|
Posted by ana on April 10, 2008, 8:49 am
If you were Registered and logged in, you could reply and use other advanced thread options > Olicaca wrote:
> > Sebastian,i don't understand really ur answer purpose here.I just ask
> > u some software u know,
>
> Would you please write in proper English, like in any other formal letter?
>
> > famous and useful and i don't underline about
>
> > my security problem here,i ask about the software and just the
> > software,don't care much about security knowlegde,so that let help
>
> Sorry that I dared for actually addressing your problem... Anyway, this is a
> newsgroup, not a support forum. Don't expect your questions to be answered
> or even the discussion leading to a point you'd like.
>
> > about software please(!),what program best and useful.Okie?
>
> Your system is compromised, so no software can't help you. D'Oh, that's
trivial!
>
> > If you come a site and suddenly,a file down and install on ur
> > computer,so how do you deal with?
>
> Turn off the computer, boot from an offline media, create a backup and then
> start verifying against a well-known safe backup, signature base etc.,
> consequently restoring any modification. Then I'd login as admin, create a
> new user account and shift over all data. Then I start verifying them in the
> background while rebuilding all settings and reinstalling all relevant
> programs from trusted media.
>
> What else?
>
> > And if you install a file that bound with a virus,
>
> I simply don't do this. Period.
>
> > so beside you install the soft,how do you know and treat with that
> > malware?
>
> I guess I'd recognize the misbehaviour pretty soon, and start investigating it.
>
> > Some
>
> > month ago i get xorer virus from a CD-Rom(it is so unluck to me that
> > that time my antivirus not updated)
>
> Even if it was, that generally wouldn't have stopped it.
>
> > Windows ACLs i know alitlle but as i know,if a folder write and delete
> > protected
>
> That is, the effective write access of the user to the folder is denied.
> That's what you mean? Since there's some scenarios where other permissions
> might allow write access as well (f.e. being the owner, being able to change
> the ACLs, delete child permissions on the upper folder).
>
> > then no any program can write data to it,and if a folder can
> > be write by a program then virus can write to it.
>
> Yes, trivially. The access is enforced by the kernel, and everything has to
> pass trough it for accessing hardware resources (other than CPU and RAM).
>
> > Process Monitor i know but so slow down and not a installation monitor
> > tool ja,even i use it monitor my installation then i cannot control
> > anything aswell.
>
> You cannot control other than by ACLs and capabilities. If you give write
> access somewhere, then the installation is free to write there. if you don't
> want this, set proper permissions.
>
> > Scamware i dont know.
>
> You know, it is security software that tries to implement a broken concept
> in a broken way, so actually reduces the security.
>
> > Okie,so all your ever advice is not useful for me.
>
> Well, this might be because you didn't ask the proper questions? From what
> you wrote it seems like you didn't even flatten and rebuild the system.
You can try Secure Auditor, a new software for unified digital risk
management issues. It contain 30 embedded security tools along with
event log viewers. May be it works for you. Download it from
http://www.download.com/Secure-Auditor/3000-2653-10826743.html?part=dl-SecureAud&subj=uo&tag=button
| 
XML site map