Go Back   Aquarium Advice - Aquarium Forum Community > Community Forum > Aquaria Off-Topic
Click Here to Login

Join Aquarium Advice Today
Closed Thread
 
Thread Tools Search this Thread Display Modes
Please support our sponsors and let them know you heard about them on AquariumAdvice.com
 
Old 03-10-2005, 10:25 AM   #21
Aquarium Advice Addict
 
Join Date: Dec 2003
Location: Central Ohio
Posts: 1,728
Send a message via Yahoo to deli_conker
Quote:
Originally Posted by william
And, no offense, but thats why we have massive viral epidemics in windows systems like all the worms that have made news recently. Windows updates provides updates that protect you from the exploits the virus/worm uses.

Because people don't patch/patch as often as they should.
No offense in return, but we have viral epidemics because most people see a file called "britney_spears_naked.mpeg.exe" and double click it. Or they say, "I can get all sorts of free stuff from this program called gnutella/kazaa/limewire/etc." Or they open email (that's in html format with a nice little script inside) from somebody they don't know and/or didn't solicit. Or they go to a java script enriched site while having administrator/power user permissions and get all sorts of nice "plug-ins" installed without knowing it.

In effect, most people ASK for a virus (ignorance isn't an excuse anymore).

Security is often not implemented because it is costly. The big nasty worms affect servers that an administrator should be taking care of with proper knowledge of security, not the latest magic patch that who know's what could do to a production machine. Remember, most patches come out AFTER the exploit is well known about. There's still a window of opportunity where systems are vulnerable (even with automatic updates).

Quote:
So, the best protection, is to let Windows update automaticly so it can grab patches soon as their ready.
No. The best protection is abstinence. You don't want a virus? Then don't connect to an external network. You take a chance by doing so. Use a public PC at the library for your web research and email.

If something comes out that will affect my machine, I patch it. Why would I want my pc to determine what should be installed on it? I suppose most people simply forget to update or get lazy about it and they need automation. I don't. And I'm selective about what gets installed. Like I said earlier, I run a very clean operating system. The only program running in the background aside from what is needed to run the OS is a firewall. I don't duct tape 30+ hotfixes to the OS just because they exist.

In my opinion, the best way to avoid a virus is by learning how to write one. I know that isn't practical for most people to do, but getting to that point means you have enough of an understanding of how software interacts with the OS to "know better" when it comes to downloading who-knows-what from who-knows-where.

I'm thinking about writing a firewall. I still have a lot to learn, but I'll feel a lot "safer" knowing what is protecting my machine.
__________________

__________________
deli_conker is offline  
Old 03-10-2005, 10:51 AM   #22
Aquarium Advice Addict
 
Join Date: Sep 2003
Location: Florida, USA
Posts: 2,829
The virus and worms I'm refering to are independant.

They scan the net and look for unpatched computers in which to infect, so they can have yet another node to replicate and attack from.


THey exploit holes in the OS, Holes that Windows Update patches. These are not trojans that people get from downloading files, These are worms that self-replicate and look for unpatched OS's to attack.


Patching Windows is the most effective means to stop these attacks.


Like the last round of worms we had. It wouldn't have even gotten a raised threat alert IF People would just patch their computer when updates became avalible. If everyone on the net had the most recent patches of the time, It wouldn't have even made the news.
__________________

__________________
30gal; Bala Shark, Pl*co
William is offline  
Old 03-10-2005, 11:00 AM   #23
Aquarium Advice FINatic
 
Join Date: Aug 2004
Location: Northwest Indiana
Posts: 711
Quote:
Originally Posted by deli_conker
No. The best protection is abstinence. You don't want a virus? Then don't connect to an external network. You take a chance by doing so. Use a public PC at the library for your web research and email.

Straying from the subject slightly, but this is a sad commentary however true it may be. My last system was so corrupted with viruses and adware/spyware that by the end it was nearly unusable. The internet is probably the greatest communications advancement in the history of man since the printing press and we sit by and allow it to be destroyed by smut and viagra peddlers. Unthinkable.

I remember when my machine was down maybe a year or two ago when that 16 year old kid spread a modified virus. I think I spent 6-8 hours fixing my computer. I think I figured that the aggregate cost, in man hours, of repairing the damage that kid caused was equivalent to the time it took to build the Hoover Dam - three times over (and that's just in the U.S.). He'll face nary a consequence for his actions. This kid can destroy wonders of the world and face fewer consequences than if he were caught with expired tags on his car.

I'm wondering when the government is going to get serious about spam, viruses, adware, and spyware?
__________________
We'll be fighting in the streets with our children at our feet, and the morals that they worshipped will be gone.

And the men who spurred us on sit in judgment of all wrong, they decide and the shotgun sings the song.



125 SW
80 lb LR
330w PC
Euphyllia, Alveopora, Pachyclauvularia (Metallic Green and Daisy), Frogspawn, Torch, Gold Nepthea, Kenya Tree, Galaxea, Pulsing Xenia, various leather (umbrella, toadstool, fingers, devil fingers, lettuce)
Maroon Clown/White tip LT anemone, Powder Blue Tang, Female Swallow Angel, SixLine Wrasse, Solar Fairy Wrasse, Firefish, Fathead Anthias, Blue Mandarin, 3 Chromis, 3 Green Gobies
Clown Monarch is offline  
Old 03-10-2005, 03:24 PM   #24
Aquarium Advice Addict
 
Join Date: Dec 2003
Location: Central Ohio
Posts: 1,728
Send a message via Yahoo to deli_conker
Quote:
Originally Posted by william
They scan the net and look for unpatched computers in which to infect, so they can have yet another node to replicate and attack from.


THey exploit holes in the OS, Holes that Windows Update patches. These are not trojans that people get from downloading files, These are worms that self-replicate and look for unpatched OS's to attack.
The only way a "foreign" entity will access your pc, is if you have a service with an open port running. A home user doesn't have to worry about turning on his pc and having an unsolicited virus taking over. It doesn't work that way.

You have to have a program running on your pc that accepts unsolicited outside connections. Your browser (unmodified) doesn't do that. In fact, it makes unsolicited outside connections to other pc's that are running software accepting connections with the intent of serving up web pages.

Let's say you go to aquariumadvice.com, the server software (in this case, Apache/2.0.51 (Fedora) on one of serverbeach's servers) accepts the unsolicited outside connection and sends the home page back to you. Since the server side software accepts your browser connection, you can browse the site.

Having that opening (on the server) also makes it vulnerable to other outside access attempts. They may be benign, they may be malicious, who knows. The fact is that it is open.

Let's say you decide to use peer to peer software to download some mp3's. First off, a lot of the p2p stuff installs other things besides the client software. If you read the license at the start of the install, it will often mention other software might be installed in conjunction to the original program. This other software when running can easily decide to open a port on your pc. After it does that, guess what? You're open!!! Hell, it might even broadcast to other pc's the fact that you are open and can potential accept those pesky unsolicited outside connections. Did somebody say spyware? But where did you get it? Oh yeah, YOU installed it.

Infected emails sent from the information gleaned from somebody's address book follow the same pattern. Somebody catches a virus by running the program that triggers it. The program looks for pst or wab files on the host machine. It finds the email addresses contained within and sends several spoofed emails via a remote server with an attachment that contains the original virus. Rinse and repeat. The virus didn't run until the end user told it run.

You'll notice that most virii affect servers and not home pc's. Why is that? Well, who here is running SQL server to give access to a datbase from their home machine? IIS? Anybody? Didn't think so. Those are the machines that the so called self-replicating worms attack. They look for a computer running software that has an open port. When they find one, they access it (unsolicited) and do their dirty to it.

There are holes in certain programs which do need to be patched. Sending a virus in a picture is one of them. The user opens it using the latest media player (instead of a simple picture viewer). Since the media player is trying to do everything (video, audio, pictures, cd burning, etc.) it's more complex and not 100% tested at release time and thus more prone to having holes in it (security wise). The player doesn't calculate the size of the picture before moving it to a static buffer and because the size is not correct it causes a buffer overflow and allows arbitrary code to be executed (either opening up a hole or perusing your address book etc.). It's the same old story, just a different application being exploited. But still, you are the one that opened the picture.

Imagine the computer virus to be like a vampire; it cannot enter your house unless you invite it in.

Quote:
Originally Posted by Clown Monarch
Straying from the subject slightly, but this is a sad commentary however true it may be. My last system was so corrupted with viruses and adware/spyware that by the end it was nearly unusable.
I was talking to my boss about this over lunch today. His conclusion is that about 90% of virii are more of a "social engineering" than masterful programming. Like the example I gave earlier with the "britney_spears_naked.mpeg.exe"; it's trying to trick the user into running the program, that's the hard (and unfortunately, easy) part.
__________________
deli_conker is offline  
Old 03-10-2005, 03:55 PM   #25
Aquarium Advice FINatic
 
Join Date: Aug 2004
Location: Northwest Indiana
Posts: 711
At some point someone installed a virus on my machine that blocked the Windows Update site. I couldn't update XP and every parasitic loser drug my system into the dirt like jackals on a wounded water buffalo.

I remember every popup I see and make it a point NOT to ever patronize that business under any circumstances. Popups are mostly trash I would never bother with, but I remember seeing a Burger King popup. Too bad, I used to like Burger King.
__________________
We'll be fighting in the streets with our children at our feet, and the morals that they worshipped will be gone.

And the men who spurred us on sit in judgment of all wrong, they decide and the shotgun sings the song.



125 SW
80 lb LR
330w PC
Euphyllia, Alveopora, Pachyclauvularia (Metallic Green and Daisy), Frogspawn, Torch, Gold Nepthea, Kenya Tree, Galaxea, Pulsing Xenia, various leather (umbrella, toadstool, fingers, devil fingers, lettuce)
Maroon Clown/White tip LT anemone, Powder Blue Tang, Female Swallow Angel, SixLine Wrasse, Solar Fairy Wrasse, Firefish, Fathead Anthias, Blue Mandarin, 3 Chromis, 3 Green Gobies
Clown Monarch is offline  
Old 03-10-2005, 04:56 PM   #26
Aquarium Advice Addict
 
Join Date: Dec 2003
Location: Central Ohio
Posts: 1,728
Send a message via Yahoo to deli_conker
Quote:
Originally Posted by Clown Monarch
At some point someone installed a virus on my machine that blocked the Windows Update site.
This is usually done with java script on a web site and isn't a virus or spyware by itself. It usually modifies your browser's home page first off (easy). Then it pushes a toolbar or equally annoying "utility" (read: spyware/adware) as a plug-in onto your pc (easy). Within the installation process, it alters the registry. An example of one I had to deal with at work lately...


If the user trys to go to google or yahoo, it redirects them to yupsearch.com.
It's a pretty common way of mucking up somebody's system. I still think learning how your OS works is the best way to prevent bad stuff happening to your system...
__________________
deli_conker is offline  
Old 03-10-2005, 05:41 PM   #27
Aquarium Advice FINatic
 
Join Date: Aug 2004
Location: Northwest Indiana
Posts: 711
Where do I find that list you showed there, Deli?
__________________
We'll be fighting in the streets with our children at our feet, and the morals that they worshipped will be gone.

And the men who spurred us on sit in judgment of all wrong, they decide and the shotgun sings the song.



125 SW
80 lb LR
330w PC
Euphyllia, Alveopora, Pachyclauvularia (Metallic Green and Daisy), Frogspawn, Torch, Gold Nepthea, Kenya Tree, Galaxea, Pulsing Xenia, various leather (umbrella, toadstool, fingers, devil fingers, lettuce)
Maroon Clown/White tip LT anemone, Powder Blue Tang, Female Swallow Angel, SixLine Wrasse, Solar Fairy Wrasse, Firefish, Fathead Anthias, Blue Mandarin, 3 Chromis, 3 Green Gobies
Clown Monarch is offline  
Old 03-10-2005, 05:59 PM   #28
AA Team Emeritus
 
BillyZ's Avatar
 
Join Date: Apr 2003
Location: Western NY
Posts: 4,064
Quote:
Originally Posted by deli_conker
The only way a "foreign" entity will access your pc, is if you have a service with an open port running. A home user doesn't have to worry about turning on his pc and having an unsolicited virus taking over. It doesn't work that way.
I hate to be so blunt, but you are just simply wrong.
http://news.com.com/2100-7349_3-5313402.html

Monarch, that list is the windows system registry. Be very careful when changing that. If you're not sure of what you're doing, I wouldn't modify it manually. That said, start>run>regedit... be careful


William and Deli, you both make valid points. lets not stray too far off topic.


How's that video card working for you Monarch?
__________________
Acronyms and Abbreviations
BillyZ is offline  
Old 03-10-2005, 06:03 PM   #29
Aquarium Advice FINatic
 
Join Date: Aug 2004
Location: Northwest Indiana
Posts: 711
I actually just bought one today (carefully steering back to the topic).


A Radeon 9600 256mb card. There was a huge price difference between manufacturers, so I went with the cheaper one (because Cheap is my middle name). It's "Sapphire ATI". There were lots of good reviews so I decided to try it.
__________________
We'll be fighting in the streets with our children at our feet, and the morals that they worshipped will be gone.

And the men who spurred us on sit in judgment of all wrong, they decide and the shotgun sings the song.



125 SW
80 lb LR
330w PC
Euphyllia, Alveopora, Pachyclauvularia (Metallic Green and Daisy), Frogspawn, Torch, Gold Nepthea, Kenya Tree, Galaxea, Pulsing Xenia, various leather (umbrella, toadstool, fingers, devil fingers, lettuce)
Maroon Clown/White tip LT anemone, Powder Blue Tang, Female Swallow Angel, SixLine Wrasse, Solar Fairy Wrasse, Firefish, Fathead Anthias, Blue Mandarin, 3 Chromis, 3 Green Gobies
Clown Monarch is offline  
Old 03-10-2005, 06:07 PM   #30
AA Team Emeritus
 
BillyZ's Avatar
 
Join Date: Apr 2003
Location: Western NY
Posts: 4,064
What did you pay? and... let me know how it performs. I'm looking to update the video card my desktop and will likely do something very similar. And an ATI 9600-9800 is what I've been leaning towards. My machine is also an oldy but a goody. Good enough it will do well with a video update... but old enough I don't want to spend big bucks! hehe
__________________

__________________
Acronyms and Abbreviations
BillyZ is offline  
Closed Thread

Tags
video

Please support our sponsors and let them know you heard about them on AquariumAdvice.com

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
high range pH color card Freshwater & Brackish - General Discussion 5 05-18-2005 04:22 PM
nitrate test color card spence0416 Freshwater & Brackish - General Discussion 4 11-19-2004 03:19 PM







» Photo Contest Winners








Copyright 2002- Social Knowledge, LLC All Rights Reserved.

All times are GMT -4. The time now is 07:31 AM.


Powered by vBulletin® Version 3.8.8 Beta 1
Copyright ©2000 - 2017, vBulletin Solutions, Inc.