Several months back I ran into a Freeper who thought a firewall for his/her Dad would be a little bit too much of a burden on his learning curve. 
Posted on 12/24/2004 3:35:03 PM PST by holymoly
SAN JOSE – Susan Love's problems began with a smile.
The New York City fund-raiser clicked on a happy-face attachment in a friend's e-mail last year. The virus crashed her computer within an hour.
Love, 57, salvaged her data. But within a few months her computer's performance slowed to a crawl. In December 2003, she upgraded to a Sony Vaio with an extra-large monitor and Microsoft Windows XP operating system.
Within a few days, "spyware" – programs that sneak onto computers uninvited – began sponging up valuable memory. Then her e-mail stopped arriving.
Instead of crafting holiday e-mails, she spent hours installing the latest antivirus, anti-advertising and anti-spyware software. She also instituted a rule: Her computer never gets turned off, so security programs patch vulnerabilities around the clock.
"You have to become something of a nerd to make sure your computer is safe," said Love, a former English teacher who recently installed anti-adware on her daughter's computer. "If you don't sweep the computer every night, you could hit."
Love won't be the last to get a holiday crash-course in computer security. Hackers, spammers and spies go into overdrive in December and January, when unsuspecting neophytes unwrap new computers, connect to the Internet, and, too often, get hit with viruses, spyware and other nefarious programs.
"People want to get on the Net right away, just like they want to put together and start using any Christmas present," said Tony Redmond, chief technology officer of Palo Alto, Calif.-based computer giant Hewlett-Packard Co., whose new PCs ship with 60 days of virus and adware protection. "They should be warned that the Net is a very, very dangerous place."
Although few researchers produce holiday-specific security data, experts at IBM Corp., Dell Inc., Hewlett-Packard Co., software companies and Internet service providers agree that the holidays are prime time for hackers.
Holiday viruses are so rampant that consumers could be attacked even if their first online destination is to a Web site for updating security patches.
Kris Murphy, help desk coordinator for North Carolina Internet service provider Indylink.org, said his minister got attacked last year, only a few minutes after unpacking and connecting the machine. At the time of infection, the minister was updating security patches to Windows.
"Hackers know that you are most vulnerable as soon as you go online for the first time," said Murphy, whose 10-person company hires temp consultants during the holidays to handle higher call volume. "Inexperienced people tend to fall into traps more readily because they don't recognize that this guy might be trying to get your credit card information."
Technology executives describe the relationship between hackers and security programmers as an arms race – both sides keep ratcheting up fire power. But lack of consumer awareness – if not downright naivete – allows the war to escalate.
According to a recent survey by the National Cyber Security Alliance, of the 185 million Americans with home computers, one in three say they'll never get hit by viruses or other cyber attacks. In a Consumer Reports study, 36 percent of U.S. home computers showed signs of being infected with spyware and only 41 percent of surveyed households said they actively try to prevent it.
American businesses are savvy about firewalls, spam filters, multiple passwords and other network protections, said Stuart McIrvine, director of corporate security strategy at IBM. But problems at the consumer level – from spyware to security risks in coffee shop wireless networks – are so severe that every hardware and software vendor should be worried about a backlash.
Seasonal attacks start around Thanksgiving, when online shopping begins an annual spike and marketers pummel consumers with junk e-mail – from the perfect stocking stuffer for a balding spouse to a limited-offer holiday cruise.
With the rise in e-commerce, identity thieves try even harder to obtain credit card and other financial data from wireless and home networks. They set up dummy Web sites that seem to be hosted by major financial institutions in hopes that gullible consumers will provide their account information.
Virus writers hide viruses and worms in holiday-themed e-mails, seasonal greetings cards and screensavers.
"W32/Zafi-D," a mass mailing and peer-to-peer worm, harvests addresses from Windows address books and other files. Infected e-mails' subject line begins, "Merry Christmas!" and the text reads, "Happy Hollydays."
The most vulnerable computers are the ones that have sat under Christmas trees for days or weeks. If a consumer buys equipment that arrives on Dec. 15, and it sits in the living room until Dec. 25, it could be hit by hundreds of viruses written in the 10-day interim.
Tony Ross, analyst at British security firm Sophos Plc., advised consumers to get a CD-ROM with the newest updates from their electronics vendor, next-door neighbor or the computer at their office before connecting to the Internet. They should prohibit children – who tend to be liberal in distributing their personal data – from using the machine until it's patched.
Consumers should vigilantly buy and update security software, which can add hundreds of dollars over the course of a computer's lifetime. Popular anti-spyware and anti-adware programs include Webroot Software Inc.'s Spy Sweeper ($29.95 for a one-year subscription), LavaSoft's Ad-Aware SE Professional ($39.95), Tenebril Inc.'s SpyCatcher ($29.95), the free Spybot Search & Destroy and Computer Associate Inc.'s eTrust PestPatrol ($39.95).
Some experts wonder whether the computer has become the digital age equivalent of a puppy – an enthralling treasure on Christmas morning, but a sinkhole for time and energy for years after. At very least, computers are far more demanding than the typical holiday toy, which merely requires batteries.
"At some point, people who receive them for Christmas often ask, 'Is this computer a gift or a curse?'" Ross said.
Rule #1: Never, EVER open any unsolicited e-mail attachement. In other words, if you didn't ask someone to send you that specific file, DON'T OPEN IT.
Consumers should vigilantly buy and update security software...
That is debatable. I consider many of the free products (e.g. AntiVir, Adaware SE) to be superior to their costly counterparts.
| All programs listed below are Open Source and/or Free |
| Alternatives to MSIE, Outlook/Outlook Express: Mozilla.org Mozilla & Firefox browsers, E-mail/Usenet client(s) Off By One Very small, very safe browser (no java, ActiveX, plugins) Popcorn E-mail client Pegasus Mail E-Mail client Xnews Usenet client |
| Anti-Virus: AntiVir® Personal Edition AVG Anti-Virus Antidote SuperLite (On-demand virus checker) |
| Anti-Adware/Spyware: Ad-Aware SE Spybot - Search and Destroy Spyware/Adware/Malware FAQ and Removal Guide |
I'm always amused to see files of type .scr arrive in the e-mail on my Linux machine.
I'll say it again: I don't know why light consumer users of computers/internet get Wintel boxes. It's just not worth it anymore.
I see her basic problem. You can really cut down on your problems by running Win 95/98. Most script kiddies write for the newest operating systems. and the biggest holes usually get patched by Microsoft within about 5 years of release.
BTTT
A lot of heartache can be alleviated by installing a router between the PC and the Net connection, and running a good firewall program that selectively blocks the ports most commonly attacked by worms and viruses.
Plus, browser security settings can make you even more safe.
(sigh) Microsoft thought they were sooooooo slick when they decided to bind their browser up so tightly with their OS, and introduce the security disaster known as ActiveX.
I guess they didn't count on that mistake causing millions of headaches for non-computer literate users, and spawning a cottage industry of developers building software to get rid of nasties like spyware and all the other assorted digital garbage you get if you're not careful.
24 hours? They got off light.
I recently read that the average time before out-of-the box XP is compromised is about 4 minutes.
MERRY CHRISTMAS!
Same here, I always open them, knowing they won't affect me LOL!!!
Ok, Windows 98 is safer than XP, I don't doubt that, but how do you take XP out when it comes with the new box and put in 98?
I read somewhere recently that a new unpatched (Non SP) windows XP, when connected to the internet for the first time, is infected with some form of spy/add/virus/crap in less than 24 hours.
Several months back I ran into a Freeper who thought a firewall for his/her Dad would be a little bit too much of a burden on his learning curve.
We run Windows XP Pro, not Windows XP Home Edition.
Our PC's have a second internal hard drive, either IDE/ATA or SCSI. On that second drive, we install Linux, currently, the SuSE 9.1 setup.
On the Windows XP Pro drive, we install Norton Antivirus and ZoneAlarm Pro. We keep those two, and the Windows OS updated --- we check every day.
In ZoneAlarm Pro, in the Program Controls, Program listings, we block all and any services from being servers to the Internet.
In ZoneAlarm Pro, we block ports for what ZoneAlarm Pro calls the Trusted Zone and also we block the Internet zone. The list of ports is extensive and covers the range from 1 to 65535 for TCP traffic and from 1 to 65535 for UDP traffic. We leave some gaps in those ranges; just enough to make things work, but no more.
We DO NOT use Internet Explorer for anything other than to go to the Microsoft Windows OS Updates website. We list that website as a Trusted site, in the Internet Options for Internet Explorer.
For that Trusted site, we permit ActiveX (because the Microsoft website demands it!), and we permit JavaScript.
FOR ALL OTHER TRAFFIC managed by Internet Explorer, we have DISABLED JavaScript, .NET, ActiveX, etc. We simply do not permit Internet Explorer surfing.
So ... we use Mozilla 1.7.3 Internet browser and Mozilla Firefox 1.0 Internet browser. For e-mail, we use Eudora or Mozilla Thunderbird or Mozilla 1.7.3's built-in Mail client.
We keep a list of the Tasks (see the Task Manager) in order to compare the "known good ones" with possible bad ones.
We also use Norton's old Process Viewer, an independent utility that was part of the Norton package; it may still be; but we use it to double-check the Task Manager's listing.
We also keep an up-to-date list of settings for Internet Options (for MSIE) and ZoneAlarm Pro. (In fact, I am working up an HTML version of both, right now, as a computer help desk feature for our network.)
When a PC gets a virus, we do not try any of the software routines for ridding the computer of the virus, spyware, adware, malware ... instead, we ZAP! the whole drive, format, etc. and re-install Windows XP Pro.
We keep an up-to-date build record, so that, the process is followed easily, and thus, within a day, we have a totally fresh installation.
Lastly, I should add that "We don't do the Registry." We are not satisfied that a virus can be so-cleaned out of the system, by spending a day, picking through the bales of hay.
In summation, we maintain each computer as if it were a TAC F-15. We do not have "down time." Instead, we have a backup PC for each user, which takes over, while the stricken computer is reworked in our shop.
We fly computers, complete with trim tabs and other fine adjustments; that is, we have set up an instrument panel that controls what we want to have happen, right to the edge.
Thus, the computer is always there when you need it.
We back up all data and all our important system settings, onto four separate hard drives, thence some of that to DVD or CD disc's.
BTW, if a PC suddenly flames out, we boot on the Linux SuSE side and rescue the date, copying it from the Windows XP Pro disk, over the network, to a Mac running Mac OS X v.10.3.4 Panther, which is really an Apple GUI for the BSD UNIX cousin that actually is the operating system --- including Samba (SMB) services, that make it so easy to network the Mac with PC's.
We find that Windows OS computers are delicate but useful for the few PC-based applications that we are still stuck with using. We find that Mac OS computers are durable but if one bucks, it takes a strong hand to calm it down, and then suddenly, you're back on the save side of the critical edge of the envelope.
We use all of, Linux OS boxes, the Mac, and the PC, for what they are good at doing; we use them for each of their strengths.
The PC is the most insecure, because Microsoft is determined to make holes through which marketing demographers can make money. "The Bottom Line" is that the PC is not required for business, except from some applications. We use it only for that and skip all the other "extra" troubles.
My bosses orders to me, are simple, for my work: Make it happen.
So, I don't rely on any of the machines; instead, I rely on each machine and our maintenance routines.
This is just a snapshot of what we do. Plenty of other people know much more, and the owners of this forum know everything about Linux, in contrast to my very limited but exact use of it.
Right now, I think that Linux is the way to go for older PC boxes. Use Windows for some tasks, that you must, but otherwise, for the Internet, for surfing, and for e-mail, use Linux.
The recent Linux installs are so much easier than just a couple years ago.
Good luck.
Merry Christmas
I would love to get my hands on one hacker and slap the taste out of his mouth. Just can't see the point in that crap.
Ok, Windows 98 is safer than XP, I don't doubt that, but how do you take XP out when it comes with the new box and put in 98?
You don't, unless you have a copy of 98se laying around.XP is plenty secure if you download and install SP2,AVG anti virus,Spybot Search and destroy,Spyware Blaster and Adaware.XP has it's own built in firewall but I prefer Zone Alarm.Everything I've mentioned so far is free and will keep your system in good shape if you keep it updated.Mozilla Firefox is also a safer browser but I keep I.E. around just in case.
My wife was helping out a friend with her new XP machine. Thery hadn't been online but a few minutes, getting the patch, before it was hit.
That's an impressive set-up you got going on there, please tell me it's not your home network.If it is I'm so jealous.
Consumers should vigilantly buy and update security software...
That is debatable. I consider many of the free products (e.g. AntiVir, Adaware SE) to be superior to their costly counterparts.
I agree, and with the wide range of free security products there's literally no excuse for not having up to date security or whining about it when some malicious code crashes your unprotected machine.
"she spent hours installing the latest antivirus, anti-advertising and anti-spyware software."
Was she loading the programs in binary?
I probably personally wouldn't, but there are basically two options. Format your disk (or put in a new hard drive) and start from scratch if you have a properly licensed new install disk of Win 98 around. Second you could buy a bare computer or a cheap Linux machine and install on that, again assuming you had a properly licensed Win 98 install disk. Again, I wouldn't mess up a working system to step back. I get around the problem by using old computers.
It'll be a few days until I can get around to buying a wireless router for my cable modem, so until then I'll probably just be doing the 56k dialup thing via AOL, when I get around to connecting with it at all. I suppose that will make it a little harder to get quickly hit, but not much.
Can anyone recommend what security programs I should download and install on my new XP machine before I make my first connection to the Net with it? (I can just download them on my Mac, burn them to a CD and copy them over to my laptop that way.) Also, how should I configure my whole XP setup for maximum protection?
Any advice will be greatly appreciated. TIA, and Merry Christmas to all!
The laptop I just unwrapped a few hours ago came with Home instead of Pro, but I have a (legit) copy of Pro sitting in a desk drawer collecting dust. Should I attempt to "upgrade"? I've read that individual PC makers make all sorts of tweaks to Windows that are specific to their own machines, and that replacing the preinstalled version with a fresh "universal" copy of Windows will, as a result, often end up causing more trouble than it's worth.
If you have any more advice you could give me regarding what I wrote in post 24 (besides the great advice you already posted above), I'd really appreciate it.
Merry Christmas!
Usually within four hours. Especially if you don't have an anti-virus program running along with a decent firewall. A patched, firewalled and secured computer rarely gets hit. And when it does its easier to attack the problem if you have one instead of hundreds of nasties that have turned $1,5000 into an expensive paperweight.
I did change from IE to Firefox and that took care of the spyware problem.
The old file packet firewall is nice but consumes too much system resources. I've had better luck with Protowall and Blocklist Manager. Both are free network security tools that can be downloaded from bluetack.uk. They run nicely alongside a standard firewall. And you can run a trojan scanner alongside your other security software. Never run two anti-virus or two firewall programs at the same time. You won't get twice the protection and it will slow down the computer since its besieged by the demands of memory hogs. 'Nuff said.
I've been trying almost 2 weeks to deal with a worm...about:blank homepage hijacking devil. Nothing works. :( It's in 2 computers, 98 and xp pro.
I run Windows XP and IE, behind a hardware firewall, but nothing else. I have never had any security problems. If you know what you are doing you should have no problems.
Work; it's all work, even at home.
The first step should be alternatives MSIE, Outlook/Outlook Express. I recommend Mozilla, Firefox or Opera browsers.
For Email, many people use Pegasus (URL above). I use Popcorn E-Mail. The shareware version only supports one POP3 account at a time. However, it is very small, and (best of all) makes no changes to your system (registry, dlls, etc.)
AntiVir Personal Edition - Is my full time AV protection.
I use Antidote Superlite for periodic system scans, and for scanning downloads. Antidote is a scanner only, it does not clean infected PCs. Antidote requires no "install" - simply download the EXE and run it.
Though I've never had a problem with Adware/Spyware, I peridically scan with Ad-Aware SE. (A must-have if you use MSIE.)
I don't run XP, but many consider the XP firewall to be less than ideal. If you have broadband, Google for "Zonealarm" - they have a free version for home use.
A few notes about Anti-Virus products:
In the past, I had used Norton as my full-time AV. However, it missed an infected (trojan) .EXE in a downloaded ZIP file. Luckily, my system was not infected, because I always scan downloads with Antidote, which alerted me to the trojan. However, after this I lost my faith in Norton.
If you read post #12 in this FR thread: Need help re:vanishing emails!, you'll find a Freeper whos' system actually became infected when Norton failed to detect a trojan. If you choose Norton or McAfee, I strongly suggest you use Antidote and/or AntiVir to periodically scan your system, and always scan any downloads.
I recently changed to AntiVir Personal Edition (free). It recently deteced (and protected) me from a Java script virus "JS/OpenConnect.J.3". I searched both Norton & McAfee virus encylopedias for info on this virus, and could find none. I can only conclude that those products do not protect against this virus.
Paul Thurrott's SuperSite webpage where he compares Pro and Home Edition. We needed the logon capabilities of Pro, also the Admin tools, the Remote Desktop feature, and finally, the users and groups capabilities. (NOTE: "The Backup utility is not included in the default installation of Windows XP Home Edition" ... among other things.)
Very handy: Karen's Directory Printer Utility for Windows XP.
A good website for tips about Windows networking: J. Helmig's World of Windows Networking.
If you decide to upgrade from W'XP Home Ed. to Pro, with a computer fresh out - of - the - box, it should not have as yet, any flotsam and jetsam that would interfere.
Three folders that you should back up, first:
In the C directory, there is usually these days, a folder that is the same name as the company that produced the computer. If you have a Compaq, the folder is probably named "COMPAQ" (no quotes). It has several drivers in it.
In the C directory, the I386 folder.
In your system folder, WINDOWS (see: The Windows XP Layout), there is a folder named "Driver Cache" (no quotes).
To make those backups, I usually connect the new PC running Windows XP Home Ed. to the LAN and pump that data over to a PC, from which, I make a few CD's or DVD's of the drivers. (Takes a while. The i386 folder is big.)
We recently had a new PC that came with Windows XP Pro on it, but it was installed on an NTFS partition. We wanted it on a FAT32 partition, for reasons of working with Linux. We could not use the custom-made Windows recovery disc, because the manufacturer's custom-made recovery disc, did not include a format feature. The custom-made disc was a simple, no frills procedure, forcing you to install onto an NTFS partition.
So we picked up an extra W'XP Pro installation CD and did what we wanted, wondering how short on drivers, we would be. Turned out, not bad at all. We needed only three from the backup CD's that we made.
I doubt that you would have that kind of experience. The backups, for your situation, are just to make things easier for you, if disaster strikes. Otherwise, your upgrading to Pro, should be straightfoward.
Make notes of each step. I usually have a notebook, Mac or PC, alongside, typing in every little step, which eventually becomes a repeatable build record; very handy.
A tip: We set up multiple users on all computers. A few have Admin capabilities. The rest are Power Users (that would be Restricted Users on Home Ed.). Our wild idea (again, taken from the voice of experience in others' reports at online forums), is, when the computer acts up, then log off and then back on as some other user and see if the same trouble exists. This lets us know quickly, in general, if the problem is system-wide or user-specific.
A simple explanation of Windows XP Service Pack 2.
If you dare, good luck.
Merry Christmas
Make that "are Power Users, Users, restricted users, is the general idea, of less power to administer the computer."
I have Comcast cable service. When I click "search" in the toolbar, some strange "Your Search Page" appears that I can't get rid of unless I reboot. I am pretty sure my search function has been hijacked. It is really annoying. I have McAfee and Spy Sweeper but they seem to ignore this. Anybody know how to get rid of it? (Right now I have that "search" button" seprated and hidden so nobody accidentally clicks it.) For searches, I just click on the MSN search button and that works fine to get me to Google or whatever.
Work was a tad bit more annoying but upgrading the entire network to an Active Directory domain, slapping install restrictions on all the users and dropping in a Symantec SGS 5420 behind the Mod Access Router ended those problems.
Although, there's no reason to be snobby about it: if I got my first computer ever, today I'd probably have it covered in viruses and spyware by tomorrow afternoon.
Educated users can do just fine with MS operating systems but MS isn't doing enough to protect the uneducated users from themselves. Most probably, the next time I set up a machine for someone I want to remain friends with, I'll make them a SuSe box. Apples are nice but overpriced.
No. Win98 is not "safer" than XP. It's actually far, far more vulnerable.
I would try (in this order):
Download & install "Ad-Aware SE" from Lavasoft. Check for & install any updates. Do a "smart scan" of your system.
Download Antidote Superlite & scan your system.
If neither of these find anything, try:
Spybot - Search & Destroy
AntiVir Personal Edition
Thanks! I'll give it a try.
Ad-Aware SE got rid of that "search" screen!
(It also found and disposed of numerous other "objects".)
Thanks a lot, and MERRY CHRISTMAS!! to you and your family.
Its called a "false positive." Anti-spyware software can report the presence of scumware on a clean computer under certain circumstances. If you are certain its a false alarm, you can instruct the program to ignore the finding the next time you run it.
Yeah, that's for sure. I don't imagine many script-pukelets write for Commadore 64 or Texas Instraments TI-994A's either. I have two TI's somewhere in a closet. Maybe I should fire them up and see if I can remember any TI-Extended Basic.
BTW If you haven't, you may still want to take a look at the Antidote scanner (when you get the time). It's very handy for periodic scans of your system.
Even though I use AntiVir (which I consider excellent) for full-time AV protection, I still scan downloads with Antidote. If you're on broadband, the download won't take long (it's around 5mb in size) And, of course, like everything on my list, it's free.
And a very Merry Christmas to you and yours also!
Spyware Guard and Spyware Blaster, free from Javacool Software
All the other suggestions above, eg. AVG, Ad-Aware, Firefox, etc. are musts, IMHO.
longjack
I never heard of ANYONE getting a virus while running CP/M. You could get 300 baud, and toward the end high speed 1200 baud modems for easy communication.
According to Novell's web site, Suse 9.2 Professional is available, but distribution channels say that it'll be available on January 10.
Mark
24 hours? They got off light.
I recently read that the average time before out-of-the box XP is compromised is about 4 minutes.
You're not kidding... While some of our techs were setting up a few computers for a client, a new "break-fix" tech plugged a client's computer into our network (something that is a HUGH NO-NO!!!) and turned it on... Withing 5 minutes, the worm on that computer had spread to the other, new computers, and they broght down our Internet link, due to the constant traffic going out to the Internet.
Some of those worms and virus infections are really nasty.
Mark
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.