opera and firewall

Discussion in 'LnS English Forum' started by Mark Klomp, Sep 7, 2006.

Thread Status:
Not open for further replies.
  1. Mark Klomp

    Mark Klomp Registered Member

    Joined:
    Sep 30, 2005
    Posts:
    61
    Hello,

    Last time I used Opera and I was gone to a warez site. They asked me to firstly press on button 1, then 2 , then 3, and at last the download button to download the file I wanted. Mostly 1 of the 3 button's are links to other sites, they may be advertising. But this time I clicked one button in Opera I got spyware being installed -> SpyQuake2.com. I can't understand this because I thought I would never get spyware thru opera but this time it happened, and it was the first time for me it happend. Now I was wondering if it's a vulnerability in Opera itself, or is this sort of thing just insurmountable for Opera to not let it happen? Or shouldn't it have happened if I was using a firewall like Look 'N' Stop? Can someone tell me if such kinds of attacks can be detected/identified and blocked by Look 'N' Stop Personal Firewall?

    Thanks,
    Mark Klomp
     
  2. kdm31091

    kdm31091 Registered Member

    Joined:
    Jul 18, 2006
    Posts:
    365
    If you click spyware, it will work in any browser. If you manually install something it doesn't matter what browser your in.
     
  3. Climenole

    Climenole Look 'n' Stop Expert

    Joined:
    Jun 3, 2005
    Posts:
    1,640
    Hi Mark Klomp :)

    So you go to a WAREZ site (very good!)
    with Opera , one of the most secure browser
    AND

    They (the nice guy of the warez site) ask you to press 3 buttons
    So YOU press the button because they asked you to do so.
    (Very good!)


    Therefore there is a BUG somewhere and a PATCH to FIX IT!...

    Here's the patch (known as the interNUT patch):

    http://home.comcast.net/~safehex/

    First sentence:

    « Your number one tool for staying safe is your BRAIN »

    Apply that patch now.

    o_O
     
  4. WSFuser

    WSFuser Registered Member

    Joined:
    Oct 7, 2004
    Posts:
    10,632
    like kdm said, if u install the spyware manually, it doesnt matter what browser you use.

    as for firewalls. they cannot stop malware directly; their job is to control (internet/network) traffic. u need an antivirus or other antimalware if u want to detect and remove such virus/spyware.
     
  5. Thomas M

    Thomas M Registered Member

    Joined:
    Jan 12, 2003
    Posts:
    355
    Mark Klomp,

    1.) Did you ACTIVELY install anything? Or did you just click on the download button on the website and *BOOM* immediately got infected?

    2.) Did you use Opera with active Javascript, Java, and Flash ??

    Thomas :)
     
  6. Mark Klomp

    Mark Klomp Registered Member

    Joined:
    Sep 30, 2005
    Posts:
    61
    I think firewalls should be able to detect/identify such trojans/spywares, because I didn't ACTIVELY installed it (didn't download a install.exe to desktop and then install it). I just pressed the Download button in Opera and then it directly installed the spyware. My computer began to show a fake antispyware (which itself is spyware) called SpyQuake2.com and showed I have spyware on my computer and other problems.

    I didn't ACTIVELY installed it (didn't download a install.exe to desktop and then install it). I just pressed the Download button in Opera and then it directly installed the spyware. My computer began to show a fake antispyware (which itself is spyware) called SpyQuake2.com and showed I have spyware on my computer and other problems.

    I used Opera with Javascript and other things enabled (actually Opera when installed enables as a default all those useability enhancing things).

    Can't find the patch on that site anywhere!!! Tell me where to exactly find it or give me the direct download link.
     
    Last edited: Sep 8, 2006
  7. ottoru34

    ottoru34 Registered Member

    Joined:
    Jun 8, 2005
    Posts:
    3
    Hi Mark Klomp --

    People are suggesting you be more careful -- and warez sites are notorious for tricks of the kind you ran into. One thing that could give you useful warnings as you visit sites is McAfee's SiteAdvisor http://www.siteadvisor.com/ . I find it very useful and not very intrusive or resource-hungry.

    Others here can probably also suggest security products beyond your browser & firewall (which can't be expected to do what you're asking). I'm not expert enough to suggest a specific utility.

    Good luck & SAFE SURFING.
     
  8. Climenole

    Climenole Look 'n' Stop Expert

    Joined:
    Jun 3, 2005
    Posts:
    1,640
    Hi Mark Klomp :D

    You are unbelievable ! :eek:

    I say (as joke) :

    I got this answer from you:

    :blink: o_O :cautious: :shifty:


    «Security is not a product, it's a process. » Bruce Schneier
    http://en.wikipedia.org/wiki/Bruce_schneier

    I guess I have to explain you some basics things about computer security and privacy.

    1- First things first: the most important factor in any computer system
    is the user itself...

    2- The "user factor" in security is called "SAFE-HEX";
    this word refer to the behaviour of a user as factor into the security process.

    3- The most important aspect of the SAFE-HEX is the information.

    That's the problem here.

    a) you go to a warez web site.

    Let me inform you that warez sites are one of the best place around the web to be infected with virus, worm, spyware, trojans and others "gifts" comings with the pirated softwares you want to have free...

    b) in this warez site they ask you to click some buttons and YOU click on these buttons...

    Poeple who click on any button in any sites are called interNUTs instead of internauts because they behave as NUT. :cautious:

    c) you expected to be protected against spyware with a firewall !!!

    A firewall is an internet packet filter:
    not an anti-virus,
    not an anti-spyware,
    not a web browser with secured parameters,
    and so on.

    I'm not joking now. Read this please: http://www.claymania.com/safe-hex.html

    --------------------------------------------------------------------------

    Some hints about security and privacy on internet

    1- Keep your operating system up-to-date.
    The O.S. updates fixes bugs including the one related to security issues

    2- You must have an Anti-virus (just one!) updated with the correct settings: resident or "On Access" protection enabled.
    http://www.claymania.com/anti-virus.html

    3- You must have a set of anti-spywares such as:

    Spyware Blaster: (to prevent the installation of spywares)
    http://www.javacoolsoftware.com/spywareblaster.html

    Spyware Guard (for M$ InterNUT Expl'horror)
    http://www.javacoolsoftware.com/spywareguard.html
    To control the startup page of IE in case of you have to used it

    [Update also these ones and use it on regular basis (weekly)]:

    SpyBot Search & Destroy:
    http://www.spybot.info/

    AdAware:
    http://lavasoft.element5.com/

    4- You must have a firewall to filter the in and out packets:
    the firewall must block abnormal or ilegal packets and allow only authorized programs to connect to internet. AND the firewall must give to your PC the status of a stealth PC (your IP address not visible as used IP address)

    Check this there:
    www.grc.com
    look for Shields up test and do it for all service ports (at least...)

    and the leak test there (for advanced user ...)
    http://www.firewallleaktester.com/

    5- You may complete your firewall with integrity protector such as PrevX or System Safety Monitor and so on...

    6- You must used an alternated web browser such as opera (the one you're using) or Firefox (which allow you to have a more configurable security)

    With Ff you may used these extention to increase your security and privacy:

    NoScript ( allow Javascript only on safe site )

    McAfee Site Advisor

    RefControl

    and so on...

    To check the level of security and privacy of your browser pass all these tests:

    Gemal Tests:
    http://gemal.dk/browserspy/

    Levine's Tests:
    http://www.jasons-toolbox.com/BrowserSecurity/

    Scanit tests:
    http://bcheck.scanit.be/bcheck/

    and protect you PC against any access to bad sites with a weel feeded HOSTS file such as the MVPs HOSTS file and may be HostMan to control and update it:

    http://www.mvps.org/winhelp2002/hosts.htm

    and last but not least:

    you have to avoid bad sites such as site for CrackZ, WareZ, and the likes.
    you have to avoid download from unknown sites and that's included programs and Screen Saver... (check screen saver on Google with the extension McAfee SiteAdvisor and you'll see...)
    you must avoid spam by keeping your email address for your contacts and not spreading this address everywhere...

    and so and so...

    Good luck.

    :)
     
  9. Mark Klomp

    Mark Klomp Registered Member

    Joined:
    Sep 30, 2005
    Posts:
    61
    I can't install McAfee's SiteAdvisor for Opera yet.

    Climenole, how can I adjust the settings in Opera about which sites to allow or not to allow? Does Opera have this like Internet Explorer.

    Climenole, you don't get me at this point about the firewall. A firewall should be able to detect such trojan packets. I didn't manually install it. The trojan/spyware got installed when clicking the download button only. I think this is a vulnerability (maybe in Opera) no matter what... it's not normal to have this installed without notice.
     
    Last edited: Sep 8, 2006
  10. Climenole

    Climenole Look 'n' Stop Expert

    Joined:
    Jun 3, 2005
    Posts:
    1,640
    Hi Mark Klomp

    A firewall SHOULD what? o_O No sir. No. :rolleyes:

    A "trojan packet" ?

    This SpyQuake2 does not comes from an internet packet:
    YOU go on the warez site
    AND
    YOU installed it by clicking on the button.

    You download it from a warez site and nobody else.

    YOU are the problem.

    Bye bye.
     
  11. kdm31091

    kdm31091 Registered Member

    Joined:
    Jul 18, 2006
    Posts:
    365
    Just a note: Siteadvisor doesn't currently have Opera support; you need to use it in IE or Firefox.

    I agree with everyone here. How do you think they run spyware tests? THEY MANUALLY INSTALL THE CRAP. It can be done in any browser, regardless of your protection/firewall. If you allow it net access, tell ur antimalwares to ignore it etc, spyware can still get you.

    So just to be clear:
    When someone says a browser is "more secure", they are referring to vulnerabilities, i.e. spyware SNEAKING onto your machine. Opera has less vulneabilities then Internet Explorer, so it's less likely to randomly get spyware using Opera.

    HOWEVER, manual installations are your own fault and no browser or even app can save you from it. If you manually install crap spyware, you might as well not bother using Opera if you're using it for "security".

    Sorry to be harsh.
     
  12. Mark Klomp

    Mark Klomp Registered Member

    Joined:
    Sep 30, 2005
    Posts:
    61
    THANKS

    But then about something other, D-Link’s SECURESPOT Internet Security Adapter (DSD-150)---> http://www.dlink.com/products/?sec=1&pid=486

    Can someone tell about it? Is this useful? Would it have protected me against that spyware, because it detects the spyware, before it get's in your computer?
     
    Last edited: Sep 9, 2006
Thread Status:
Not open for further replies.