|
Posted by Duane Arnold on June 15, 2005, 12:40 am
If you were Registered and logged in, you could reply and use other advanced thread options
John Doe wrote:
> I do not use an antivirus program. I never open any files, so assume I am
> safe. I just browse around. I DO use both hardware and software
> firewalls
> and am careful about IE settings (Win 98) and firewall settings. Of
> course there are a million settings, I try to disable everything and then
> ease off until the thing works ok.
That's flat out bad business on the root based Win 9'x O/S that you're not
using a good AV application. The only real thing you have going for you is
that no one is really coming after the out dated Win 9'x or ME O/S(s) like
they are coming after the Win NT based O/S. A Win 9'x O/S can be infected
too and you're lucky that has not happened or you don't know that it's
happened, with using IE or OE.
>
> My software firewall is constantly giving warnings about new (updated) DLL
> files being loaded. If these DLL files are corrupt, will an anti-virus
> program catch it?
Application Control in PFW solutions use time and date stamp, program
version, checksums, etc to determine that an exe, dll or other program file
types have been changed since the last known snap shot of those attributes
were approved by you for the program execution. And of course the App
Control is going to stop execution of a program that has had those
attributes change when compared to the last know snap shot.
Of course AV have signature files with file name in it like johndoe.dll to
detect a malware program file type. But on the other hand, johndoe.dll may
not be in the AV signature file at the time of the exploit. Some AV(s) use
heuristic technology for malware detection as well.
The NAT router you have does it have logging whare you can use a logviewer
like Wallwatcher or others so that you can review inbound and outbound
traffic to and from the router for possible dubious connections to remote
IP(s)?
Duane :)
| 
XML site map