I would say that dumping IE and using Firefox instead is (or, maybe, was prior to IE7) almost as important as firewall/antiviral/patches.
Just searched this thread for Firefox, and it seems it was not mentioned.
Again, if you use your machine wisely and don't click on suspect links, or popup windows with free-something offers you are mostly safe.
Again, from TFA
This is for an unpatched machine, NO user interaction required.
A belated thanks from this Mac user
From the ensuing discussion it was plain to me that while XP SP2 and later may be safe, but there are probably an awful lot of folks out there with pre-SP2 CDs. You can guarantee that most home users won't want to shell out for the latest CD if they don't have to, hence the problem still exists.
You may ask how this is relevant to Mac users, but for a while I have been fancying doing a fresh installation (to clean up 6 years of accumulated crud), and the issue of putting an out of date system onto the net is just as valid for us non-Windows users.
So what I did was to download the updates required, then pull the ethernet cable before doing the fresh installation from DVD. I only put the cable back once I was satisfied that I wasn't exposing a non fully patched system to the 'net.
As a side note, while I had expected to see the router lights flashing occasionally even though no computer was connected, that 4 minutes before "something" tries to get through looks optimistic.
Exactly we are lucky these days to have Linux and Mac, so no-one is stuck to windows if they choose not to be. Long may it remain so.
Its very easy to do this with a Windows too... Doesn't matter if you have old discs... you can still do a fresh install and get your computer protected without having to go online.
I use my PC for all those things that MAC owners say their MACS do better. I still end up having to troubleshoot MACS for some people I know that use them at work and I personally find the Windows environment more customisable to my needs. I hate this my MAC is safer bull, because if you are sensible with a PC its just as safe. MACS need patches just as much as PC's, more and more they are requiring virus scanning software too, there is now spyware on MACS and so on. Granted, MACS are probably affected less then Windows machines by this, but even if I used a MAC i'd still take the same precautions I do with my Windows computer.
It doesn't matter what you use, your better off having antivirus and antispyware software installed... Better off not using internet explorer and better off using some care of what you click on.
Lets face it a computer is a tool, thats all. When it comes down to which is better/safer etc its swings and roundabouts, and anyway who gos around going my tool is better then yours?
Thanks Eire, you raise some valid points there. These especially, Of course any system has to be up to date with respect to security, firewall etc. That at least gives a fair amount of protection but then "taking care of what one clicks on" - is equally important.
I think this whole thing is platform agnostic. I do believe that Linux and Mac are more secure than any version of windows - but then "taking care of what one clicks on" - applies to these other O/S.
In over 10 years of using the internet I have nothing but problems with antivirus and firewall software and have basically given up on them long ago.
I have a 56k modem and frequent updating is simply not an option. (no, I don't need anything faster)
However, I assume whenever unsolicited communication over the web is initiated, the lamps on my modem should blink?
I ask the experts, how can I get a virus/trojan pushed onto my machine by just being connected?
In the same sentence where you say you don't need anything faster, you just gave the reason why you do!!!
Your speed could also be the problem you are having with the antivirus software if it can't update regularly. The risks change daily, so must the protection!
Oh and stay away from the big commercial AV programmes like Norton, they clog up your system like nobodies business. Getting rid of Norton was the single best thing I did for my system. I use AVG and find it much better (and free!), but there are many other AV software that do the job without trashing your system.
Could not agree more with this. It is the first step when buying a new Windows machine, get rid of that Norton crap. It slows the machine down beyond belief, AVG or CLAM-AV.
Also be aware that there are some booby-trapped websites that you only have to surf to, in order to have a trojan downloaded onto your system unknown to you. Don't ask me the mechanics of that I do not know how that is done, but would like to know.
Be also aware it is possible to have a virus in an email, which infects your address book, and then every mail you send out as a virus, also with no knowledge of it from your side. I had that once. The ISP rang me, and told me, that all mails were being sent out with a virus! That was a shock to me.
Readers of this thread should be aware that this is NOT good advice (to put it mildly)...
That's a circular argument.
If I have a fast connection, viruses speed onto my machine in the blink of an eye. (With a modem connection, I can see that something is up. I have cleaned up zombied machines in the past - none of them mine.)
I therefore need a fast connection to constantly download updates. No thanks. Besides, I think I already have all the updates there ever will be for WinME.
No, the problem I had was that the trial period had expired after one year and they wanted money. So I clicked on unistall. To uninstall, I was informed I need to log in. When I tried to log I was informed the one year trial period had expired and I had to re-register, and for that they wanted money. This was NAV.
There are viruses that do the same thing.
I tried removing NAV manually, but it had threaded itself into almost every corner of the machine.
I reinstalled and removed NAV immediately.
How are normal people supposed to be able to judge what AV progs are good? I am a developer of over 20 year's experience, and I sure don't know. I often ask myself how are mere mortals are ever supposed to use PCs.
Only through friends advice, what they can glean by themselves googling and by not accepting what is slapped on the damn machines in shops. Norton is the worst offender and is a pig to get rid of completely. I have removed in on 4 separate machines and each time it was a pig to get rid of, but the proof is in the eating. I installed CLAM-AV on 3 and AVG on the other, and as far I know, as I have not had any further support calls, those machines are now running much quicker and the people who bought the machines are happier now with their purchase than they were with the bog standard crap installs.
That in any case. Keep away from sites you don't know or might be suspect. An e-mail with a link to somewhere you do not know should not be followed.
It may have been incomplete, but still good advice.
Ignoring java, javascript and ActiveX (wonderful invention! - not) holes, there is also a weakness in pictures because the image display code in IE had until recently no run length check.
But again, normal websites are unlikely to have these (not impossible, tho!) I run with java and activex off, and in Firefox I have a tool that allows me to activate javascript on demand.
If you use a browser based mail (hotmail et al), you have a free virus filter service and should be OK. The virus you had must have been an attachment.
Incidentally, I have long ago solved my internet issues by getting a cheap, small, cube shaped PC with a 15" screen and an old 8 GB drive. This PC stands next to my telephone and is the only PC in the house with an internet connection.
If the worst comes to the worst, all I need to do is save my mail to a stick (and any downloaded pages I might want to keep) and reinstall an image. An 8 GB drive is set up fairly quick.
I recommend the dedicated PC solution to all my friends.
Tried Vista once and this was a problem. It constantly tried to fetch updates and annoyingly always closed the connection first time I typed in a web address in IE.
I went back to Win ME and FireFox. Good enough for the job.
Hi everybody!
I have read the post and I saw many things about virus/antivirus etc, I would like to advise the following:
having up to date software will reduce the possibility of having your machine attacked. An antivirus protects against virus/trojans/worms, not necessarily from "direct attacks" (bugs exploitation). Firewalls block/allow traffic, they usually don't do any kind of content analysis, but they help a lot to reduce the possibility of an attack if the computer is running a network service that has a flaw.
Browsers are being targeted more on exploiting bugs, because, the client (the browser) may access a website that would attack a vulnerability in the browser and the anti virus may not detect it, firewall would allow the connection, since this the normal behaviour of a browser, to access websites.
Let me explain it with more detail, let suppose IE or Firefox has a bug in the way that displays an image. If the bug is serious, an attacker, could set up a website, with an image, that would apparently be ok, but when loaded in the browser would trigger the bug and make possible the attacker to have access to its machine and this would be worse if the person is logged in with administrator privileges, because the attacker would have those privileges. So my humble advices are:
-Keep software up to date
-Do use an antivirus and a firewall
*If you use firefox you may try the NoScript plugin( https://addons.mozilla.org/en-US/firefox/addon/722 ), it will block JavaScript, so you can selectively allow it on the pages you need it.
And even using this, which helps A LOT, don't feel 100% safe because there could be unpatched bugs that might be exploited.
Hope this helps
Christian
Interesting solution Resident.
Thanks Chris_I for the explanations as to how an attacker can access machine with administrator privileges. I begin to understand slowly how that happens now. Thank you.
You can download NRT (Norton Removal Tool) from the Symantec site. NRT eliminates Norton AntiVirus and all other Norton product in one go. Some vestiges remain in the Registry, however, but are not serious.