|
Posted by on December 28, 2006, 5:26 pm
If you were Registered and logged in, you could reply and use other advanced thread options
I was listenening to Kim Commando on the radio, and she said that if
you have a computer without a firewall, a antivirus program, and an
antispyware program and you go online for a few minutes, your computer
will be filled with spyware and viruses.
How does this happen? How can these files be dumped on your computer
over the internet?
Also: One thing I notice is that I frequently get a message in a little
white window at the bottom of my screen, saying that "files have been
upgraded, click here to install". Just what am I installing anyway?
Is it safe to listen to these messages?
Also, I had a computer without a firewall hooked up to my internet
service, and then I replaced it with another computer that had a
firewall. Since the old computer had ports that could be found on the
internet, does that mean that the new replacement computer can be found
by the hackers?
Thanks,
Security Newbie
|
|
Posted by Robert Moir on December 28, 2006, 6:40 pm
If you were Registered and logged in, you could reply and use other advanced thread options
HONOREDANCESTOR@YAHOO.COM wrote:
> I was listenening to Kim Commando on the radio, and she said that if
> you have a computer without a firewall, a antivirus program, and an
> antispyware program and you go online for a few minutes, your computer
> will be filled with spyware and viruses.
> How does this happen? How can these files be dumped on your computer
> over the internet?
I neither know or care who "Kim Commando" is, but their advice is poorly
thought out. It's not so much "wrong" as "missing the point".
The internet is a "dangerous" place these days, with lots of hacker programs
out there trying to break into your system in lots of different ways, and
some systems are more vulnerable than others. Automated scanning tools will
try and test machines they find on the Internet to see if they can easily be
hacked, and if they find a suitable victim they will certainly try and break
in and subvert these systems.
A firewall is a "shield" that tries to isolate your computer (or home
network) from people on the Internet connecting to it in ways that you don't
want to happen.
AV and Anti-Spyware, as you probably know, try to stop unwanted programs
from running on your machine and infecting it. They should work to prevent
intrusion, or at the very least to allow you to clean up should one happen.
These are important safety features on a Windows machine, and a firewall of
some kind is probably a good idea for any user of _any_ computer system
these days. However, the presence or absence of these things is not what
makes you safe - it's possible to have all these and become infected, and
it's possible to have none of them and stay clean.
These tools just make it easier to stay clean, when used in a sensible way.
That's all they do.
Think of a new car - it has many safety features - airbags, seatbelts,
strong frames with planned crumple zones, etc. These are also important
safety features. These things make it easier to be involved in a crash and
come out alive. Very good, very useful, I'm glad my car has them.
BUT... At no time does having any amount of these things in your car
suddenly make it a good idea to go driving into walls or intentionally
hitting other cars at high speeds. You still need to drive safely. In fact
the safe driving is the most important part of staying alive on the road.
Same with these tools on computers. You need to use your computer "safely"
to remain clean. The tools we've discussed make it easier to stay safe, and
they make it easier to recover from a "crash", but they don't make using
your computer in an unsafe way (running any old rubbish downloaded from the
rough side of the Internet, not patching your computer to fix known security
holes) a good idea. Using your computer safely and in a sensible manner is
the most important part of keeping it working well.
> Also: One thing I notice is that I frequently get a message in a
> little white window at the bottom of my screen, saying that "files
> have been upgraded, click here to install". Just what am I
> installing anyway? Is it safe to listen to these messages?
Well hopefully these are Windows automatic updates, but only you know for
sure. Check your automatic updates settings in control panel \ security
centre and see if the schedule on there corresponds to when these updates
appear.
> Also, I had a computer without a firewall hooked up to my internet
> service, and then I replaced it with another computer that had a
> firewall. Since the old computer had ports that could be found on the
> internet, does that mean that the new replacement computer can be
> found by the hackers?
It isn't a case of being "found" or not. Finding your computer on the
Internet is an absolutely trivial exercise, and one that is actually a
required part of doing what you want to do with the Internet for 90% of the
things you do.
The question is, what do people find when they go and look at your system -
do they find an open door with a big welcome mat laid out, or do they find a
locked door with a security spotlight and a nasty guard dog that doesn't
intend giving away your secrets easily.
Regards
Rob Moir
|
|
Posted by S. Pidgorny on December 30, 2006, 2:02 am
If you were Registered and logged in, you could reply and use other advanced thread options
>I was listenening to Kim Commando on the radio, and she said that if
> you have a computer without a firewall, a antivirus program, and an
> antispyware program and you go online for a few minutes, your computer
> will be filled with spyware and viruses.
This is simply not true. For that to happen, your computer must have
remotely exploitable vulnerabilities (no patches) and also must be
configured to run those vulnerable services; plus, it should be connected to
the Internet in a way that allows other sustems on the Internet connect
directly to the system - that is rare nowadays.
> How does this happen? How can these files be dumped on your computer
> over the internet?
By exploting vulnerabilities in the software.
> Also: One thing I notice is that I frequently get a message in a little
> white window at the bottom of my screen, saying that "files have been
> upgraded, click here to install". Just what am I installing anyway?
> Is it safe to listen to these messages?
Most likely that is Windows or Microsoft Update. It's a good thing.
> Also, I had a computer without a firewall hooked up to my internet
> service, and then I replaced it with another computer that had a
> firewall. Since the old computer had ports that could be found on the
> internet, does that mean that the new replacement computer can be found
> by the hackers?
Any computer can be found by the hackers. If they can own it - another
issue.
S.
|
|
Posted by Larry Smith on December 31, 2006, 12:13 pm
If you were Registered and logged in, you could reply and use other advanced thread options >>I was listenening to Kim Commando on the radio, and she said that if
>> you have a computer without a firewall, a antivirus program, and an
>> antispyware program and you go online for a few minutes, your computer
>> will be filled with spyware and viruses.
>
> This is simply not true. For that to happen, your computer must have
> remotely exploitable vulnerabilities (no patches) and also must be
> configured to run those vulnerable services; plus, it should be connected
> to the Internet in a way that allows other sustems on the Internet connect
> directly to the system - that is rare nowadays.
>
>> How does this happen? How can these files be dumped on your computer
>> over the internet?
>
> By exploting vulnerabilities in the software.
>
>> Also: One thing I notice is that I frequently get a message in a little
>> white window at the bottom of my screen, saying that "files have been
>> upgraded, click here to install". Just what am I installing anyway?
>> Is it safe to listen to these messages?
>
> Most likely that is Windows or Microsoft Update. It's a good thing.
>
>> Also, I had a computer without a firewall hooked up to my internet
>> service, and then I replaced it with another computer that had a
>> firewall. Since the old computer had ports that could be found on the
>> internet, does that mean that the new replacement computer can be found
>> by the hackers?
>
> Any computer can be found by the hackers. If they can own it - another
> issue.
I think you're underestimating the problem. As an experienced software
developer (24 years in the field), I know first-hand how vulnerable a
machine can be. Without the safeguards built into your browser, a good
firewall, anti-virus software, and so forth, your machine is effectively
wide open when you're on the web. Anything you download which includes all
web pages can potentially contain malicious code. Without adequate
safeguards, your machine is wide open to exploitation. The safest thing you
can do before even getting onto the web is:
1) Always lower your user rights to the absolute minimum you can get away
with (including when you start your email package or any other software that
may access the web). See here for instance:
http://msdn2.microsoft.com/en-us/library/ms972827.aspx
2) Lock down all folders on your machine (and sensitive areas of the
registry) so that whatever principal you are browsing the web with in 1)
above does not have any rights to those folders whatsoever (excluding the
minimum folders, registry settings, etc. required by your browser).
Encryption is also a must for highly sensitive data.
3) Make sure your firewall is configured so that all incoming and outgoing
traffic is confined to only those programs you're sure is safe (and never
yield to any prompt requesting access if you're not sure what the program
is).
Items 1 and 2 alone will provide very good protection, safeguarding you even
if something malicious does get onto your machine (which can only cause
minimal harm if it's unable to access your folders or the registry). It
takes some know-how for the average user to set these things up and security
will never be perfect in any case but everyone can go a long way to
protecting themselves using these and other techniques.
|
|
Posted by B. Nice on January 1, 2007, 7:11 am
If you were Registered and logged in, you could reply and use other advanced thread options
<snip>
>1) Always lower your user rights to the absolute minimum you can get away
>with (including when you start your email package or any other software that
>may access the web). See here for instance:
>http://msdn2.microsoft.com/en-us/library/ms972827.aspx
Agreed. Most windows users run as admins - thereby lowering the
efficiency of any installed security products.
<snip>
>3) Make sure your firewall is configured so that all incoming and outgoing
>traffic is confined to only those programs you're sure is safe (and never
>yield to any prompt requesting access if you're not sure what the program
>is).
As an experienced programmer you also know that controlling outgoing
traffic implemented as "application control" is'nt very effective and
should'nt be considered a trustworthy meassure against malware.
|
| Similar Threads | Posted | | Firewalls | July 27, 2005, 9:21 am |
| what are firewalls? | March 23, 2006, 8:30 pm |
| Firewalls | March 29, 2006, 8:10 pm |
| Firewalls | May 31, 2006, 10:42 am |
| firewalls | November 15, 2006, 1:16 am |
| Firewalls | January 21, 2007, 4:19 pm |
| firewalls | February 20, 2008, 12:07 pm |
| firewalls vs. wireless | July 10, 2006, 7:52 pm |
| the different firewalls and their technical aspects | June 17, 2006, 11:23 am |
| firewalls and vulnerability to TCP/IP crash. | July 25, 2006, 8:33 pm |
|
XML site map