I am absolutely STUNNED, thanks to the NG Experts I've discovered a major security hole.

[Samual]

I'm STUNNED and SHOCKED.

I previously thought I am "FINE" with regards to security issues. I have AVG
allways fully maintained and believed I was invulnerable to attack, I used
spybot and adaware and windows xp firewall.

Since comming to the group, I have now installed zone alarm and sygate, this
lead me to find out some strange activity which upon further investigation
lead me to take advise to install online virus scans.

Frankly I thought it was a bit pointless as I knew I already had got the
best antivirus definitions from AVG antivirus which is world renowned and
its free and easy to update every single day. However, I followed the advice
of the experts here such as Vagabond software and the other regulars and low
and behold I am amazed that I have found more than one virus on my system.

Just to show that you can be lulled into a false sense of security. At least
I now know I have got a problem now I need to work out how to remove it.

Thanks for all the contributions on this forum.

 

[Mike Hall]

Samual

We all learn something from being here.. I cover 20 public newsgroups,
mainly XP related, looking to help, or get my memory jogged, or learn
something that I really didn't know..

 

[Samual]

Samual

We all learn something from being here.. I cover 20 public newsgroups,
mainly XP related, looking to help, or get my memory jogged, or learn
something that I really didn't know..

Yah Mike

Well it is amazing, you know I can't see how the average user really can
understand there system without expert help. >

 

[Steve Shattuck]

I'm STUNNED and SHOCKED.

A little reading before this could have prevented that.

I previously thought I am "FINE" with regards to security issues. I have
AVG allways fully maintained and believed I was invulnerable to attack, I
used spybot and adaware and windows xp firewall.

Anyone that's one the Internet for any amount of time, especially those with
broadband always-on connections, should understand that viruses and spyware
are but two of many exposures. Backdoors, which can get installed on your
system, appear to be pre-approved since they operate from within, and this
necessitates a good firewallt that protects both in-bound and out-bound
threats. In fact, we often welcome these programs with open arms by
installing things like Kaaza, Real Audio and many others.

Since comming to the group, I have now installed zone alarm and sygate,
this lead me to find out some strange activity which upon further
investigation lead me to take advise to install online virus scans.

Well, I would want to run both as the operation of two software firewalls
probably negates of one or the other since they use real-time hooks into the
OS. In fact I would argue that one software and one hardware firewall are
the recommended level of protection, not one or the other. Once the
firewalls are configured, go to www.grc.com and run ShieldsUp to test your
setup.

Frankly I thought it was a bit pointless as I knew I already had got the
best antivirus definitions from AVG antivirus which is world renowned and
its free and easy to update every single day. However, I followed the
advice of the experts here such as Vagabond software and the other
regulars and low and behold I am amazed that I have found more than one
virus on my system.

Are you absolutely sure they are viruses or that they were actually on your
system? Using an on-line virus checker from some companies is just an
excuse to sell you a security product you don't need. In fact, the biggest
abuser just this week agreed to stop alerting people to a security problem
that doesn't exist to sell their software, and is facing jail time for
fraud. Second of all, Backdoors, BHO's, Malware, trojans, etc. go way
beyond the protection of any virus checker.

Just to show that you can be lulled into a false sense of security. At
least I now know I have got a problem now I need to work out how to remove
it.

Yes, and you must also remember to update all these programs frequently and
run them frequently. Think about adding MS's new spyware beta, BHODemon and
run HijackThis at least once to see the magnatude of you systems exposure.

 

[David H. Lipman]

AVG is OK but far from the best AV. Even if it were, it would not fill the whole void of
information assurance.

--
Dave




| I'm STUNNED and SHOCKED.
|
| I previously thought I am "FINE" with regards to security issues. I have AVG
| allways fully maintained and believed I was invulnerable to attack, I used
| spybot and adaware and windows xp firewall.
|
| Since comming to the group, I have now installed zone alarm and sygate, this
| lead me to find out some strange activity which upon further investigation
| lead me to take advise to install online virus scans.
|
| Frankly I thought it was a bit pointless as I knew I already had got the
| best antivirus definitions from AVG antivirus which is world renowned and
| its free and easy to update every single day. However, I followed the advice
| of the experts here such as Vagabond software and the other regulars and low
| and behold I am amazed that I have found more than one virus on my system.
|
| Just to show that you can be lulled into a false sense of security. At least
| I now know I have got a problem now I need to work out how to remove it.
|
| Thanks for all the contributions on this forum.
|
|

 

[Samual]

A little reading before this could have prevented that.


Anyone that's one the Internet for any amount of time, especially those
with broadband always-on connections, should understand that viruses and
spyware are but two of many exposures. Backdoors, which can get installed
on your system, appear to be pre-approved since they operate from within,
and this necessitates a good firewallt that protects both in-bound and
out-bound threats. In fact, we often welcome these programs with open
arms by installing things like Kaaza, Real Audio and many others.


Well, I would want to run both as the operation of two software firewalls
probably negates of one or the other since they use real-time hooks into
the OS. In fact I would argue that one software and one hardware firewall
are the recommended level of protection, not one or the other. Once the
firewalls are configured, go to www.grc.com and run ShieldsUp to test your
setup.


Are you absolutely sure they are viruses or that they were actually on
your system? Using an on-line virus checker from some companies is just
an excuse to sell you a security product you don't need. In fact, the
biggest abuser just this week agreed to stop alerting people to a security
problem that doesn't exist to sell their software, and is facing jail time
for fraud. Second of all, Backdoors, BHO's, Malware, trojans, etc. go way
beyond the protection of any virus checker.


Yes, and you must also remember to update all these programs frequently
and run them frequently. Think about adding MS's new spyware beta,
BHODemon and run HijackThis at least once to see the magnatude of you
systems exposure.

Hi Steve

Reading your post causes more alarm. I will run BHODemon and Hijack this,
the problem is that peopel like me self dont' have the knowledge to
go around checking every single site to make sure we are up to date, we just
want to make one purchase and assume we are safe.

 

[Kelly]

I followed the advice of the experts here such as Vagabond software...

Which advice was that?

--
All the Best,
Kelly (MS-MVP)

Troubleshooting Windows XP
http://www.kellys-korner-xp.com

 

[David Candy]

I don't use any spywear or virus products. I don't take any special precautions. I also don't get infected. You remind me of a person who once crashed a car into a tree and the airbag worked. So that person now uses trees instead of the brakes. My point being you should not be relying on these products to protect you.

While I don't reccommend others do away with, what needs for many, the last line of defense, the attitude of many is that this is the first and only line of defense. This is how a user should defend (I present it as an elastic defense - WW1 german army).

Security Zone - Firewall

Main Defensive Line - Windows normal security features

Second Defensive Line - User

Counterattack Force - AV and AS programs.

But what we have these days is the user works for the enemy, inviting enemy forces behind the lines.

What you need to do
------------------------------

If you have been infected you are too blame. You need to find out what you did that allowed the infection. You need to detect but not repair breaches. Then look those breaches up but not with a "how to clean" focus but a "how did I get it" focus. You don't repair yet because you might want to look at file dates in case it matches an activity. By knowing what you did that caused the infection you can not do it again. Infections where the user is not to blame are very, very rare. Of course one starts with no knowledge.

Remember if you are infected the user let something through the first two lines and their own line. That is THE major security flaw. Identify how you were tricked, where you were ignorant, or careless, so you can not do it again.

Your computing will become fear free.

 

[Al Smith]

AVG is OK but far from the best AV. Even if it were, it would not fill the whole void of

information assurance.

True. The great thing about AVG is that it doesn't slow down or
screw up your system, and it's free. I wouldn't call it the best
antivirus you can get, although maybe it is the best free
antivirus available.

 

[David H. Lipman]

Well there are various free AV software. For a couple more weeks, CA eTrust tops the list.

ClamWin -
http://prdownloads.sourceforge.net/clamwin/clamwin-0.37.3-setup.exe?download - FREE
AVAST -
http://www.avast.com/i_idt_1016.html - FREE
AntiVir -
http://www.free-av.com/ - FREE
AVG -
http://free.grisoft.com/freeweb.php/doc/2/lng/us/tpl/v5 - FREE
CA eTrust - http://www.my-etrust.com/microsoft/index.cfm -
FREE for one year.
{ Free offer ends 2/1/05 }


--
Dave




| > AVG is OK but far from the best AV. Even if it were, it would not fill the whole void
of
| > information assurance.
|
| True. The great thing about AVG is that it doesn't slow down or
| screw up your system, and it's free. I wouldn't call it the best
| antivirus you can get, although maybe it is the best free
| antivirus available.

 

[Kelly]

I don't use any spywear or virus products. I don't take any special

precautions.

Same here as I have stated many, many times before. As for the latter, the
only precaution I do take, concerns my email and html.

--
All the Best,
Kelly (MS-MVP)

Troubleshooting Windows XP
http://www.kellys-korner-xp.com


"David Candy" <.> wrote in message
I don't use any spywear or virus products. I don't take any special
precautions. I also don't get infected. You remind me of a person who once
crashed a car into a tree and the airbag worked. So that person now uses
trees instead of the brakes. My point being you should not be relying on
these products to protect you.

While I don't reccommend others do away with, what needs for many, the last
line of defense, the attitude of many is that this is the first and only
line of defense. This is how a user should defend (I present it as an
elastic defense - WW1 german army).

Security Zone - Firewall

Main Defensive Line - Windows normal security features

Second Defensive Line - User

Counterattack Force - AV and AS programs.

But what we have these days is the user works for the enemy, inviting enemy
forces behind the lines.

What you need to do
------------------------------

If you have been infected you are too blame. You need to find out what you
did that allowed the infection. You need to detect but not repair breaches.
Then look those breaches up but not with a "how to clean" focus but a "how
did I get it" focus. You don't repair yet because you might want to look at
file dates in case it matches an activity. By knowing what you did that
caused the infection you can not do it again. Infections where the user is
not to blame are very, very rare. Of course one starts with no knowledge.

Remember if you are infected the user let something through the first two
lines and their own line. That is THE major security flaw. Identify how you
were tricked, where you were ignorant, or careless, so you can not do it
again.

Your computing will become fear free.

 

[Dan]

Yeah, newsgroups have helped me to be more aware as well.

: I'm STUNNED and SHOCKED.
:
: I previously thought I am "FINE" with regards to security issues. I have
AVG
: allways fully maintained and believed I was invulnerable to attack, I used
: spybot and adaware and windows xp firewall.
:
: Since comming to the group, I have now installed zone alarm and sygate,
this
: lead me to find out some strange activity which upon further investigation
: lead me to take advise to install online virus scans.
:
: Frankly I thought it was a bit pointless as I knew I already had got the
: best antivirus definitions from AVG antivirus which is world renowned and
: its free and easy to update every single day. However, I followed the
advice
: of the experts here such as Vagabond software and the other regulars and
low
: and behold I am amazed that I have found more than one virus on my system.
:
: Just to show that you can be lulled into a false sense of security. At
least
: I now know I have got a problem now I need to work out how to remove it.
:
: Thanks for all the contributions on this forum.
:
: