ATTENTION: You are viewing a page formatted for mobile devices; to view the full web page, click HERE.

Main Area and Open Discussion > General Software Discussion

windows security - what's really necessary?

<< < (8/10) > >>

Lusher:
[This Just In...] The Storm Worm, latest of the great (overly hyped) interweb deamons...has a few interesting requirements to infect ones machine:
A. Somebody Must open & run (with scissors...) the Attachment!
B. That someone Must also be running with administrative credentials, so ... the bugg will have PeRmiSsiOn ... to install itself as a Windows System Service. (Ding! Ding! Ding! Ding! ...Hello!!!)
C. Be running a web server that is behind on security updates so it can inject itself  into a new distro point.

Q. Which security products would have protected the user from (themselves...) and prevented this little pandemic?
A. None of them.
-Stoic Joker (January 29, 2008, 08:29 PM)
--- End quote ---

While I agree in general that most infections are self-inflicted and/or totally avoidable, I disagree with your answer. If you are talking typical AV/AS product then yes. But if you are using more "advanced" security software like sandboxes, HIPS, "behaviorial anti-malware" etc, you have a far better chance of avoiding this.


The primary objective is to avoid getting infected in the first place. The outbound firewall game is a nothing more than a plan B attempt to save face after Plan A failed.
Common sense and a condom beats the hell out of a lengthy discussion about if we should keep "it".

--- End quote ---

Agreed. The problem here I think is people don't understand in general how they get infected.

I wrote this little piece a while back that might be helpful

However another way of seeing things might be to realize that in essence you get infected because either I) You chose to run the infected content (infecting yourself) , II) you mis-configured software settings so that they automatically run infected content without your consent or III) The infected content ran because of a security exploit in a program you were using.
--- End quote ---

It goes on in length to address each of the 3 scenarios and provides detailed (too detailed) ways to reduce the possibility of each scenario from happening...


Curt:
But you used Windows XP's firewall, didn't you?-Lashiec (February 04, 2008, 08:37 AM)
--- End quote ---

No, I have never tried to use XP's firewall - not even once.

Darwin:
Just to clarify, though, Curt - you disabled the firewall in Windows XP Sp-2 immediately after installation?

Curt:
- yes, Darwin. I disabled XP's firewall right out of the box.

I had (and have) a Outpost Pro license, so I never gave XP's firewall any second thought. When I decided that I also should test firewalls as well as many other kind of programs, I soon came to the conclusion that it was too much trouble for almost nothing, so I stopped using any firewall at all.

Darwin:
Ah... sorry, I just had to ask  :)

Navigation

[0] Message Index

[#] Next page

[*] Previous page

Go to full version