opera and firewall

Hello,

Last time I used Opera and I was gone to a warez site. They asked me to firstly press on button 1, then 2 , then 3, and at last the download button to download the file I wanted. Mostly 1 of the 3 button's are links to other sites, they may be advertising. But this time I clicked one button in Opera I got spyware being installed -> SpyQuake2.com. I can't understand this because I thought I would never get spyware thru opera but this time it happened, and it was the first time for me it happend. Now I was wondering if it's a vulnerability in Opera itself, or is this sort of thing just insurmountable for Opera to not let it happen? Or shouldn't it have happened if I was using a firewall like Look 'N' Stop? Can someone tell me if such kinds of attacks can be detected/identified and blocked by Look 'N' Stop Personal Firewall?

Thanks,
Mark Klomp

 

If you click spyware, it will work in any browser. If you manually install something it doesn't matter what browser your in.

 

Hi Mark Klomp

So you go to a WAREZ site (very good!)
with Opera , one of the most secure browser
AND

They (the nice guy of the warez site) ask you to press 3 buttons
So YOU press the button because they asked you to do so.
(Very good!)

Therefore there is a BUG somewhere and a PATCH to FIX IT!...

Here's the patch (known as the interNUT patch):

http://home.comcast.net/~safehex/

First sentence:

« Your number one tool for staying safe is your BRAIN »

Apply that patch now.

 

like kdm said, if u install the spyware manually, it doesnt matter what browser you use.

as for firewalls. they cannot stop malware directly; their job is to control (internet/network) traffic. u need an antivirus or other antimalware if u want to detect and remove such virus/spyware.

 

Mark Klomp,

1.) Did you ACTIVELY install anything? Or did you just click on the download button on the website and *BOOM* immediately got infected?

2.) Did you use Opera with active Javascript, Java, and Flash ??

Thomas

 

I think firewalls should be able to detect/identify such trojans/spywares, because I didn't ACTIVELY installed it (didn't download a install.exe to desktop and then install it). I just pressed the Download button in Opera and then it directly installed the spyware. My computer began to show a fake antispyware (which itself is spyware) called SpyQuake2.com and showed I have spyware on my computer and other problems.

I didn't ACTIVELY installed it (didn't download a install.exe to desktop and then install it). I just pressed the Download button in Opera and then it directly installed the spyware. My computer began to show a fake antispyware (which itself is spyware) called SpyQuake2.com and showed I have spyware on my computer and other problems.

I used Opera with Javascript and other things enabled (actually Opera when installed enables as a default all those useability enhancing things).

Can't find the patch on that site anywhere!!! Tell me where to exactly find it or give me the direct download link.

 

Hi Mark Klomp --

People are suggesting you be more careful -- and warez sites are notorious for tricks of the kind you ran into. One thing that could give you useful warnings as you visit sites is McAfee's SiteAdvisor http://www.siteadvisor.com/ . I find it very useful and not very intrusive or resource-hungry.

Others here can probably also suggest security products beyond your browser & firewall (which can't be expected to do what you're asking). I'm not expert enough to suggest a specific utility.

Good luck & SAFE SURFING.

 

Hi Mark Klomp

You are unbelievable !

I say (as joke) :

I got this answer from you:

«Security is not a product, it's a process. » Bruce Schneier
http://en.wikipedia.org/wiki/Bruce_schneier

I guess I have to explain you some basics things about computer security and privacy.

1- First things first: the most important factor in any computer system
is the user itself...

2- The "user factor" in security is called "SAFE-HEX";
this word refer to the behaviour of a user as factor into the security process.

3- The most important aspect of the SAFE-HEX is the information.

That's the problem here.

a) you go to a warez web site.

Let me inform you that warez sites are one of the best place around the web to be infected with virus, worm, spyware, trojans and others "gifts" comings with the pirated softwares you want to have free...

b) in this warez site they ask you to click some buttons and YOU click on these buttons...

Poeple who click on any button in any sites are called interNUTs instead of internauts because they behave as NUT.

c) you expected to be protected against spyware with a firewall !!!

A firewall is an internet packet filter:
not an anti-virus,
not an anti-spyware,
not a web browser with secured parameters,
and so on.

I'm not joking now. Read this please: http://www.claymania.com/safe-hex.html

--------------------------------------------------------------------------

Some hints about security and privacy on internet

1- Keep your operating system up-to-date.
The O.S. updates fixes bugs including the one related to security issues

2- You must have an Anti-virus (just one!) updated with the correct settings: resident or "On Access" protection enabled.
http://www.claymania.com/anti-virus.html

3- You must have a set of anti-spywares such as:

Spyware Blaster: (to prevent the installation of spywares)
http://www.javacoolsoftware.com/spywareblaster.html

Spyware Guard (for M$ InterNUT Expl'horror)
http://www.javacoolsoftware.com/spywareguard.html
To control the startup page of IE in case of you have to used it

[Update also these ones and use it on regular basis (weekly)]:

SpyBot Search & Destroy:
http://www.spybot.info/

AdAware:
http://lavasoft.element5.com/

4- You must have a firewall to filter the in and out packets:
the firewall must block abnormal or ilegal packets and allow only authorized programs to connect to internet. AND the firewall must give to your PC the status of a stealth PC (your IP address not visible as used IP address)

Check this there:
www.grc.com
look for Shields up test and do it for all service ports (at least...)

and the leak test there (for advanced user ...)
http://www.firewallleaktester.com/

5- You may complete your firewall with integrity protector such as PrevX or System Safety Monitor and so on...

6- You must used an alternated web browser such as opera (the one you're using) or Firefox (which allow you to have a more configurable security)

With Ff you may used these extention to increase your security and privacy:

NoScript ( allow Javascript only on safe site )

McAfee Site Advisor

RefControl

and so on...

To check the level of security and privacy of your browser pass all these tests:

Gemal Tests:
http://gemal.dk/browserspy/

Levine's Tests:
http://www.jasons-toolbox.com/BrowserSecurity/

Scanit tests:
http://bcheck.scanit.be/bcheck/

and protect you PC against any access to bad sites with a weel feeded HOSTS file such as the MVPs HOSTS file and may be HostMan to control and update it:

http://www.mvps.org/winhelp2002/hosts.htm

and last but not least:

you have to avoid bad sites such as site for CrackZ, WareZ, and the likes.
you have to avoid download from unknown sites and that's included programs and Screen Saver... (check screen saver on Google with the extension McAfee SiteAdvisor and you'll see...)
you must avoid spam by keeping your email address for your contacts and not spreading this address everywhere...

and so and so...

Good luck.

 

I can't install McAfee's SiteAdvisor for Opera yet.

Climenole, how can I adjust the settings in Opera about which sites to allow or not to allow? Does Opera have this like Internet Explorer.

Climenole, you don't get me at this point about the firewall. A firewall should be able to detect such trojan packets. I didn't manually install it. The trojan/spyware got installed when clicking the download button only. I think this is a vulnerability (maybe in Opera) no matter what... it's not normal to have this installed without notice.

 

Hi Mark Klomp

A firewall SHOULD what? No sir. No.

A "trojan packet" ?

This SpyQuake2 does not comes from an internet packet:
YOU go on the warez site
AND
YOU installed it by clicking on the button.

You download it from a warez site and nobody else.

YOU are the problem.

Bye bye.

 

Just a note: Siteadvisor doesn't currently have Opera support; you need to use it in IE or Firefox.

I agree with everyone here. How do you think they run spyware tests? THEY MANUALLY INSTALL THE CRAP. It can be done in any browser, regardless of your protection/firewall. If you allow it net access, tell ur antimalwares to ignore it etc, spyware can still get you.

So just to be clear:
When someone says a browser is "more secure", they are referring to vulnerabilities, i.e. spyware SNEAKING onto your machine. Opera has less vulneabilities then Internet Explorer, so it's less likely to randomly get spyware using Opera.

HOWEVER, manual installations are your own fault and no browser or even app can save you from it. If you manually install crap spyware, you might as well not bother using Opera if you're using it for "security".

Sorry to be harsh.

 

THANKS

But then about something other, D-Link’s SECURESPOT Internet Security Adapter (DSD-150)---> http://www.dlink.com/products/?sec=1&pid=486

Can someone tell about it? Is this useful? Would it have protected me against that spyware, because it detects the spyware, before it get's in your computer?