Elephant
First Post
Michael Morris said:
Burning and running a Knoppix CD is also a good way to get some exposure without committing to the complicated task of learning to use Linux.
http://www.knoppix.net/
-
NOW LIVE! Into the Woods--new character species, eerie monsters, and haunting villains to populate the woodlands of your D&D games.
Bah! Spyware. Whinging ahead!
- Thread starter Inconsequenti-AL
- Start date
Burning and running a Knoppix CD is also a good way to get some exposure without committing to the complicated task of learning to use Linux.
http://www.knoppix.net/
Zedcuk said:
This is not quite true. Those Cable/DSL Router/Firewalls block all incoming unsolicited traffic, even port 80. However, most spyware piggybacks in on solicited traffic (for example, you head to a 2nd tier news site and its sponsors snake you).
The point being: if you use a hardware firewall, then your browsing habits are what are giving you spyware.
Cthulhu's Librarian
First Post
derek_cleric said:
then run Windows Update again, and again, and again, until it comes up without any additional patches. There are so many patches to the patches, you need to run it several times to make sure you have them all. then set your PC to automatically run and install all future updates. And still check it every week or so manually to make sure you are current with all the "Non-critical" updates and patches.
Enkhidu said:
Http traffic is connectionless. What you describe is still initated by your browser even though you know nothing of it.
you open a request to a specific website. A 302 redirect tells you to open another webpage. Your browser does so and bam spyware gets into your system. There is no unsolicited traffic involved in the scenario because the firewall sees it all as being issued by your ip address. Hence the firewall in and of itself is of no value in this scenario.
The latter part of your second statement is spot on: Your browsing habits dictate whether or not you have a high chance of getting spware or not.
If it was a network based propagation method ie like Blaster then the firewall - if good enough - will stop that type of spyware / malware from infecting you.
Spyware is all about browsing habits and not firewalls. Else why would Corporation who use $100,000+ installations of firewalls quote spyware as their biggest risk? IF Checkpoint NG cant mitigate it then your $100 router sure can't. Even Content filtering products are struggling to catch up and halt spyware.
Cthulhu's Librarian
First Post
Elephant said:
Knoppix is great for getting a feel for Linux without having to do any installations on your HD.
Another excellent Linux distribution that has a live CD (ie. bootable CD) version is Ubuntu. I liked the live version so much, I have a PC running the installed version here at work to play around with. Try it, it's a great distribution.
http://www.ubuntulinux.org/download/
Zedcuk said:
Maybe I'm crazy, but I thought that's what I just said and that we agree on the specifics. Hijack/redirection/what-have you, spyware comes in via what your browser considers solicited traffic, and your firewall blocks unsolicited traffic over that port (for example, telnetting over port 80). And that no amount of hardware or software will save you if your browsing habits make you a mark.
Inconsequenti-AL
Breaks Games
derek_cleric said:
Never knowingly done that!
I've got the Microsoft Anti Spyware Beta on my machine. A few run throughs and it seems to have stopped respawning the spyware. The offending article looks to be most likely a trojan called 'Bubbas Wintools' or possibly some browser modifications called WebSearch.
Thanks a lot for all the help here. It's really appreciated. I'll try to return the favour sometime! - Anyone want a custom written statistical analysis package?
Cthulhu's Librarian
First Post
Inconsequenti-AL said:
Ah, the dreaded "CoolWebSearch"
Thats the program that CWShredder was designed to eliminate. It's a pain in the ass, and REALLY difficult to get rid of once you have it. Glad that the Beta took care of it. Keep an eye out, though, it often comes back after you thought it was gone...
cybertalus
First Post
WebSearch is a serious pain to get rid of. It's been a while since I had to wage war against it, but I almost think I had to manually delete registry keys to get it to stay gone. Well gone, until the next time my boss clicked on some website that installs it again.
Oh, and I definitely agree with the people who recommend a non-IE browser. I've used Opera for almost five years now, and aside from cookies I never turn up anything in spyware scans. I'm also quite careful in my browsing habits, although McAfee occasionally turns up a virus in some javascript files on one of those song lyric websites. I keep meaning to write down which one it is and make an entry for it in my HOSTS file that points to the loopback address.
Oh, and I definitely agree with the people who recommend a non-IE browser. I've used Opera for almost five years now, and aside from cookies I never turn up anything in spyware scans. I'm also quite careful in my browsing habits, although McAfee occasionally turns up a virus in some javascript files on one of those song lyric websites. I keep meaning to write down which one it is and make an entry for it in my HOSTS file that points to the loopback address.