"nemo_outis" wrote:
> Albert <albert.xtheunkno...@gmail.com> wrote in news:33d368a5-5be1-4dc4-
> 8f49-098cb6514...@f20g2000prn.googlegroups.com:
>
> > I've just installed XP and need to surf the web. Do I need to install
> > anything?
>
> Question far too broad, vague and ill-defined - please refine and resubmit.
What do I need to install so that I can't get malware? If you choose
to specify a particular company, please add why you chose that company.
> "nemo_outis" wrote:
>> Albert <albert.xtheunkno...@gmail.com> wrote in news:33d368a5-5be1-4dc4-
>> 8f49-098cb6514...@f20g2000prn.googlegroups.com:
>>
>> > I've just installed XP and need to surf the web. Do I need to install
>> > anything?
>>
>> Question far too broad, vague and ill-defined - please refine and resubmit.
>
> What do I need to install so that I can't get malware?
I'm afraid no product will prevent you entirely from getting malware.
Antivirus is not terribly hard for custom malware to avoid, there is
no patch for human stupidity (i.e. you respond to phishing emails,
install a trojan), or fall victim to a 0day attack via unpatched
issues in your browser, IM program, media player, pdf viewer, flash
plugin, what have you.
> If you choose to specify a particular company, please add why you
> chose that company.
av-comparatives.org tests antivirus software. Eset's NOD32 is a
worthy combination of fast performance and strong signature based and
heuristic based malware detection. Symantec Client security (a
business aimed product) isn't awful either, but it's not cheap
either.
Albert <albert.xtheunknown0@gmail.com> wrote in
news:b0ae4222-21c3-4acf-b29e-cbecc2082342@f20g2000prn.googlegroups.com:
> "nemo_outis" wrote:
>> Albert <albert.xtheunkno...@gmail.com> wrote in
>> news:33d368a5-5be1-4dc4-
>> 8f49-098cb6514...@f20g2000prn.googlegroups.com:
>>
>> > I've just installed XP and need to surf the web. Do I need to
>> > install anything?
>>
>> Question far too broad, vague and ill-defined - please refine and
>> resubmit.
>
> What do I need to install so that I can't get malware? If you choose
> to specify a particular company, please add why you chose that
> company.
Still outrageously broad, vague, and ill-defined!
I say this not only because I'm a cranky curmudgeonly old bastard (which
I am) but because sloppy thinking, carelessness, and laziness - even
after you were chided and prodded - does not bode well for your chances
of staying secure. The appropriate skills and attitudes, not just
mindlessly installing a few programs, are crucial to computer security.
For instance, it is quite uncommon to become infested with malware unless
one connects to the internet (at least browsing and emailing, but
possibly also torrent, irc, etc.) - but you don't even mention that you
do that, let alone how! We are left to infer that you are not a complete
novice by the fact that you asked the question here, a relative backwater
of the net. This smacks of either intractable stupidity or trolling.
With that said, the basic kit is as follows:
1) use a router
2) use a decent software firewall
3) use a decent antivirus
4) use programs with reduced suceptibility to security breaches (e.g.,
firefox), addons which increase security (e.g., noscript, flashblock,
betterprivacy) and - especially important! - configure all software (OS,
firewall, browsers, email, etc.) appropriately.
Much more can be done (depending on specific threats, needs, and skills -
such as using tor or mixmaster or a virtual machine) but that's the core.
(Todd H.) wrote:
> <snip intro>
> ...there is no patch for human stupidity (i.e. you respond to
> phishing emails, install a trojan), or fall victim to a 0day attack
> via unpatched issues in your browser, IM program, media player, pdf
> viewer, flash plugin, what have you.
I don't respond to phising emails. I plan to install the bare minimum
so I can scan exe files for being trojans. I don't use IM. My pdf
viewer is portable and as long as I copy three files to a computer in
the same directory it'll work - so I doubt malware would get through
via this program. I don't need the flash _plugin_.
So if I install NOD32 and don't do anything stupid, I can't get malare?
> For instance, it is quite uncommon to become infested with malware unless
> one connects to the internet (at least browsing and emailing, but
> possibly also torrent, irc, etc.) - but you don't even mention that you
> do that, let alone how!
I browse, email with gmail, use utorrent, don't use irc.
> With that said, the basic kit is as follows:
>
> 1) use a router
> 2) use a decent software firewall
> 3) use a decent antivirus
> 4) use programs with reduced suceptibility to security breaches (e.g.,
> firefox), addons which increase security (e.g., noscript, flashblock,
> betterprivacy) and - especially important! - configure all software (OS,
> firewall, browsers, email, etc.) appropriately.
I use a router. I don't have a firewall nor antivirus. After I post
this I'll go get firefox with the addons you've listed.
But, could you please narrow down what you mean by 'configure all
software appropriately'?
In article <33d368a5-5be1-4dc4-8f49- 098cb651478a@f20g2000prn.googlegroups.com>, albert.xtheunknown0
@gmail.com says...
>
> I've just installed XP and need to surf the web. Do I need to install
> anything?
Where have you been for the last 10 years?
You need ALL Windows Updates, Antivirus software, the most current Java,
and I would suggest that you use FireFox, the latest version.
--
You can't trust your best friends, your five senses, only the little
voice inside you that most civilians don't even hear -- Listen to that.
Trust yourself. spam999free@rrohio.com (remove 999 for proper email address)
Leythos wrote:
> You need ALL Windows Updates, Antivirus software, the most current Java,
> and I would suggest that you use FireFox, the latest version.
If I choose to not visit any website requiring Java, do I still need
the most current Java?
I've got Firefox now - just need NOD32.
On Thu, 17 Sep 2009 23:21:22 GMT, "nemo_outis" <abc@xyz.com> wrote:
>Albert <albert.xtheunknown0@gmail.com> wrote in news:33d368a5-5be1-4dc4-
>8f49-098cb651478a@f20g2000prn.googlegroups.com:
>
>> I've just installed XP and need to surf the web. Do I need to install
>> anything?
>>
>
>Question far too broad, vague and ill-defined - please refine and resubmit.
>
What a great answer. NOT!
Here's some starting advice;
1. Download an AntiVirus Program - A free version to see if it works
on your machine without screwing up other software. Try Avast. If it
works on your machine for a week and doesn't interfere with other
software, BUY IT! Don't listen to the cheapskates who think the
freebie version is all they need.
This will save a a copy of your registry in case some junk program
screws it up. Always use it before you install any new program.
3. Download its companion NTREGOPT - on the same page. It'll keep your
registry neat.
4. Forget everything you heard about Windows RESTORE POINT. It sucks.
If you can afford a few bucks, buy Acronis True Image. With
incremental backups it will assure you are able to go back to a past
image of your hard drive before some virus or crappy program destroyed
your Windows.
Use Win Restore Point if you have to, but *really* try to get Acronis.
Everything doesn't have to be gotten immediately with the same
paycheck.
5. Get the free versions of SuperAntiSpyware and Malewarebyes
AntiMalware. Make sure you back up with Acronis or at least your
registry with Erunt because the two mentioned pieces of anti spyware
are notorious for screwing up machines.
6. Get a firewall. Sunbelt's is a simple one for a beginner.
7. Download the freebie WinPatrol. It'll keep you apprised when any
program tries scrwing with your files or registry.
8. Install the freebie InstallSpy.
InstallSpy v2.0 [1.23 MB]
This is not spyware, but a program to help you discover spyware! Track
any and all changes to the registry and file system, and also record
all shell notification events (e.g. media inserted), when a program is
installed, uninstalled, or run. This can warn you of programs trying
to install new services, programs that are set to run on reboot,
changes to your home page, etc.
InstallSpy is a highly configurable program that allows you to catch
any change to your system. Filtering lets you zoom down to the details
that are most important to you.
SyncBack Freeware on the same page is a simple backup program that
works great until you want to move up to something more sophisticated.
It's dang near foolproof to use.
9. Install a HOST file. It's a freebie you can get here.
A utility to see if any files in one or more directories have been
created, deleted, or changed since the last scan. It's useful for
checking if a program, e.g. viruses and trojans, has changed your
all-important Windows files (this is similar to such security software
as Tripwire).
Use the Advanced items such as Tea Timer at your own risk. It screws
up too often on too many machines. If it does work for you, great.
Again, backup with Acronis or System Restore before Installing. But
don't trust System Restore to truly install every system that might
get screwed up. It doesn't cover everything. At the least, backup
your registry with Erunt.
------------
This should keep you busy for a while. It's not the end, but a good
beginning.
On Thu, 17 Sep 2009 22:46:00 -0500, as;dl@dasfkjl.com wrote:
>On Thu, 17 Sep 2009 23:21:22 GMT, "nemo_outis" <abc@xyz.com> wrote:
>
>>Albert <albert.xtheunknown0@gmail.com> wrote in news:33d368a5-5be1-4dc4-
>>8f49-098cb651478a@f20g2000prn.googlegroups.com:
>>
>>> I've just installed XP and need to surf the web. Do I need to install
>>> anything?
>>>
>
>7. Download the freebie WinPatrol. It'll keep you apprised when any
>program tries scrwing with your files or registry.
>
They kind of hide the freebie WinPatrol, trying to sell you the
pay-for one. Here's the page for the freebie.
Albert wrote:
> "nemo_outis" wrote:
>> <snip _top-post_>
>
>> For instance, it is quite uncommon to become infested with malware unless
>> one connects to the internet (at least browsing and emailing, but
>> possibly also torrent, irc, etc.) - but you don't even mention that you
>> do that, let alone how!
>
> I browse, email with gmail, use utorrent, don't use irc.
Get the full paid version of MBAM if you're going to use uTorrent.
Without it, undesirable peers will show up within mere seconds! Fact!
You'll want MBAM's IP Blocking turned on before you do anything.
<http://www.malwarebytes.org/>
>
>> With that said, the basic kit is as follows:
>>
>> 1) use a router
NAT router.
>> 2) use a decent software firewall
>> 3) use a decent antivirus
3a) use several overlapping antispyware applications. MBAM & SAS
>> 4) use programs with reduced susceptibility to security breaches (e.g.,
>> firefox), addons which increase security (e.g., noscript, flashblock,
>> betterprivacy) and - especially important! - configure all software (OS,
>> firewall, browsers, email, etc.) appropriately.
>
> I use a router. I don't have a firewall nor antivirus.
Are you going to turn off XP's firewall and use a personal fire wall?
> After I post this I'll go get firefox with the addons you've listed.
>
> But, could you please narrow down what you mean by 'configure all
> software appropriately'?
Means harden your OS and applications so they aren't likely to expose
you to intrusion. Turn off services you are never likely to use.
I hope you aren't using the very system you're trying to protect, to
send these posts!
Albert <albert.xtheunknown0@gmail.com> wrote in
news:cbac0dfa-e866-4e1b-8d8d-4f7552b6dc34@z3g2000prd.googlegroups.com:
> "nemo_outis" wrote:
>> <snip _top-post_>
>
>> For instance, it is quite uncommon to become infested with malware
>> unless one connects to the internet (at least browsing and emailing,
>> but possibly also torrent, irc, etc.) - but you don't even mention
>> that you do that, let alone how!
>
> I browse, email with gmail, use utorrent, don't use irc.
HOW & WHERE you browse matters. (Are they low-risk BBC news type sites,
or high-risk porn & warez sites? Not to say I never go to high-risk
sites but I "suit up" before doing so.)
gmail, while convenient, is questionable from a security standpoint
(except for low-risk throwaway uses). For serious uses you should post
through mixmaster, and for serious newsgroup use mixmaster and a
mail2news gateway (none of which is necessary for light-duty stuff - but
it's surprising how what you thought was light-duty stuff can sometimes
bite you in the ass a few years later)
utorrent (which i use and love) can open you to significant risks (e.g.,
RIAA) depending on your jurisdiction, etc. Some downloads may carry
malware payloads (at minimum this requires anti-virus scanning; more
serious approach adds virtual machine).
In fact, ANY downloading from the net (as opposed to plain surfing) is at
least medium risk (some might say *high* risk *even* for 'respectable"
sites). This especially includes 'stealth downloads' such as when you
mindlessly click yes to a message like "This video requires a codec that
is not presently installed - Install it now?" or similar invitations to
self-infection.
>> With that said, the basic kit is as follows:
>>
>> 1) use a router
>> 2) use a decent software firewall
>> 3) use a decent antivirus
>> 4) use programs with reduced suceptibility to security breaches
>> (e.g., firefox), addons which increase security (e.g., noscript,
>> flashblock, betterprivacy) and - especially important! - configure
>> all software (OS, firewall, browsers, email, etc.) appropriately.
>
> I use a router. I don't have a firewall nor antivirus. After I post
> this I'll go get firefox with the addons you've listed.
>
> But, could you please narrow down what you mean by 'configure all
> software appropriately'?
Because it's once again a very broad topic I'll give you one example to
let you get the "flavour" of what I'm talking about: Your email program
default MUST be configured NOT to display html.
Or for a second example: Your browser should be configured with java and
javascript off as the default and only enabled on trusted sites
(Noscript, etc. can help manage aspects like this).
Lastly (well not really lastly - there's lots more - but lastly for this
post) you must "configure yourself" not to do stupid things thoughtlessly
or from laziness or carelessness. You may not go to the trouble of
developing formal protocols but you should have at least rough and ready
ones - and you must religiously follow them. YOU are the greatest risk
to your security.
Albert wrote:
> I've just installed XP and need to surf the web. Do I need to install
> anything?
To sum up, I need to _install_:
1. Erunt (use before installing anything)
2. NOD32 or Symantic Client Security or Avast (updating everyday)
3. NTREGOPT
4. Acronis True Image
5. SAS
6. MAM full for IP blocking
7. Sunbelt
8. WinPatrol 2009
9. InstallSpy
10. SyncBank Freeware
11. A HOST file
12. Fingerprint
13. Spybot - don't use TeaTimer
14. Mixmaster
15. Mail2news gateway
15 things!!!
[pause]
What if I wanted to allow malware to wreak havoc on my computer since
there's nothing important there but _make sure_ I don't send out
private, personal, important etc. information?
> nemo_outis wrote:
>> Your email program default MUST be
>> configured NOT to display html.
>
> How do you do that in Gmail?
At last the light begins to dawn! You may recall that I was less than
enthusiastic about gmail.
You may also wish to consider critiques such as the one at the following
site (nothing special - I just picked it as one of many out there -
ironically, you can google to find zillions more). Such things as the 180
day lapse of protection, targetted ads based on profiling one's email, etc.
make my flesh crawl. YMMV After all, it *is* very convenient (and why let
privacy stand in the way of convenience?)
> Albert wrote:
>> I've just installed XP and need to surf the web. Do I need to install
>> anything?
>
> To sum up, I need to _install_:
>
> 1. Erunt (use before installing anything)
> 2. NOD32 or Symantic Client Security or Avast (updating everyday)
> 3. NTREGOPT
> 4. Acronis True Image
> 5. SAS
> 6. MAM full for IP blocking
> 7. Sunbelt
> 8. WinPatrol 2009
> 9. InstallSpy
> 10. SyncBank Freeware
> 11. A HOST file
> 12. Fingerprint
> 13. Spybot - don't use TeaTimer
> 14. Mixmaster
> 15. Mail2news gateway
>
> 15 things!!!
>
> [pause]
>
> What if I wanted to allow malware to wreak havoc on my computer since
> there's nothing important there but _make sure_ I don't send out
> private, personal, important etc. information?
>
I gave you the basic kit - the others are part of a more complete
toolbox. But, useful as all the others are (I too use many of them or
something close) you must learn to walk before you run. Master the
basics, then add. Otherwise even the best tools are mostly useless.
However, with respect to your question about not sending out information,
the problem is if you let malware *in* you then have a traitor in your
own camp that can leak sensitive info *out.*
Regards,
PS There is more to this than just getting the kit - you must know how
to apply it. For instance, even an ordinary router can be configured to
prevent most things getting in that you do not voluntarily (where
"voluntarily" has a very broad meaning) bring in. A software firewall,
while it does add some incremental protection against inbound threats is
mainly useful for (at least partially) blocking outward channels. The
router and software firewall work synergistically.
The anti-virus program (and malwarebytes, superanti, etc.) are mostly an
admission that we will (at least sometimes and to varying degrees) FAIL
to keep shit out. They're there to minimize the damage by early
recognition, threat neutralization, and removal. (Backup - as with
Acronis, etc. is also part of a harm minimization approach, one not just
limited to malware threats)
None of the kit - in fact, not even ALL of the kit gives total
protection. We're in a race with clever, capable and motivated
adversaries (at the high end) concealed within mases upon masses of
lesser threats arranged in tiers of capability. (Some of) the opponents
are very good indeed, and they need only find ONE workable exploit to get
you while you must block ALL possible threats to be totally secure. The
odds are with them.
The full bore approach is threat and consequence assessment followed by
selection and use of tools and procedures (yes, procedures and not just
tools) that will reduce the threats. All within constraints imposed by
our resources (not just money, but time, trouble, skills, etc.). It's an
exercise in risk management. But sadly, risk management seldom achieves
the holy grail of risk elimination.
"Albert" <albert.xtheunknown0@gmail.com> wrote in message
news:0f52881a-0081-4edf-a453-3d26b5cf2b56@m33g2000pri.googlegroups.com...
<snip<
> What if I wanted to allow malware to wreak havoc on my computer since
> there's nothing important there but _make sure_ I don't send out
> private, personal, important etc. information?
Hello Albert :)
Maybe you have *already* allowed malware to wreak havoc on your computer!
Viz:-
"Albert" <albert.xtheunknown0@gmail.com> wrote in message
news:50b375c5-e573-48bb-99bd-f5bf96b9b468@v15g2000prn.googlegroups.com...
> 1PW wrote:
>> I hope you aren't using the very system you're trying to protect, to
>> send these posts!
>
> I am.
Maybe you are simply unaware that malware is present!
Some here will advocate that you should now "flatten and rebuild" your
machine and make sure that you have installed basic protection *before* you
reconnect to the Internet. I support that approach! I also support the use
of Acronis True Image (to 'turn back the clock' in future).
However, have you considered that your BIOS may have been/could be infected?
A whole new ball-game!
Albert wrote:
> Albert wrote:
>> I've just installed XP and need to surf the web. Do I need to install
>> anything?
>
> To sum up, I need to _install_:
>
> 1. Erunt (use before installing anything)
> 2. NOD32 or Symantec Client Security or Avast (updating everyday)
I believe SCS is no longer offered. SAV Corp Edition v10.2 & $36 per
seat is giving way to Symantec End Point Protection v11.0 soon.
Avira AntiVir Personal (Freeware)
> 3. NTREGOPT
> 4. Acronis True Image
> 5. SAS
> 6. MAM full for IP blocking
16. Would you like the best tool for rootkit detection & remediation?
GMER: <http://www.gmer.net/#files> (Freeware)
>
> [pause]
>
> What if I wanted to allow malware to wreak havoc on my computer since
> there's nothing important there but _make sure_ I don't send out
> private, personal, important etc. information?
How would you answer your own question if someone asked you if it's OK
to provide a home for mailbots, spambots, Conficker, malware bots,
etc? What's the name of this newsgroup Albert?
Have all of us wasted our time here Albert? I sincerely hope not.
"nemo_outis" <abc@xyz.com> wrote in
news:Xns9C8A667F45DBpqwertyu@69.16.185.247:
....
> But sadly, risk management seldom achieves the holy grail of risk
> elimination.
>
> Ain't life a bitch?
>
Before I transmit my rampant privacy paranoia to you, perhaps it might
help to get a little perspective on risk. The internet is overblown!
Life is a risky business - no one gets out alive!
The most dangerous thing I do (or did) was drive to work every day. The
internet is trivial by comparison.
As for the internet, say, stealing your credit card numbers, consider
this:
I have often gone out for dinner with friends, ate and drunk my fill, and
finally blithely handed my credit card to the waiter (whom I don't know
from Adam) who disappeared in the back for a few minutes before coming
back with the bill for me to sign. He could have gotten everything there
was to get from my card in terms of info if he was so inclined. And I
didn't worry about it. Mostly I worry even less for the internet.
Yes, I take precautions, but I don't obsess about them.
Regards,
PS For instance, if you are worried about internet leakage of sensitive
personal info, you could do the following: Have two computers, one for
"ordinary" surfing including some high-risk surfing (porn, warez, etc.)
and a completely separate system (air gap to other one) for sensitive
surfing (online banking, etc.) Or, if you can't afford this, then
approximate it with two virtual machines for low and high risk surfing
(each could be as simple as, say, JanusVM).
I don't do this, but it's not because I don't know how. I know that I
won't put up with the PITA of adhering to the protocol (less charitably
you could say I lack the self-discipline to do so).
I will even tell you that I DON'T use a antivirus full time (I scan
selectively). Why? Because the totality of my protections coupled with
my risk exposure doesn't require it. Anti-virus programs (even the best
using their super-duper heuristics) aren't worth shit except against OLD
exploits and script-kiddie variants (although there's lots of that out
there). Any good virus writer TESTS his new virus against all the major
antivirus programs before issuing it. Anti-virus makers are always
playing catchup. Their brag is that they stop, say, 99.4% of the viruses
out there, but what they don't tell you is that it's the residual 0.6%
hot new ones that only have to be unstoppable for a day or two to do
their work that always get by.
I am reminded of certain folks I know in the "recreational
pharmaceuticals" business who adopt parallel measures. Some for instance
have their own kennels of highly trained sniffer dogs (not overworked
ones like customs) The product doesn't ship until it passes the Fido
sniff test - with multiple dogs! And so with good virus writers.
>
>av-comparatives.org tests antivirus software. Eset's NOD32 is a
>worthy combination of fast performance and strong signature based and
>heuristic based malware detection.
He can do better than NOD32.
Here for his perusal is the latest Virus Bulletin AV tests.
On Thu, 17 Sep 2009 23:59:31 -0700 (PDT), Albert
<albert.xtheunknown0@gmail.com> wrote:
>What if I wanted to allow malware to wreak havoc on my computer since
>there's nothing important there but _make sure_ I don't send out
>private, personal, important etc. information?
You don't seem to understand the situation. If you "allow" the above
to happen, you will be sending out viruses, trojans, all types of
malware, because your machine will probably turned into a 'bot' by
some of that malware. You will not only be responsible for infecting
god knows how many other machines, but if your ISP has a half of a
brain, you'll end up tossed from their system.
How can you say "...there's nothing important there..." and then say
you're worried sending out "...private, personal, important etc.
information?"
You need an education in exactly what can happen to an infected
machine. An infected machine can end up little else than a doorstop.
There are a myriad of scenarios as to what happens to an infected
machine. You *really* need a general, basic education on the subject.
as;dl@dasfkjl.com wrote:
> On Thu, 17 Sep 2009 21:11:44 -0500, comphelp@toddh.net (Todd H.)
> wrote:
>
>
>> av-comparatives.org tests antivirus software. Eset's NOD32 is a
>> worthy combination of fast performance and strong signature based and
>> heuristic based malware detection.
>
> He can do better than NOD32.
>
> Here for his perusal is the latest Virus Bulletin AV tests.
>
> http://www.virusbtn.com/news/2008/09_02
as;d...@dasfkjl.com wrote:
> How can you say "...there's nothing important there..." and then say
> you're worried sending out "...private, personal, important etc.
> information?"
I don't want my email account or any other account that I've set up
for forms hacked into. If I ever purchase from ebay or amazon, I don't
want my details made available to people. Information need not be
stored on a hard drive.
Albert wrote:
> as;d...@dasfkjl.com wrote:
>> How can you say "...there's nothing important there..." and then say
>> you're worried sending out "...private, personal, important etc.
>> information?"
>
> I don't want my email account or any other account that I've set up
> for forms hacked into. If I ever purchase from ebay or amazon, I don't
> want my details made available to people. Information need not be
> stored on a hard drive.
Start on your list of 16. The list will probably "improve".
1PW wrote:
> <snip _top-post_>
> > What if I wanted to allow malware to wreak havoc on my computer since
> > there's nothing important there but _make sure_ I don't send out
> > private, personal, important etc. information?
>
> How would you answer your own question if someone asked you if it's OK
> to provide a home for mailbots, spambots, Conficker, malware bots,
> etc?
I apologise for asking that question. I didn't think that malware went
into one system and used _that_ system to spread to other systems. I
hadn't realised that making one's system less secure can affect other
people's security. Alright - so my new goal is to minimise the risk of
getting malware on my laptop so that others have less of a chance of
getting the same malware :)
Albert wrote:
> I've just installed XP and need to surf the web. Do I need to install
> anything?
Now let's stop thinking about this until notified otherwise.
I also have a remaster of PCLinuxOS installed. If I plan to use this
for anything related to the internet and XP for everything else, what
do I need to install on the linux distro?
Security 
Linear Mode
