What is your security rationale? Questionnaire inside!!

Discussion in 'other security issues & news' started by Mrkvonic, Dec 26, 2005.

Thread Status:
Not open for further replies.
  1. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    10,277
    Hello,
    Let's see how you guys think. I've made a little questionnaire, so if you don't mind please answer it. And then, we might discuss these choice - and to what they might lead.

    Question 1:
    You are looking for a picture of Angelina Jolie. In Google, you type her name, then hit the images tab and start opening images in new tabs (using FF). While opening one of the pages, you are prompted to download an shtml file. What will you do:

    A. Click cancel and continue working normally.
    B. Click yes and let the file download; then examine the file with anti-virus and anti-spyware and finally execute the file.
    C. Click cancel, close the browser and start afresh.
    D. Click cancel, close the browser, open it, clear the cache, and start afresh.
    E. Click cancel, clear the cache, and run anti-spyware software.

    Question 2:
    You are browsing a site. Suddenly, you see the coffee icon of the Sun Java opening in your systray and you see the HDD lamp lighting on and off more than usual. And you see an applet is started in your page. What will you do:

    A. Ignore and continue working.
    B. Close the page immediately.
    C. Close the page and clear the browser and java caches.
    D. Close the page, clear the caches and run anti-spyware software.

    Question 3:
    You boot into Windows. You get a popup alert that main.hta cannot be opened. What will you do?

    A. Ignore it; it's my HP boot splash screen not working due to HTAStop.
    B. Be confused but continue working normally; I don't know why it doesn't work.
    C. Reboot again to see if the problem occurs; if it doesn't ignore it; if it does, start scanning with anti-spyware.
    D. Perform multiple scans with anti-malware tools to try to find the culprit; if it doesn't help, use HJT to kill dangerous BHOs and such.
    E. Reformat the computer.

    Question 4:
    All of a sudden, you see a wowexec.exe process running in your Task Manager. What will you do?

    A. Ignore it; who cares?
    B. Google out for this process and try to figure what it is.
    C. I know what it is and why it's running; no extra effort needed.
    D. Kill the task and reboot; if it reoccurs, sweep with anti-whatnot scanners.
    E. Perform multiple scans with anti-spywares and if it doesn't help, reformat.

    Question 5:
    How do you react to results found by Sysinternals RootkitRevealer?

    A. Ignore them.
    B. Google out for entries, trying to figure it out; fear of being rooted or keylogged is moderate; will probably install more software.
    C. If anything is found, start multiple scans with anti-malware software; fear of being rooted or keylogged is high; will definitely install more software.
    D. If anything is found, try to fix the problem by copying / deleting dlls; you're somewhat afraid, but you think you can fix the problem on your own.
    E. If anything is found, reformat.

    Question 6:
    If you use HJT and you see a new BHO in the O2 list - something like {4A2243E....}. What will you do?

    A. I know why it's there.
    B. Google for this thingie; try to figure why it's there; how the hell did it get there?
    C. Start scanning with a variety of anti-spyware tools to try to decide if this is a culprit.
    D. Go to registry and tamper with the key / values to see what happens.
    E. Remove the BHO using HJT; with backup, of course.
    F. Format the system.

    Question 7:
    What does 'copy con' mean to you? Do not google for answers!

    A. Something I used to use in my past (ah nostalgia...).
    B. I still use it occasionally.
    C. It's a DOS command for creating files.
    D. What is DOS?
    E. I don't know.

    Question 8:
    Someone on Wilders recommended a software you might like. What will you do:

    A. If it's a regular poster +, download the software and use it.
    B. If it's a new poster, disregard the advice or maybe download the files and scan them a lot before putting them to any use.
    C. Regardless of the posting, check other sources for cross-information.
    D. I never download any software except what I know I trust.

    Question 9:
    Your computer somehow got hit by a nasty-class malware. What will you do:

    A. Clean the crap using a plethora of tools.
    B. Reimage the drive using my regular backups.
    C. Reboot out of Shadow mode.
    D. Ask for help in anti-malware forums, hoping to preserve the system.
    E. Save personal information and reformat; it's that time of the year!
    F. Ignore the symptoms and ditch the machine when it becomes unbootable.

    Question 10:
    You want to watch a movie, but your player informs you that you lack the necessary codecs. What will you do:

    A. Try different players to try to solve the problem.
    B. Use SDK pack; it's all I'll ever need.
    C. Use K-Lite pack; it's all I'll ever need.
    D. Download free codecs from the internet and see what works.
    E. Ask for advice on good codecs here at Wilders.
    F. Nothing; I'll never see that movie unless I download a fresh copy.

    Question 11:
    In your opinion, what are restriction policies?

    A. A useful tool for making my computer safer.
    B. A dangerous tool that can render your machine inoperable; it's better to use accounts rather than edit the policies themselves.
    C. I heard about those, but I don't know / want to edit them; it's better to use pay HIPS.
    D. It's for networks mainly; not relevant for home users.
    E. What are they?

    Question 12:
    How will you open a .cab file extension?

    A. Use notepad / wordpad.
    B. Built-in Windows ZIP utility.
    C. A third-party ZIP utility.
    D. Those are mainly system files; better not to touch.
    E. I have no idea.

    Question 13:
    When you hear the word Linux, what's the first thing that comes to mind?

    A. Safety, reliability, efficiency.
    B. Safety and reliability on the expanse of horrible user interface.
    C. An alternative to Windows with good capabilities but no uniform formula, too many distros, too complex help files, not good for average users.
    D. Linux sucks.
    E. Nothing.

    Question 14:
    Will you ever consider flashing your BIOS / overclocking?

    A. I'm Mr. Tweak; that's my thing!
    B. I overclock, because I want my games to run faster, but I don't flash my BIOS; I know some very good tweaking guides.
    C. It's better not to touch those.
    D. Ask here for advice.
    E. What are those?

    Question 15:
    How many of these words mean anything to you - FPGA, CMOS, EPROM, ATTRIB, HANDLE, CLS, LPT, RS232, GPIB, MBR.

    A. Hey noob, you forgot COM!
    B. 7-10.
    C. 3-7.
    D. 1-3.
    E. 0.
    F. -1.

    Question 16:
    Will you ever download a Forceware driver to update your graphic card?

    A. I'll write my own drivers, thankyouverymuch.
    B. Sure, I need all the FPS I can get.
    C. I will try them, but I'll do system restore first.
    D. I'll stick to official drivers only.
    E. What's a graphic card?

    Question 17:
    Did you enjoy this questionnaire?

    A. Yes.
    B. No.
    C. Somewhat.
    D. What does each option mean?
    E. I have no opinion.

    Thank you all.
    Now, let's see what each of you answered.
    Please post your answers and then try to explain them. Why? WHY? I will post my own conclusions later, and will try to justify what I wrote, and how I perceive things.

    Thank you.

    Mrk
     
  2. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    10,277
    Oh, yes!
    Merry Christmas and happy holidays to everyone!
    And happy new year!
    Mrk
     
  3. betauser

    betauser Guest

    1 - A (answer applies to any picture, AJ's irrelevent)
    2 - B (it's the reason I have PG - so no scans required)
    3 - C (reboot again yes, nut will google first before running any scans, I'm not PARANOID)
    4 - B (will act upon the info I find)
    5 - B (trying to figure it out - making sure it's not an FP)
    6 - B (the reason why I have Anti Spyware soft. i.e MSAS, Spy Sweeper, etc)
    7 - E
    8 - C (cross reference as there maybe more SUITABLE alternative(s) (note I didn't say BETTER), atleast go to the homepage)
    9 - E (NASTY malware (only) - backup and reformat don't find it difficult)
    10 - C (If I can't play it with K-Lite pack, then I won't bother)
    11 - E
    12 - C (I leave these alone, usually required for installing software)
    13 - C (yes, yes, no idea - I have no reason to switch)
    14 - C (No reason to overclock wouldn't do it - Never touched BIOS again no reason to)
    15 - E
    16 - D
    17 - C

    Have a great New Year everybody - don't do anything that you may regret (not just with your PC)

    bu2
     
  4. sukarof

    sukarof Registered Member

    Joined:
    Jun 22, 2004
    Posts:
    1,887
    Location:
    Stockholm Sweden
    Question 1:
    You are looking for a picture of Angelina Jolie. In Google, you type her name, then hit the images tab and start opening images in new tabs (using FF). While opening one of the pages, you are prompted to download an shtml file. What will you do:
    C. Click cancel, close the browser and start afresh. I never download anything unless I requested for a download

    Question 2:
    You are browsing a site. Suddenly, you see the coffee icon of the Sun Java opening in your systray and you see the HDD lamp lighting on and off more than usual. And you see an applet is started in your page. What will you do:

    If I would have java activated in Firefox I guess I would:
    D. Close the page, clear the caches and run anti-spyware software.

    Question 3:
    You boot into Windows. You get a popup alert that main.hta cannot be opened. What will you do?

    Isnt this a IE "feature"?
    If I would use IE:

    D. Perform multiple scans with anti-malware tools to try to find the culprit; if it doesn't help, use HJT to kill dangerous BHOs and such.

    Question 4:
    All of a sudden, you see a wowexec.exe process running in your Task Manager. What will you do?

    C. I know what it is and why it's running; no extra effort needed.


    Question 5:
    How do you react to results found by Sysinternals RootkitRevealer?

    If the RK gets past my HIPS:
    E. If anything is found, reformat.

    Question 6:
    If you use HJT and you see a new BHO in the O2 list - something like {4A2243E....}. What will you do?

    Well, still use FF, but if I wouldnt:
    A. I know why it's there.

    Question 7:
    What does 'copy con' mean to you? Do not google for answers!

    E. I don't know. (without googling :) )

    Question 8:
    Someone on Wilders recommended a software you might like. What will you do:

    C. Regardless of the posting, check other sources for cross-information.


    Question 9:
    Your computer somehow got hit by a nasty-class malware. What will you do:

    C. Reboot out of Shadow mode. Using Firstdefence

    Question 10:
    You want to watch a movie, but your player informs you that you lack the necessary codecs. What will you do:

    C. Use K-Lite pack; it's all I'll ever need.

    Question 11:
    In your opinion, what are restriction policies?

    C. I heard about those, but I don't know / want to edit them; it's better to use pay HIPS.

    Question 12:
    How will you open a .cab file extension?

    C. A third-party ZIP utility.

    Question 13:
    When you hear the word Linux, what's the first thing that comes to mind?

    The first thing that comes to mind is loud fanatic users, but after that:

    C. An alternative to Windows with good capabilities but no uniform formula, too many distros, too complex help


    Question 14:
    Will you ever consider flashing your BIOS / overclocking?

    A. I'm Mr. Tweak; that's my thing!

    Question 15:
    How many of these words mean anything to you - FPGA, CMOS, EPROM, ATTRIB, HANDLE, CLS, LPT, RS232, GPIB, MBR.

    C. 3-7.

    Question 16:
    Will you ever download a Forceware driver to update your graphic card?

    C. I will try them, but I'll do system restore first. Well sort of, If it goes wrong I´ll boot back to a working snapshot in Firsdefence

    Question 17:
    Did you enjoy this questionnaire?

    A. Yes of course, I wouldnt have bothered otherwise :)
     
  5. Rmus

    Rmus Exploit Analyst

    Joined:
    Mar 16, 2005
    Posts:
    4,020
    Location:
    California
    Question 1:
    You are looking for a picture of Angelina Jolie. In Google, you type her name, then hit the images tab and start opening images in new tabs (using FF). While opening one of the pages, you are prompted to download an shtml file. What will you do:

    B. Click yes and let the file download; Then, execute the file and watch what happens. If it’s a nasty, Anti-Executable will alert. Then, depending on what the file is, permit to execute and watch, take screen shots: attempts to connect outbound, etc. Scan the file at Jotti site. If interesting, add to malware test collection. Reboot to previous state with Deep Freeze.

    Question 2:
    You are browsing a site. Suddenly, you see the coffee icon of the Sun Java opening in your systray and you see the HDD lamp lighting on and off more than usual. And you see an applet is started in your page. What will you do:

    A. Ignore and continue working. Same as #1

    Question 3:
    You boot into Windows. You get a popup alert that main.hta cannot be opened. What will you do?
    I think this pertains to IE. I have the default action for that file type as Edit so it opens in Notepad.

    Question 4:
    All of a sudden, you see a wowexec.exe process running in your Task Manager. What will you do?

    C. I know what it is and why it's running; no extra effort needed.

    Question 5:
    How do you react to results found by Sysinternals RootkitRevealer?

    E. If anything is found, reformat. I’ve never used it, but my rule has always been that if ever any malware is discovered as installed, I would reformat/re-image. (fortunately, never has happened yet)

    Question 6:
    If you use HJT and you see a new BHO in the O2 list - something like {4A2243E....}. What will you do?

    I don’t know what HJT is. (OK - I searched and see it’s a hijack log, which I’ve never used)

    Question 7:
    What does 'copy con' mean to you? Do not google for answers!

    C. It's a DOS command for creating files. Still use from time to time

    Question 8:
    Someone on Wilders recommended a software you might like. What will you do:

    C. Regardless of the posting, check other sources for cross-information.

    Question 9:
    Your computer somehow got hit by a nasty-class malware. What will you do:

    C. Reboot out of Shadow mode. (Deep Freeze)

    Question 10:
    You want to watch a movie, but your player informs you that you lack the necessary codecs. What will you do:

    I don’t watch movies on the computer

    Question 11:
    In your opinion, what are restriction policies?

    A. A useful tool for making my computer safer. If you mean Software Restriction Polices that came with XP - they have great potential, but as SpikeyB is discovering, somewhat difficult to implement if used as an alternative to other intrusion protection

    Question 12:
    How will you open a .cab file extension?

    C. A third-party ZIP utility.

    Question 13:
    When you hear the word Linux, what's the first thing that comes to mind?

    C. An alternative to Windows with good capabilities -- Have to stop here because I’m not familiar enough to comment on the rest of the answer.

    Question 14:
    Will you ever consider flashing your BIOS / overclocking?

    No answers apply - I wouldn’t myself but would not say it’s not good advice

    Question 15:
    How many of these words mean anything to you - FPGA, CMOS, EPROM, ATTRIB, HANDLE, CLS, LPT, RS232, GPIB, MBR.

    B. 7-10.

    Question 16:
    Will you ever download a Forceware driver to update your graphic card?

    D. I'll stick to official drivers only.

    Question 17:
    Did you enjoy this questionnaire?

    A. Yes. an Other answer would be useful

    regards,

    -rich
    ________________
    ~~Be ALERT!!! ~~
     
  6. SpikeyB

    SpikeyB Registered Member

    Joined:
    Mar 20, 2005
    Posts:
    479
    Question 1:
    You are looking for a picture of Angelina Jolie. In Google, you type her name, then hit the images tab and start opening images in new tabs (using FF). While opening one of the pages, you are prompted to download an shtml file. What will you do:

    C. Click cancel, close the browser and start afresh (and a quick check of my event viewer).

    Question 2:
    You are browsing a site. Suddenly, you see the coffee icon of the Sun Java opening in your systray and you see the HDD lamp lighting on and off more than usual. And you see an applet is started in your page. What will you do:

    C. Close the page and clear the browser and java caches (and a quick check of my event viewer).

    Question 3:
    You boot into Windows. You get a popup alert that main.hta cannot be opened. What will you do?

    F. Think how the hell did that happen, I'm running Deep Freeze.

    Question 4:
    All of a sudden, you see a wowexec.exe process running in your Task Manager. What will you do?

    C. I know what it is and why it's running; no extra effort needed.

    Question 5:
    How do you react to results found by Sysinternals RootkitRevealer?

    F. Just google to find more information.

    Question 6:
    If you use HJT and you see a new BHO in the O2 list - something like {4A2243E....}. What will you do?

    B. Google for this thingie; try to figure why it's there; how the hell did it get there?
    Then if required
    E. Remove the BHO using HJT; with backup, of course.


    Question 7:
    What does 'copy con' mean to you? Do not google for answers!

    E. I don't know.

    Question 8:
    Someone on Wilders recommended a software you might like. What will you do:

    A. If it's a regular poster +, download the software and use it. If it seems OK, then reinstall with Deep Freeze thawed.

    Question 9:
    Your computer somehow got hit by a nasty-class malware. What will you do:

    Think how the hell did that get past my Software Restriction Policy and Deep Freeze, then
    A. Clean the crap using a plethora of tools.


    Question 10:
    You want to watch a movie, but your player informs you that you lack the necessary codecs. What will you do:

    D. Download free codecs from the internet and see what works.

    Question 11:
    In your opinion, what are restriction policies?

    A. A useful tool for making my computer safer.

    Question 12:
    How will you open a .cab file extension?

    E. I have no idea.

    Question 13:
    When you hear the word Linux, what's the first thing that comes to mind?

    C. An alternative to Windows with good capabilities but no uniform formula, too many distros, too complex help files, not good for average users.

    Question 14:
    Will you ever consider flashing your BIOS / overclocking?

    C. It's better not to touch those.

    Question 15:
    How many of these words mean anything to you - FPGA, CMOS, EPROM, ATTRIB, HANDLE, CLS, LPT, RS232, GPIB, MBR.

    B. 7-10.

    Question 16:
    Will you ever download a Forceware driver to update your graphic card?

    F. What's a Forceware driver?

    Question 17:
    Did you enjoy this questionnaire?

    B. No. But I am very interested in your analysis and conclusions when you have enough completed.
     
  7. squash

    squash Registered Member

    Joined:
    Mar 25, 2005
    Posts:
    313
    1. A (I do this for any pic)
    2. B (I know that Java is risky, and why would I want to start Java if I don't need it!?)
    3. C (main.hta could be part of the operating system, since Windows components such as system restore requires HTA)
    4. C (I've seen wowexec.exe heaps of times, I googled it, and it's harmless)
    5. B (Google will save me, no need to waste my time and download security stuff until I know what it is, thus saving me time)
    6. B
    7. E (what?!)
    8. C (I never trust anyone except my own instincts with the help of Google)
    9. B (Saves time, lots of time, however format is the best answer but not easy)
    10. C (I use RealAlternative and QuickTimeAlternative, no need to download other codecs, if it complains for more codecs, I just ignore viewing the movie)
    11. D (Mainly for home computers, home computers problem is to combat malware with at elast restrictions as possible on everyday use)
    12. C (A cab is a compressed thing by Microsoft, so I just rename to .zip and open it with 7-Zip or something)
    13. A (My other computer has Linux, nothing is safe, but this is good enough)
    14. C (Who needs to flash your BIOS or your CPU, stability is more important then performance! This is not a testbed machine for gaming!)
    15. D (CMOS, ATTRIB and MBR make sense)
    16. D (Official is usually the most stable and best)
    17. A (Yeah, I hope you make another one!)
     
  8. WSFuser

    WSFuser Registered Member

    Joined:
    Oct 7, 2004
    Posts:
    10,639
    1 A - im lazy
    2 A - im lazy
    3 B - im lazy
    4 A - ive seen it before, dont rele care; what does it do tho?
    5 B - ill first make sure its a threat, then foramt
    6 B - just a BHO. ill research it and remove if necessary
    7 C - educated guess
    8 C - i let other ppl try software first, 'less im rele curious
    9 A - ill do my best to clean it, if problem arise then ill format
    10 A - i doubt theres a movie CCCP (see sig) couldnt handle
    11 A - educated guess
    12 C - cab = archive; open with 7-zip
    13 C - very secure but im too lazy to learn *unix
    14 A - always check teh ASUS website for latest BIOS. my mobo came with version 1001 > now at 1016. athlon 64 3200 (2.0ghz overclocked to 2.5ghz)
    15 C - some seem familiar
    16 B - i have a slow 6600gt, i need to squeeze every single FPS i can
    17 A - quizzes are always fun, except at school
     
  9. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    As a ShadowUserUser :
    01. B
    02. A
    03. A
    04. A
    05. A
    06. - Ignore it
    07. E
    08. B
    09. C
    10. F
    11. E
    12. C
    13. C
    14. E
    15. C
    16. D
    17. E
     
  10. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    10,277
    Hi,
    Here's the analysis you all so eagerly waited for:

    What did each question mean?

    P.S. All these answers are a reflection of my own ideas and opinions. Do not treat them too harshly. But they might give you AN indication where you stand in the e-world.

    Mostly A - You're the man
    Mostly B/C - You're an average + user, cautious and a bit afraid
    Mostly D - You need to learn more about computers to feel comfortable
    Mostly E/F - You're a danger to society

    Detailed answers:

    Question 1-4
    How much do you fear the unknown, sudden and unexpected?
    A - Either very confident or ignorant
    B-D - Cautious at varying levels
    E - Paranoid

    Question 2-4
    How much do you fear the unknown, sudden and unexpected?
    A - Either very confident or ignorant
    B-D - Cautious at varying levels
    D-E - Paranoid

    Question 5
    How much do you fear the unknown, sudden and unexpected?
    A - Either very confident or ignorant
    B-C - Cautious at varying levels
    D - Very afraid and might lash out in fear (disregarding reason and consequences)
    E - Paranoid

    Question 6
    How much do you fear the unknown, sudden and unexpected?
    A - Either very confident or ignorant
    B-C - Cautious at varying levels
    D -E - Very afraid and might lash out in fear (disregarding reason and consequences)
    F - Paranoid

    Question 7
    How friendly do you perceive computers?
    A-B - You get along very well
    C - It's a tool but you're not someone to turn the screws too much
    D-E Scripts and deep-down word with bytes is not for you

    Question 8
    How cautious and trusting you are?
    A-B - You will download an occasional malware in your escapades
    C - Careful
    D - Wise or paranoid

    Question 9
    How do you deal with cacky?
    A, B, D - Try to salvagew the sinking ship
    C - You live by prevention
    E - High confidence in your abilities to solve problems
    F - You disregard the reality and live in blissful ignorance

    Question 10
    How greedy are you?
    A, E - Cautious
    B, C - Knowledgeable
    D - Ignorant; you won't mind downloading some malware once in a while
    F - Paranoid

    Question 11
    How friendly are you with the Windows?
    A - You surely know what you do
    B-C - You know your stuff but you do not master the beast
    D - You might gain more knowledge if you invested more in learning
    E - You should not tweak your computer too much

    Question 12
    How friendly are you with the Windows - Part 2?
    A-C - You know your stuff but you do not master the beast
    D - You might gain more knowledge if you invested more in learning
    E - You should not tweak your computer too much

    Question 13
    How open to changes are you?
    A - Very much so
    B-C Moderately
    D-E - You do not like changes

    Question 14, 16
    How much risk are you willing to take?
    A - All the way
    B - You will risk everything for pleasure
    C-D - Cautious
    E - Do not ever flash your BIOS!

    Question 15
    How technical you are about software / hardware?
    A-B - Very much
    C-D - So so
    E-F - Not very much

    Question 17
    Who are you?
    A - You're wise
    B - You're evil
    C-D - You're confused
    E - You're ErikAlbert

    Enjoy
    Mrk
     
  11. SpikeyB

    SpikeyB Registered Member

    Joined:
    Mar 20, 2005
    Posts:
    479
    Nice one Mrkvonic

    My answers are all over the place and I'm evil. Sounds just like me.
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.