That's interesting but my firewall and antivirus sotware seem to be working properly. I just updated the virus definitions a while ago.
Posted on 2003-11-29 03:04:45 by Odyssey
Hi Odyssey,

That answered the question that I was going to ask you. I am very paranoid about antivirus updates. Anyone with broadband access absolutely must patch and update regularly their OS (yes linux too), their firewall and antivirus programs/products. I don't have broadband right now, but I remember being flooded with netsends and the Gibe series, SQL Slammer, et al when I did have broadband.

Most of us are aware that any executable can be hijacked. Parasites live by hijacking functioning systems. There will always be parasites, RW or cyberspace; so be vigilant and keep your defenses up. Oh yes, there will always be trade-offs. The greater the functionality, the greater risk of parasitization; and the more successful you are (RW or cyber), the juicier the target you are for the parasites.

Charles
Posted on 2003-11-29 14:51:52 by cdquarles
Funny thing that, at the time I was infected, I was running Norton 2003 with full updates - Norton continued to run, and continued to update, but nonetheless, it was dirty, and it had become the infecting agent !! More to the point, I was not alerted in any way that it was not actually effective anymore, it seemed fine, and it was only due to the outgoing emails FROM MY IP which alerted me to the fact that I was dirtier than a street sewer in Malaysia. Later, when I reverse engineered the trojan cum virus cum worm, I found it targetted over a dozen popular and current firewalls and antivirii. Have a nice day :) (No offence meant to Malaysians who happen to be proud of their waste was intended...)
ps - these days, I don't take anything for granted.. I could recommend a number of products like anyone else, but they're probably already vuln too by the time you read this !!
Posted on 2003-11-30 01:37:24 by Homer
Hi EvilHomer2k,

Wow, that's very interesting, very interesting indeed. I hang out in the security groups too, and if there is anything that says use more than one firewall & antivirus, it's this!

I was offline for about six weeks, so I might have missed that one.

Thanks for the heads up,

Charles
Posted on 2003-11-30 21:31:18 by cdquarles
I have never used a anti-virus program - waste of time.
Spend your time backing up anything you value.
Posted on 2003-11-30 22:02:04 by bitRAKE
Waste of time? Why? They may not work all the time but most of the time or sometimes so they are still useful IMO.
Posted on 2003-12-01 04:28:23 by Odyssey
Odyssey, it is relitive to the user. I use the computer rather defensively. No chance of an email attachment containing a virus because I don't run any code I get by email - unless I know what it is (ie have the source code, or run the code in a debugger). Additionally, I don't install that much on my development machine beyond what is needed. Basically, not using a virus program fits with my usage pattern - YMMV. How many virii has your anti-virus program stopped and what were the sources of those virii?
Posted on 2003-12-01 19:48:14 by bitRAKE
I have a very similar approach to Rickey here, AV scanners are a pain for enough other reasons so I don't use them. With a firewall, I always start it manually so I can see if its running correctly so even if some crappy worm is programmed to prevent it from starting, I will catch it at startup.

NEVER NEVER run anything that you don't know what it is and then be careful. Configure your email so that NOTHING runs automatically, it may prevent that comfortable incestual feeling of automatic interconnectivity but it save you a rebuild when you don't need to do it.

If you have a spare box, set it up for the internet and keep your main development box well away from the internet. My approach is to use an ethernet hub to transfer data to my development box which is not connected in any other way and it is simply impossible to get anything to it with the hub turned off or the development box not running.

If all else fails, make sure you partition the box so that you can park a ghost image of the boot drive on the tail partition. Instead of rebuilding the OS after its been trashed, just overwrite your boot partition which takes about 5 minutes normally.

This is how I set up boxes for other people and it has come back to me enough times where the rebuild was a 5 minute job by phone, not an OS rebuild.

Regards,
http://www.asmcommunity.net/board/cryptmail.php?tauntspiders=in.your.face@nomail.for.you&id=2f46ed9f24413347f14439b64bdc03fd
Posted on 2003-12-01 23:50:57 by hutch--

I have never used a anti-virus program - waste of time.
Spend your time backing up anything you value.


I was mail admin before, means i got all our companies mails forwareded from the server to my desktop pc.
If i think back not having Norton i had to reinstall my OS 2 or 3 times a day. I even got virii from our own company ;)
Once i had a worm in a *.zipfile, while unzipping it installed itself (in the background): and ran: but Norton popped up and saved my day!!!
You can even get virii & co from websites bitrake, one wrong click and your pc is doing stuff in the background you will never
notice.

regards

Ranma
This message was written entirely in my Messageboard Editor v4.0
Posted on 2003-12-02 01:21:04 by Ranma_at
Do not use IE and switch off ActiveX.
Posted on 2003-12-02 02:03:30 by roticv
nod32 (www.nod32.com) is one of the best av progs ever. i never had any real
trouble with virii in my entire live btw (well okay, my mail inbox is full of that crap)
- i don't trust mail scanning anyway
Posted on 2003-12-03 11:00:06 by mob