F
Fats
This is an answer to your question in very simple terms (cause I am simple
<G). While the typical Trojans,etc are still out there, up until
recently they have been designed to do "bad" things and are usually a pain
in the a@@ to remove. But the newer types of threats
stem from rootkit/malware. These attacks are very sophisticated and usually
with one goal...to steal your personal information without
you being aware its happening. They don't use cutesy names, create obvious
signatures, etc. They rely on stealth and watchdogs.. A little
clarification...stealth
actually means modifying the system tools to prevent you from discovering
the attack.. For instance, code is often injected into task manager (and
other tools )
that prevent task manager from displaying the process. You go out and use
task mgr to check your running processes, and the results look as
expected...EXCEPT the attacking process doesn't show up!! So you think
everything is kewl..not. And lets say you determine a specific process is an
attack, and you kill it..BIG mistake.
Additional processes are running who's sole purpose in life is to monitor
the attacking process, and if it is killed, start it up again.
So you would see the process go away and within a second or two come right
back. And now the watchdogs have been alerted someone is trying to kill the
attacker.
And so it goes.... Unless a particular attack can be given a signature (and
it probably can't) Virus programs are all but useless in identifying the
attack, let alone removing it
Probably the most important thing you can do to keep from being infected is
to stay away from the obvious sources of infection..Porn sites, MySpace,
etc. In other words,
any site you visit while behind closed doors <G>
<G). While the typical Trojans,etc are still out there, up until
recently they have been designed to do "bad" things and are usually a pain
in the a@@ to remove. But the newer types of threats
stem from rootkit/malware. These attacks are very sophisticated and usually
with one goal...to steal your personal information without
you being aware its happening. They don't use cutesy names, create obvious
signatures, etc. They rely on stealth and watchdogs.. A little
clarification...stealth
actually means modifying the system tools to prevent you from discovering
the attack.. For instance, code is often injected into task manager (and
other tools )
that prevent task manager from displaying the process. You go out and use
task mgr to check your running processes, and the results look as
expected...EXCEPT the attacking process doesn't show up!! So you think
everything is kewl..not. And lets say you determine a specific process is an
attack, and you kill it..BIG mistake.
Additional processes are running who's sole purpose in life is to monitor
the attacking process, and if it is killed, start it up again.
So you would see the process go away and within a second or two come right
back. And now the watchdogs have been alerted someone is trying to kill the
attacker.
And so it goes.... Unless a particular attack can be given a signature (and
it probably can't) Virus programs are all but useless in identifying the
attack, let alone removing it
Probably the most important thing you can do to keep from being infected is
to stay away from the obvious sources of infection..Porn sites, MySpace,
etc. In other words,
any site you visit while behind closed doors <G>