How do Firewall Alerts to Malware look like?

Discussion in 'other anti-malware software' started by yeow, Feb 12, 2007.

Thread Status:
Not open for further replies.
  1. yeow

    yeow Registered Member

    Joined:
    Dec 11, 2006
    Posts:
    225
    Hi, I'm hoping maybe the experts here could post some screenshots of the various firewall alerts they've come across while testing malware. I've never actually seen a firewall reacting to malware, so I'm hoping to learn if these alerts would be "appear" similar or dis-similar to the ones I'm usually allowing (with Comodo).

    Why I'm asking:
    Well, I'm only regular PC user who knows little about spotting malware or rootkit infections - I mean the more insidious ones - apart from reading about how other people suffer from the obvious PC slowdown, browser hijack, or messed-up icons etc.

    If I suffer the above symptoms, or if my AV/AS tells me I'm infected, I would do a restore of my backup image. But if I don't suffer any symptoms, I'm hoping my firewall (Comodo) would give me some clues IF they call-out. Trouble is, I don't know if I'd recognize them as I've never experienced any before...

    Much thanks to any response,
    yeow
     
  2. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    8,046
    Location:
    The Netherlands
    Well, I suppose they wouldn´t look any different than any other alert that you might receive about non malicious apps, it´s up to you to decide if it´s malicious or not. But keep in mind that more advanced malware can probably easily bypass your firewall. I think if you had a rootkit/malware infection there would be data traffic and HDD activity for no good reason, so you might want to look at this. ;)
     
  3. Osaban

    Osaban Registered Member

    Joined:
    Apr 11, 2005
    Posts:
    4,222
    After a few years of being aware of security risks, I'm still very ignorant about firewalls configurations, but I don't care anymore. As far as I'm concerned a firewall should warn me about applications calling home, and stealth my presence on the internet.

    Most attacks will probably occur by opening mail attachments with spam.
     
  4. yeow

    yeow Registered Member

    Joined:
    Dec 11, 2006
    Posts:
    225
    Thanks Osaban. I did share the same sentiments initially, then I realized:
    1. Even without a software firewall, Shields Up! tests still show Stealth status - due to my home router.
    2. I've been allowing applications to call home since they're all legitimate. Only once or twice I've ever denied call-homes, but only on whims (eventually allowed-always).

    So my sole remaining reason now, of why I put up with the hassle of a software firewall, is that it will be my "last line of defense" against malware call-outs... but I'm realizing may be no defense at all considering my level of competence...:oops:
     
  5. yeow

    yeow Registered Member

    Joined:
    Dec 11, 2006
    Posts:
    225
    Thanks Rasheed187. Ahhh that's what I was afraid to hear, really. So my "last line of defense" really depends on me telling apart firewall alerts from legitimate and malicious apps.

    I'm still hoping that the people at Wilders who test malware can show some screenshots of these alerts (preferably from Comodo fw :) ) with the type of malware calling-out. Will be greatly appreciated.

    Thanks again.
     
Loading...
Thread Status:
Not open for further replies.