ampage
Tube Amps / Music Electronics
For current discussions, please visit Music Electronics Forum. The sunn still shines online!

ampage archive

Vintage threads from the first ten years

Search for:  Mode:  

Spyware ?


 :
5/28/2004 8:27 PM
jaysg
Spyware ?
The IT guy just cleaned 60 pieces of spyware off my work PC. There were no viruses or screwed up system files. (small yippie!) So what exactly are spybots doing on my computer? I understand that I picked them up on the net, but who wants their output and for what uses? Seems pretty crummy. :(
 
5/28/2004 9:07 PM
mod

Yea these days spyware is everywhere, it's not uncommon for me to run a spyware scan and find over 300 bits of spyware on a pc, it can really bog a machine down, on my personal pc i run 2 pieces of spyware protection but I highly recomend spybot for one it's free and you can enable the active immunization which will let you know what sites are trying to load spyware on your pc and blocks it from being loaded. http://www.tucows.com/preview/310138.html  
here's a site where you can dl it.  
good luck!
 
5/29/2004 7:22 AM
Dai Hirokawa

and get ad-aware too. seems to work well.
 
5/29/2004 9:10 PM
bob p
quote:
"and get ad-aware too. seems to work well."
 
 
 
i use ad-aware too, but I haven't tried spybot. Ad-Aware is great for finding and eliminating spyware installations after the fact, but it doesn't help to prevent infestation in the first place. so it seems that i'll have to try spybot as well.  
 
my solution so far (disabling cookies on the PC) has been a pretty poor solution to the problem --it tends to make most web sites dysfunctional.  
 
bob
 
5/30/2004 4:40 AM
Steve B. Re: Spyware ? Speed chime in please
FYI,  
You can get Spyboy free out on the net (Cnet) and also adaware free too and run them both as one will find some stuff and the other will find other stuff to help keep your pc somewhat clean.  
If you can find ZoneAlarm for free and use it, it will show how many scans in port 80 (The Internet) that people are trying to get access to your pc. Use your fire wall if running Windows XP and make damn sure your critical updates are all current!  
Get Norton antivirus too as that is a must!  
 
Speed Racer can back me up on this as well as some other useful info. There are more criminals than ever now using the Internet to scam folks by getting personal info (credit card numbers, SS numbers, ect.) so be careful what you have on your pc and also beware of doing the online banking as there are hack programs (trojans) that will record your keystrokes and send that info to a anonymous website that some one will get your name and password to get into your bank account and poof goes your money!  
Identity theft is on the rise through the WWW SO BE CAREFUL!  
Hope this helps some  
 
Steve
 
6/2/2004 8:37 PM
SpeedRacer
[/start_rant]  
#1 - the internet is a mean place. Imagine a world full of machines that are poling and prodding and exploiting any weakness 24/7. That's the net. It never stops, or sleeps. I log over 25,000 attempts per day here at the office.. Trojans, viri, folks looking for proxy servers, ftp servers, to break into windows machines, etc. Viri, trojans and other malware are scanning network after network looking for known vulnerabilities all day and night, every day. Your PC on a cable modem at home is under the same threat as anyone else.. maybe more since most 'soft targets' are home PC's. I've read accounts of professional security researchers who have had unpatched machines hacked within 15min of being placed on the internet. It's not just a nuissance, it's a worldwide probem with some serious implications. Take the slammer worm - that took down the internet effectively in record time. With the reliance on the internet for a myriad of systems (finance, infrastructure, rescue, etc) to function properly, everyone has to do their part to protect it. No joke.  
 
What can you do?  
- use a NATting router (ie: firewall/cable router) - commonly available for well under $100. While this is not a "stateful" firewall, it is connection aware and will protect the machines behind it very effectively against most things. These are often advertised as being stateful devices, but they are not. Hopefully someday soon there will be stateful devices that will be affordable for the home. If I come across something easy to use and cool I will certainly post about it. meanwhile this is a great first step towards not being 'part of the problem'.  
 
- Use a host based firewall such as ZoneAlarm Pro. Checkpoint software recently purchased Zone Alarm so it's only going to get better.. Checkpoint makes what is arguably the best firewall package on the planet. (Firewall-1) There is a free version of Zone Alarm so cost is not a issue.  
 
- KEEP CURRENT ON YOUR PATCHES!! nuff said.  
 
- PURCHASE ANTI-VIRUS SOFTWARE AND KEEP IT UP TO DATE. Have live-scan functionality enabled and run a full scan of your PC once a day.  
 
- If you receive an email purporting to be from Microsoft tech support or some other major firm's support center - DELETE IT. They do *not* ever email folks at random to send them things. Patching is a PULL system, not a push. (forget SUS for a moment..) If you get an email from ebay or paypal or your bank.. ignore it as well unless you're 100% positive it is real. There are more and more "phishing" scams going on, folks trying to get your CC or personal info. You cannot be paranoid enough. Call your bank, or whomever to see if there is a legit process going on.  
 
- If your OS supports it, create different user accounts and do the majority of your work as a user with very limited rights to the file system and OS. This will afford you a lot of protection in the event that something gets in - it will run as "you" and can only damage what you can damage. if you're the admin, it can wipe the machine..  
 
Yes, it's an investment of time & money but it's well worth it both to protect you and your data as well as the community you're a part of when you connect.  
 
[/end_rant]
 
6/2/2004 8:58 PM
bob p
[QUOTE]the internet is a mean place. Imagine a world full of machines that are poling and prodding and exploiting any weakness 24/7. That's the net. It never stops, or sleeps.  
...  
I've read accounts of professional security researchers who have had unpatched machines hacked within 15min of being placed on the internet. [/QUOTE]yep, that really happens. when we finally had broadband brought to our neighborhood, a number of us decided to sign up for Verizon DSL. just as you'd expect of a mean place like the internet, the machines that are out to do harm are polling, prodding, and exploiting in a nonrandom fashion:  
 
its no coincidence that the pay dirt for these guys is in home broadband installations. such installations offer the two things that the bad guys are after: 1) a high-bandwidth connection, and 2) a Windows based machine that is often easily penetrated. (If you have a Linux/Unix based machine that isn't properly secured, you've offered the hacker a dream come true -- a truly powerful and unsecured platform with broadband access).  
 
as a case in point, one of my friends down my block bought their first home PC along with a broadband hookup. it didn't take long for their PC to start misbehaving. things got so bad that they guys at Dell Tech Support told them to just reformat the drive and resinstall Win XP Home Edition. the support guys made the mistake of telling them to reinstall Win XP without telling them to unplug the DSL modem from the phone line. before they had time to even install the XP updates or reach for the firewall software CD the system had been penetrated.  
 
why does this happen? the bad guys know that XP is sitting on alot of inadequately protected home broadband connections, so their portscanners routinely, selectively, and non-randomly monitor IP addresses that belong to home broadband service providers. when a new/improperly configured system comes online, they are instantaneously recognized, providing a quick and easy hit.  
 
[QUOTE]What can you do?  
- use a NATting router (ie: firewall/cable router) - commonly available for well under $100. While this is not a "stateful" firewall, it is connection aware and will protect the machines behind it very effectively against most things. [/QUOTE]  
 
I followed Speedy's NAT recommendation when I first went online with broadband. I bought a D-Link DI-604 wireline router for $20-$30 (after rebates) at one of the major office stores. Its supposedly an SPI-compliant router, but in reality it probably falls into the category of quasi-stateful products that Speedy is talking about.  
 
my personal suggestion would be to avoid wireless routers unless you absolutely cannot get by without one and you're very familiar with how to secure them.  
 
I bought the wired NAT router as a stopgap measure while I planned on getting up to speed with Linux. The plan was to set up an old PC as a linux firewall/proxy using Mandrake Multi Network Firewall. (the D-Link NAT-in-the-Box solution has turned out to work so well that I've decided to keep it and instead reassign my old PC the task of a print server.) After installing the router I tried portscanning my IP address from the outside and all ports had been successfully stealthed. I've never had a logged system penetration. So if you need a quick and dirty solution, this is a pretty cost effective way to go.  
 
I reluctantly have to admit that I was without any firewall software for a period of MONTHS using only the NAT system. I finally installed Zone Alarm and McAffee Firewall and AntiVirus on various PCs on my home LAN. They've been running behind the NAT router for a couple of months now with no logged penetrations or virus identifications, so I can't say that they've added all that much security to my system -- either that or i just live a very safe and boring online lifestyle (!) that has worked in my favor! in either case, the NAT router works exceptonally well at providing basic protection from the outside.  
 
IMHO, once you have a decent NAT router with firewall capabilities, external threats aren't that much of a problem -- but that still shouldn't lull anyone into a false sense of security. The biggest problems come from internal threats in the form of Trojan Horses and Spyware, so good firewalls and anti-spy software become very important. Although I haven't fallen victim to a trojan horse yet, its amazing how many spy cookies Ad-Aware has found on my PC, even though I have IE 6.0 configured not to accept them. There are some definite security holes there...  
 
Just my $0.02. :)
 

  Page 1 of 3 Next> Last Page>>