled russian hacker, who encourage him.

I have found out, that tweaking is a fan and that it can be used not only to increase security, but also to improve performance. I started to gather tweaks and I have also looked for IT news and forums. At that time I registried at Wilders, but I was not skilled enough to post anything here nor to understand a single thing from here, so I left this forum behind.

4-st phage: My next step is removing a realtime AV and having nightmares about it.

I was running PC for 2 years without any noticeable infection and since I had IE7 Alfa locked down, I have decided to try running a PC without a realtime AV with just Outpost Firewall Pro on. The first month I scanned my PC more often than some users here for a year. I have improved my tweaks and thanks to searching them my knowledge about security has really increased. In 2006 I have tried almost all security aplications out there. I have also tried Windows Firewall followed by Comodo. Then nLite and vLite to improve performance as well as security. I have started to participate in this forum again.

5-st phage: I think, that I have learned something, so I move on with Vista and no firewall.

In december I got Vista, so I tried and after tweaking I gave it green. 1. January was my first anniversary without the AV, so I have decided to do something special, I have disabled WF, because I did not want to run anything else than Comodo anyway. In March I have enabled UAC again and I stopped overtweaking Vista, because it made it unusable, now I tweak only to secure and speed up Windows and IE a bit. That is the end of my short story.


Sum up: If I would not care about slow net, I would not even got started.
Most people do not even realize, that their PC can be slow due to infections.
So if someone would just tell me, scare me, it would help me to protect my PC.
A manual or a CD with security apps is all, what an ISP should provide with net.
I got a manual with DSL net and that helped me to find out about security as well.

 

Hmm

As always Mrk, a thought provoking thread.

Me, first used a computer at work in 2000. Knew nothing, there seemed in hindsight no security measures at all.

2001, inherited a crappy old machine at home, ran no security on it at all. Was I infected ? No idea

2002, worked in a small IT company, techies there introduced some of us to Spybot and ZA firewall and Avert Stinger. That seemed to be the extent of their security knowledge and judging from there laissez-faire attitude probably still is.

Even now, techies I speak to seem to have no more security knowledge than an intermediate home user and sometimes less.

Late 2004, my laptop, internet banking and early 2005 my investment of time at Wilders to protect my interests.

The rationale, to be as secure as poss on my internet banking.

The result, a fascination of what people like you know and what security progs can and can't do and a desire to play and test.

I am probably now no more or less secure than I was 18 months ago and to my knowledge I have never had a serious infection but the joy of experimenting and playing is the most pleasure I get from my PC.

BSOD's are a challenge as to why and they in themselves now no hold no fear, which for a novice home user is a result in itself

Heck Mrk, you yourself have got me into having several linux live CD's which I never thought possible.

The trend - learning more, playing more, being less fearful of a computer and I may say infuriating the missus to high heaven in the process- LOL

Very interesting and look forward to more replies.

Incidentally, I've always fancied an anonymous poll at what members expreince here is i.e home user, IT engineer, software developer, network administrator, corporate IT Director etc. That sort of thing. What do you think ?

 

Hi

I've just reread my last post and I'm struck by something.

If I didn't conduct financial transactions I would not have started any interest in security products.

I do no work on it, I have no docs, no pictures, no vids and no music - nothing.

Therefore, I suspect my interest with nothing to protect would be zero. I get infected - so what ? My machine crawls to a halt - so what ?

Reformat and start again. I don't think I'd even bother with patches. Just reinstall OS once a month or whenever. Takes 20 mins. About the same time as the fastest AV scanner.

Makes you think. Bit like reading golf instruction magazines when you don't play golf. Pointless

This is an edit - botnets I am familiar with and wouldn't wish to be part of that scurrillous behaviour so in fact to that end there would indeed be a point. Something else I have learned

 

Hello,

Nice replies so far. Great to hear about Linux. Thus I'm buying my bonus points for the commie-atheist heaven I'm slated to one day.

A poll would be cool, although I can answer right now.

In high-school, I studied Pascal for three years. At the uni, I did a bit of C and Matlab. At work, used a fair bit of engineer-related programming and algorithms and such in a variety of languages. Then, another 5-8 languages at home, just for the fun of it. And yet, I'm not in the IT / software industry at all... Although I'm playing to take a Linux Certified Professional course sometime next year.

But I did always make fun stuff, including writing residents in DOS, funny batches that did all sorts of things - including a simulation of a hard drive formatting - and what not. Always had an affinity for it, I must admit.

My first encounter with virus was in the late 80s, early 90s, a ping-pong thingie I think it was ... But that's a different world indeed.

Mrk

 

LOL- very good.

If I can work out how to start a poll, I'll get it going tomorrow perhaps.

Your background is most interesting and a great example of how Wilders can bring posters in the same thread from the most diverse ends of the IT knowledge spectrum.

 

before i post about how my secuirty creed started i want to read my first post at wilders to find out
i think it was because f-secure was slowing down my computer to much so i was seeking an alternitive and also spysweeper was annoying with its constant problems and still is.
ok the threads dont go back far enough to find out my very first post
also i need to find out how to get my documents back please read my nightmare! thread
lodore

 

Lodore, I thought of doing that and reviewing my whole post history.

For me, just too embarrasing

 

My interest of computer security started many years ago when I was into "warezing" I did download Mcafee Firewall from a warez site and thought that I was really smart not paying for the software. I used it for three months until I downloaded a port checker and noticed that I had a (mcafee) port open to someone in Ukraine. It had a small but steady flow of traffic going on and had probably been open since the first time I installed it. The AV I had (also cracked) did not find any malware. I did download a trial of NOD32 and it detected the malware in the mcafee .exe file (which was cracked) I dont remember the name anymore.
Needless to say I have paid for all my software after that incident.

I got very mad and said to my self that nothing like that shall ever happen to me again. Started to visit security forums to learn. And when the first HIPS appeared my knowledge accelerated.

Nowadays I like to think that I know enough about how hard it is to get infected so I can "lower" my guard (meaning I dont have to know everything that goes on behind my back) and let silent software take care of the very, very rare occasions when malware appears. But nevertheless I like to have good protection just in case.

I try (and buy) many software thinking the grass is greener on the other side of the fence Right now for example I am testing Kaspersky Internet Security, AV and FW and liking it, probably gonna dump Drweb and Comodo (they are not compatible with Vista). Even though I have 4 months left of Drweb subscription.

My nick is Sukarof and I am a software slut.

 

@Sukarof

This thread is almost like therapy don't you think

 

Here is my story in a nutshell.

1. The newbie period.
I didn't know anything about security and that was my happiest time on the internet.
I downloaded and tried everything in those days without limits.
My computer was so infected, that nothing worked properly anymore, I thought it was broke until somebody told me, it was infected.
That's how I learned to re-install my computer from scratch.
The first re-install was a complete disaster, so a friend told me how to do it.

I installed Norton AntiVirus and thought I was 100% safe and continued with my 'dangerous' activities on the internet, until my computer was 'broke' again.
During an email conversation, somebody told me to use Spybot.
The first scan reported more than 200 infections, but that didn't solve the problem.
So I re-installed my computer again (I had no backup software either).
I had at least one re-install per month in those days.

2. The scanner and crack period.
Chatting on the internet was one of my favorite activities and these chatters
told me there was more than one scanner and I didn't even have to pay for it.
So I installed an army of (cracked) and (rogue) scanners on my computer and a cracked version of Norton Internet Security.
I had several rows of scanner icons on my desktop and I was constantly searching for new scanners.

3. The Malware Forum period.
I was also a free lotto player, which was a great source for getting malware, but the free lotto world was dying and somebody gave me a link of SWI, which he used to get rid of the malware. So I joined SWI.
At SWI, I finally learned more about malware and what to do about it.
That was the end of my happiest period on the internet, since then I never enjoyed internet that much.
I stopped with all my 'dangerous' activities, I got rid of all my cracked softwares and listened to all the good advices, because I was tired of re-installing my computer over and over again.
SWI tried to make a qualified helper out of me, but I wasn't interested in solving HijackThis logs for the rest of my life. I was more interested in security softwares.
One day, the server of SWI was in serious trouble for a long period, so I choosed another forum at random and joined Wilders. It was a wild guess but a lucky guess.

4. The Security Forum period.
For the first time, I didn't consider my computer as a sophisticated typewriter anymore.
I learned about hardware, many different (security) softwares and partitioning.
Two years back, I thought each partition letter was a physical harddisk.
When somebody wrote "I formatted my partition M", I thought "Wow, this guy has 11 harddisks and me only one.".
So alot of things changed after joining Wilders. I became more serious and critical.

First I bought a new fast computer with two internal harddisks, one external harddisk and a router to make my dreams possible.
For the first time I had an Image Backup software, then Immediate System Recovery with multiple snapshots.
I created two independent partitions : system partition and data partition
I created two independent snapshots in my system partition : off-line snapshot (quiet) and on-line snapshot (frozen).

If a small or big problem occurs, no sweat, I simply rollback to a healthy state, case closed and no post at Wilders to ask for help.

 

I started using pc in march 2005. I was very happy with internet in the beginning wondering at all the possiblities of this age. But than i decided to go with brodband internet and removed my mcafee(preinstalled) and installed etrust ez antivirus which was free with the ISP service. After few days of use i could not update it and it crashed. I decided to google on it,this was the moment which changed my prespective with regard to pc. Than, i decided to install f secure and than the list goes on. But now i am more leaning towards trying different os(operating system) rather than trying diffrent antivirus for my pc. I think i have matured a little bit.

 

Reading ErikAlbert's post is a exact copy of my story.
Except when I first join Wilders 4 years ago I went totally nut about Security.My computer was so much loaded with security software that it was crawling.

Now the curve is inverted. I run KIS 6.0, BoClean (which I have problem to leave aside, it's like my baby. ) and FD ISR.

But even if I have a lot less Security Software, doesn't mean I don' like to test them and play with them.

 

My interest in security began in 2002. I was given a Win98 box by a friend who had bought a brand new PC. About all I knew then was that I needed an AV. A co-worker recommended Norton. Browsed their site and found Norton Internet Security. I was impressed by the "one program does it all" description, AV, firewall, popup blocker, etc. I downloaded a trial of it, and bought it. That led to some hard lessons regarding the shortcomings of security suites and security software in general. Almost the instant I installed it, it alerted me to blocking a "WinCrash" attack. I had no idea what that was, so I acknowleged the alert and went back to browsing. Then I got another, and another, and.... I started trying to track down who was "attacking" me. Looking back at it now, I'm convinced it labelled every random port scan as a "WinCrash attack". NIS also taught me the meaning of lousy customer support, starting with trying to get a realistic explanation of what a "WinCrash attack" was, and ending with trying to find out how to change the auto-updater interval and have the new setting stay. An updater that runs every 15 minutes doesn't cut it with dialup service. Never did get a decent answer from them on either question. The vendor of a freeware system scheduler showed me how to fix the updater problem, which led to my preference for freeware and later, Open Source.

About the same time, I found one of the bigger software sites, ZDNet I think. Ran Into Ad-Aware, and a bunch of other stuff I just had to try. AAWs ads regarding how AVs don't stop adware and spyware got to me. and led to their old forums. Back then, it was a good place. Met some really good people there, especially Aaron Hulett.

One day I was Googling for something, clicked on a search result, and ended up at a site that opened a huge number of popups, in spite of Nortons popup blocker. Norton crashed completely and I tried in vain to catch up with the popups. I finally killed the PC to get away from that page. When I rebooted, Nortons AV told me I had a virus it couldn't get rid of. With help, got rid of that. Shortly afterwards, someone managed to hack into my system right thru Norton. Its firewall log recorded the granting of internet access to a file which had no access before then. It kept a full log of the incident but did nothing to prevent it. I dumped Norton, even though I had several months left before it expired and started trying other firewalls and AVs. This is also when I learned of Mozilla. At one point, I had 2 firewalls and 3 AVs running on a Win98 box, plus a host of other apps. Even with all that running, it didn't bog down my system nearly as bad as NIS did.

I was introduced to Eraser and at their forum, made friends with a retired military colonel from Europe who served in military intelligence during the cold-war. For the next 6 months, he gave me an incredible crash course on all kinds of privacy/security related subjects, especially encryption. He also showed me how useful DOS can really be. It was taking me a month to get thru what he'd send me in a week. He died of a heart attack in 2003. It took another year to get thru all the material he'd sent me. Lost a good friend and teacher. I can't imagine how much wisdom was lost when he left.

During 2003 and 2004, I spent most of my time at an adware removers forum as a volunteer. It was fairly common knowlege back then that no adware remover found everything and people, myself included, were recommending using several. While there, I was becoming increasingly aware of the shortcomings of signature or reference file based detections, not just for adware/spyware apps but all signature based apps. At that time, the solution I knew was to use several. Between AVs, ATs, AS, etc, I had 8 of them, and was still running into files none of them detected. I was also learning about other security software, integrity scanners, application firewalling, etc. The suggestion to use multiple scanners wasn't well received on this vendors forum. After some heated debates regarding dropped detections and the criteria they use to determine what qualified as acceptable software, I left for more neutral territory where user support, not product support is what mattered.

At SWW, I learned of SSM (and a lot more) then became acquainted with its developer, Max, then its present developer. Began testing SSM against live malware and viruses. For myself, I've concluded that it can replace resident AVs and other real time "anti" software.

My security strategy began with the standard blacklist approach, AVs, AS, AT etc. It went to the extreme, running multiple apps for each, figuring that malicious code couldn't evade them all. Dragged my system to a crawl with resident apps. I finally concluded that it's impossible to blacklist everything that's undesirable. Started moving to a whitelist approach, both with processes and allowed traffic and content. In early 2006, I stopped using all resident AVs and anti-malware apps. Still have some AV scanners on board for scanning downloaded material, but that's all they're used for. My core security apps haven't changed since then. SSM free, Kerio 2.1.5, Proxomitron. This is the same Win98 box I started with (with a few upgrades) and it's never run better.
Rick

 

For me it all started out in the AOL 4.0 days. My only reason for ever getting onto my PC was to chat with friends and try to hook up with chicks in chat rooms (yeah I know, that's pathetic), but I'm sure the shoe fits for others as well. I cared not about security and didn't know much about it even if I had cared. There's no question my PC had stuff on it, it was often unstable, locked up, and other misc. things that I know know was the result of infections.

As the landscape changed and my knowledge grew, I realized the importance of security. The first security software I purchased was Mcafee Security Suite. I "thought" it was doing a good job of protecting me, it was all I knew at the time and it was popular. It found 6 things on my first scan (and probably missed 10X that amount), and the "active shield" blocked quite a few things while I was... ummm... looking at pictures on sites It was certainly a big step up from nothing.

As I expanded my horizons even more, I began finding out that there were FAR better software security products available. I upgraded to Kaspersky AV and it found a bunch of junk that Mcafee had NO IDEA existed on my PC. I also read up on some "tweak methods", like disabling dangerous system services. Then I got a high speed connection (YAY!) and a router with NAT & SPI capabilities and the rest is history.