 |
|
|
|
|
|
| |
| |
|
|
|
|
| |
| |
|
|
On Mon, 04 Aug 2008 14:02:40 +0100, Invisible wrote:
> Anybody else here have any interesting virus experiences?
I used to have a collection for testing purposes. Ran into a weird one
with (I think it was) Yale/Alameda on a network. Yale tried to write to
the boot sector, but with a networked drive, it couldn't do that
(redirector = no access to the drive's boot sector), but it had no error
handling for that situation.
If one was running WordPerfect 5.1 (this was the early 90's) on a machine
infected with this virus, the code would jump into a section of WP that
caused it to start writing huge temp files to the networked drive,
eventually bringing all users logged into that account down.
(We used a guest account for most of the students, was easier than
managing separate accounts for everyone and we had no need to do so -
every student saved their work to a diskette).
This situation was completely reproducible every time.
Jim
Post a reply to this message
|
|
| |
| |
|
|
|
|
| |
| |
|
|
I'm wondering: How many virus/worm infections could have been prevented
by the simple use of a firewall software (such as eg. ZoneAlarm)?
And more wondering: Why do people use Windows without a firewall software?
Even many who *know* these things and are not total n00bs.
"I never run untrusted programs nor open dubious emails" doesn't help
when a worm exploits a security hole in the system which allows it to
infect it remotely without the user doing anything. And this is something
which a firewall software will usually prevent.
(Another very important aspect of the firewall software is that, in the
case the system *does* get infected, it will stop the virus/worm/malware
from connecting to the internet behind the scenes, without the user knowing.
This is something a hardware firewall won't do, which is why a software
firewall in Windows is so important.)
--
- Warp
Post a reply to this message
|
|
| |
| |
|
|
|
|
| |
| |
|
|
Gilles Tran wrote:
>> Oh dear, I must be a really stupid n00b for not knowing something so
>> "obvious". Get off my case!
>
> The noobishness is not about not knowing something. It's about not imagining
> that there are other people out there with the same problem and possibly
> solutions that work, all of this a Google search away.
Yeah. I'm sure a few hours after MS Blaster came out there was published
info on the Internet on how to fix it. :-P
For what it's worth, I *did* check McAfee's website. (Since that was the
AV product I was actually using.) It just said "get the latest virus
defs. The virus will then be removed." This didn't actually occur. It
*detected* the virus, but refused to remove it. Really helpful, that was...
--
http://blog.orphi.me.uk/
http://www.zazzle.com/MathematicalOrchid*
Post a reply to this message
|
|
| |
| |
|
|
|
|
| |
| |
|
|
Warp wrote:
> And more wondering: Why do people use Windows without a firewall software?
NAT tends to do a really good job here too. I think most cable modems at
least are, by now, NATted.
> from connecting to the internet behind the scenes, without the user knowing.
Sadly, there are so many programs that connect out without telling the
user they'll be doing so, it's another case of yes/no overload, methinks.
--
Darren New / San Diego, CA, USA (PST)
Ever notice how people in a zombie movie never already know how to
kill zombies? Ask 100 random people in America how to kill someone
who has reanimated from the dead in a secret viral weapons lab,
and how many do you think already know you need a head-shot?
Post a reply to this message
|
|
| |
| |
|
|
|
|
| |
| |
|
|
Mike Raiford wrote:
>> Anybody else here have any interesting virus experiences?
I have never seen a virus on a computer. Been lucky I guess :)
I was the local greek that every one who ask for help on their computers
in our naborhood. Every time a new virus came out everyone thought
they had it. The problems where mostly from loading games and programs
that were incompatible with the operating system. I was always getting
virus update from them. One day I got an e-mail that said there is a
virus name Such-n-Such(can remember) and if you have this exe file on
your computer you need to delete it. Of course it was on my computer. NO!
I didn't delete it. A little research showed that the file was very
important to the operating system. Lucky none of our gang delete it.
Post a reply to this message
|
|
| |
| |
|
|
|
|
| |
| |
|
|
>> And more wondering: Why do people use Windows without a firewall
>> software?
>
> NAT tends to do a really good job here too.
Yeah, that too.
Just being behind a NAT device means that random people in the Internet
can't just connect to your PC and start frobbing random ports which host
insecure services. [Insert comment about the number of services M$ has
enabled by default when Windoze installs.]
That's not to say there is no place for antivirus and/or personal
firewalls though! We still have spam email containing malware, and
websites using browser bugs to install dodgy stuff...
> Sadly, there are so many programs that connect out without telling the
> user they'll be doing so, it's another case of yes/no overload, methinks.
Well sadly yes. OTOH, many personal firewalls seem to have a list of
"trusted" applications that they don't prompt for. Who compiles this
list and how the product decides whether a given item is on that list is
another matter. (I really hope it isn't just by process image name...!)
--
http://blog.orphi.me.uk/
http://www.zazzle.com/MathematicalOrchid*
Post a reply to this message
|
|
| |
| |
|
|
|
|
| |
| |
|
|
Leroy Whetstone wrote:
> I have never seen a virus on a computer. Been lucky I guess :)
Lucky or just sensible. ;-)
My dad's PC seems to periodically become infected by... *something* or
other. Usually just trojans and browser hooks. I don't know what the
heck he does that I don't, but I've never had any similar problems...
> I was the local greek that every one who ask for help on their computers
> in our naborhood. Every time a new virus came out everyone thought they
> had it.
Ah yes, I've seen this so often. "Ooo, my computer is doing something
wierd. Is it a virus?"
Also, does it make you chuckle when you see those emails warning you
that "omgz, this nuu virus will eraz0rs your memory and make your
monitor expl0d3!!1!eleven"? ;-)
> One day I got an e-mail that said there is a virus
> name Such-n-Such(can remember) and if you have this exe file on your
> computer you need to delete it. Of course it was on my computer. NO!
> I didn't delete it. A little research showed that the file was very
> important to the operating system. Lucky none of our gang delete it.
Perhaps you refer to
http://www.f-secure.com/hoaxes/jdbgmgr.shtml
--
http://blog.orphi.me.uk/
http://www.zazzle.com/MathematicalOrchid*
Post a reply to this message
|
|
| |
| |
|
|
|
|
| |
| |
|
|
Thats interesting. Very few people had access to the Internet outside of
universities, military, government and gov't contractors when the "Morris
Worm" struck. I believe I had Compuserve at the time and found the news very
interesting but remained utterly unaffected by it, the only actual Internet
access we Compuserve subscribers had at the time I think, was limited to
metered email. That was, what, 1987, 1988?
--
Post a reply to this message
|
|
| |
| |
|
|
|
|
| |
| |
|
|
Halbert wrote:
> That was, what, 1987, 1988?
Both of those, yes.
http://en.wikipedia.org/wiki/Christmas_virus
http://en.wikipedia.org/wiki/Morris_worm
Netscape used to be the security hole poster child, too, until Microsoft
took that distinction away from them. :-)
--
Darren New / San Diego, CA, USA (PST)
Ever notice how people in a zombie movie never already know how to
kill zombies? Ask 100 random people in America how to kill someone
who has reanimated from the dead in a secret viral weapons lab,
and how many do you think already know you need a head-shot?
Post a reply to this message
|
|
| |
| |
|
|
|
|
| |
| |
|
|
Invisible wrote:
> Anybody else here have any interesting virus experiences?
Want a scary thought?
While remotely cleaning a friend's computer, I found a trojan that was using
two dozen different methods to start up on boot. The global and per-user
Run registry key, Start on the start menu, an ActiveX object that
initialized on boot, a shell extension loaded by explorer, and...
...it *changed the file association of .exe files*. Instead of running "%1",
it ran trojan.exe "%1". The trojan started the real program after doing its
nasty stuff, so the user didn't notice.
Post a reply to this message
|
|
| |
| |
|
|
|
|
| |
