I have software, to protect my software, to protect my software,etc.

Have you ever tried doing a thourough root kit scan? do you know how to identify a bot?
Those online scans cant do that either...

 

I have machines with no security software and they're clean.

 

All the power to you

 

It amased me that some teenage boys recently busted here in Holland were in reality '' Administrators '' of a worldwide Botnet with more then 100.000 infected computers,and sure nobody of their victums were aware of they acting like a zombie.

 

Mass arrogance is a reality one can not disregard with impunity!

 

LOL I'm being serious. I can run all the scanners available, rootkit scanners, LiveCD, packet sniffer and they're all say clean. The first layer of security (safe computing) is often enough to say clean.

 

But hi Lucas, Safe computing is anybody's definition,can you explain in more detail what you mean by that ?

 

For me safe computing is:
Not to open attachments in my thunderbird. Dont let javascripts to run on every page I visit (FF and noscript extension), just the few that actually needs them to show the content, and there are not many of them. If I would do cracks I would run them in sandboxie. Those simple rules had kept me from malware for, I dont remember how many years now. At least thats what all the on demand scanners have told me through the years.

 

Right, Safe Computing start in your head,all other things are secundary.

But its my perception that many people think different,let it be,we live in a free world,i am only responsible for my own stuff.

 

See, this is what I'm talking about intelligent layers of security... You did approach each vectors with smarts by using the appropriate counter measure... It obviously works!

 

As sukarof said, safe computing means:
- Having all your software up-to-date.
- Know which sites should/shouldn't be visited. Trusted sites are hacked on a daily basis, but the likelihood of being infected is far far higher if you visit porn/crack/warez/"free" screensavers/skins sites.
- Control the content that a site is allowed to execute (NoScript). This is maybe too much for the average user (IMO) because of a somewhat steep learning curve.
- Known which links should/shouldn't be clicked, specially links attached to mails, weird links in search results and links in social networking sites/instant messengers.
- Don't fall victim of fake scanners ("click here to clean your PC" or "attention, you're at risk") and fake codecs ("install this ActiveX plug-in to see the movie") or fake updates ("install Flash update" or "install Microsoft update")
- Install only trustworthy software from trustworthy sites.
- Don't be fooled by spam.
- Manage attachments carefully.
- Disable Autorun and handle all removable drives as untrusted.

These simple measures will eliminate 99 % of the malware risks. The remaining 1 % (getting a drive-by in a trusted/whitelisted site which got hacked with an 0-day, unknown exploit or a compromised download or a targeted, hand-crafted attack) will be handled by your security setup/software (LUA+SRP, sandbox, etc)

 

Hello,

I agree with shadek, lucas on this one. No magic is needed to stay clean.

trjam, welcome to the world of sanity. We've all been there, for shorter or longer durations. Partly, I think it was the curiosity to test all these new thingies that did not exist in the past. In a way, we were and are pioneers, the first generation of online security users.

Talking about layered approach, common sense - most of it has been extensively covered. lucas pretty much summed it up. Although I'm much lazier than him.

Firewall and Firefox sound obvious to me.

Imaging mainly against trusted apps - believe it or not - otherwise they don't get installed, right? But an image before WU is a must! Or any new game.

LUA, SRP etc - I like them a lot, but am too lazy to bother, since my typicla installations are very permissive - gaming, p2p, OS interoperability and sharing, setting them up from scratch and accounting for a million Windows quirks is simply a no-no.

Managing passive execution is simple if you dumb-down your use of web apps. This means plain text instread of html and such, no external images. And active execution means no clicking on stupid links or chatting with morons in IM ... The same applies to attachments - with emphasis on trusted people. This is the highest danger vector! You won't open warez.exe if you get it from viagra-d0llsdotcom, but you might open family_trip.doc from a colleague at work.

This might not be my most coherent post, but I'm hungry. Off to eat.

Cheers,
Mrk

 

I also agree with sukarof, lucas, and Mrkvonic I follow pretty much the same principles, this past year though we had a fire at our home and three computers had to be replaced.

That forced me to rethink my strategy in so far as software costs, and also made me realize that in 15+ years of using
computers wife only had one infection, me none, and what
was the point of all this security software.

So now we keep it pretty simple but have to admit I still
have one computer kept only for testing whatever new
software catches my eye.

Wake

 

For me it used to be kind of fun trying to stay a step ahead of the bad guys by trying to have the latest mostly free security programs,
but its kind of boring now...It might be interesting if the security apps were able to let me
know that such and such malware was detected on this webpage and blocked
or something like that....

 

Hello. My name is Threedog and I am a security program addict. It all started when I visited this little corner of the net called Wilders.....

 

Funny - it was when I came to Wilders that I started to stop being an addict.
In the 90's I ran the usual Norton, later spybot, spywareblaster....... then avast, and antivir eventually wondering whether not being contaminated was in anyway related to having run these various programs - finally concluding that they had probably provided little if any protection - addiction lost its hold.

 

Pretty much all I ever used before I came here is Nod32 and Boclean and never ran into any problems. But since coming here I have learned about virtualization, LUA and lots of other goodies and have been experimenting ever since. Its more of a hobby than an obsession I guess.

 

It's not an obsession for most who never got hit economically...
I have seen people crying, because I couldn't recover a system who had been encrypted by a hacker called Mze years back... The prick deleted the entire content of the "Finance directory then encrypted the entire hard disk into a single volume... Made the system unstable, when it rebooted it was as an encrypted disk.

All their important stuff was gone permanently, they lost a crap load of now uncorrectable receivables + important contact information... This one was down right dirty, but hey, they didn't need security or backups... so why fork out the $$$ for protection...

There is so many ways in, applications can call home and open the gate, forget AV's, firewalls and routers, all you need is one rogue application with a poison pill and voila... You need my services, unfortunately most of you would have no idea it even happened...

You guy's blabbing, should spend more time reading up on vulnerability advisories, it would open your mind to a whole new world...
Here is a nice place to begin: http://secunia.com/historic_advisories/

 

I think you are underestimating a lot of the people on here Hermes. There are some very sharp cookies on this forum when it comes to malware, etc. And those here who aren't as up on stuff are learning from them. The learning part is the key to it all.

 

I'm only trying to help a bit with the learning part!
And If I may say so, I did learn a bit myself from these forums...

 

And thanks for sharing what you have learned. I've checked out your site. Loads of good, well written info there.

 

Time out - that's cheating. Even a philosophy 101 student knows not to put a false claim in the mouth of the opposition. When did you ever read of anyone saying that BACKUPS were not needed ? If the guy in your example had used Acronis, Paragon, one of the free versions he would not have wasted time trying to fix but simply restored - end of story.


"There is so many ways in, applications can call home and open the gate, forget AV's, firewalls and routers, all you need is one rogue application with a poison pill and voila... You need my services, unfortunately most of you would have no idea it even happened..."

Ok - I'll play along. So I have no idea it even happened ( being so dumb). My programs still load in X seconds, nothing slows down. No body steals my identity, no money leaves my bank or gets spent on my credit card and when I install ANY scanner ( AV, AS, Rootkit) nothing shows up. Yep you got me - I've probably been contaminated all these years and didn't know it ?

Did you read today about the French Oscar winner who says 9/11 didn't happen and that no one landed on the Moon ?

 

You must be one of those "intellectually challenged who challenge things they themselves do no appropriately understand and as such need to be educated... Usually the louder they protest the more they need the help!" according to Hermes...

No doubt people like shadek, lucas, Mrvkonic itself are all intellectually challenged because they are not obsessed and take a cool reflected view of the threats and refused to buy into the panic...

Really, we shoud really all thank god the day, Hermes decided to come here to do "technical welfare" for us poor delued solutions who aren't panicked about getting infected...

 

And you think being obsessed is a good thing? Moderation in all things my friend.

And have you seen people who crash their whole systems because they get obsessed with the "one more security program" idea?

Wow, we all need your services, but we have no idea yet?

I guess spreading FUD to drum up business for yourself is your agenda...

Wow, we don't know such a site exists... let me bow down to your awesome knowledge...

 

Folks,

Let's keep the discussion focused on the topic, not the participants.

Regards,

Blue