anti malware

I can't remember where the setting was, but it at least used to be available somewhere in the config menus back when I still tried to use FF, before IE7. Never used Noscript myself. Don't even know if it existed then, browser exploits and shit weren't as common in those days.

Maybe they removed it, I dunno. I don't bother with FF anymore, IE does everything I need and it is faster and more responsive than FF on the things I care about so...
 
PC World reports that a new, critical bug in Adobe's Flash Player is being exploited by attackers. The bug affects Adobe Flash Player version 10.0.45.2 and earlier on all operating systems, including Windows, Macintosh and Linux. It is also found in the latest versions of the widely used Reader and Acrobat software, Adobe said. "There are reports that this vulnerability is being actively exploited in the wild against both Adobe Flash Player, and Adobe Reader and Acrobat," Adobe said in its security advisory. When exploited, the flaw can cause Adobe's software to crash, but it can also give attackers control of the computer, Adobe said.

Note, you cannot simply update your player, as the current version is vulnerable. You must install the 10.1 release candidate.
http://labs.adobe.com/downloads/flashplayer10.html
 
Adobe needs to die. Their shit is shit, and they don't even update it properly either.
 
Grall said:
Sandbox IE in a virtual machine that gets reset each time it is shut down. Then it won't matter how much shit you get infected with, it won't be able to do any harm anyway - have AV software installed all the same of course! - and a strong firewall to block any outgoing unauthorized communications any viruses might want to send out; spam, DDOS packets, copies of itself and so on.
Click to expand...

Not possible. Unfortunately in my companies industry, we have a mix of AD controlled domain computers, and personally owned laptops/desktops with wildly varying OS's in the same environment. I have to be able to compensate for users own laptops that can't join a domain, can't change OS's, can't make major changes to etc.
 
Then your only real options are endpoint firewall & web filter based. Have you looked at the Barracuda webfilter/spyware box? Surfcontrol is decent too as is that free one DansGuardian. Basically you're going to have to route everything through a proxy that only allows connection to known safe sites. You could even try this with OpenDNS if you have dhcp foe all the clients and static ips for external.
 
Well the next problem is that we have 8 offices, each having their own cable internet. There's a decent amount of web traffic in each office and there's no way I can justify dedicated T1+ links between the offices to the head office to centralize the web traffic, and they wouldn't pay for endpoint protection for all 8 offices either. I have office-to-office VPN links but no way I would route all web traffic over them. Cheaper just dealing with the issues as they arise.
 
Untangle is free & includes a good web filter. It's best run on a low-end dedicated box, but there is an XP version (called re-router) that works well so long as you have a dumb router that doesn't block ip spoofing from your LAN.

You could easily install the dedicated version on some old boxes and put one at each site. You'll need dual NICs, but they can be configured and monitored via https and have many good features. I dropped mu checkpoint VPN-1 fw & barracuda for untangle two years ago and it's been great.
 
Does anyone have links to this type of malware site? Preferably a "test your vulnerability" site, but I'll take the real thing too. I'd like to see how good my security is.
 
Malo,

Why's your company still relying on IE6? It's obsolete and being phased out faster and faster by basically everyone important. Does MS even release security updates for it? Even if they do, they won't do it forever. IE6 is already causing you problems, it's just going to get worse from here on out, never better.

Yes, switching to something else is going to cost you people money, but it will cost you even more money in the future when the need to switch away from IE has become so imperative that it just can't wait any longer. So simply bite the bullet and migrate away from that junk. It's nearly a decade old by now, what other piece of software are you using that is THAT old? ...Well, other than winxp, I mean.

It's been known for years that IE6 is baaaaaaad. Holding on to it is just going to give you people a lot of grief and unneccessary work. But sure, don't do anything now, or in a year, or two. Just keep on the way you're going, and then one day when you've been haxed in a major way, your company secrets stolen, your databases trashed, rootkit malware on your workstations and so on... Well, just remember it could all have been avoided. ;)
 
Grall said:
What kind of websites do you visit? Certain categories of sites are crap full of malware (heh, you can probably figure out yourself which ones that might be... ;)

So to avoid malware, don't visit shady websites. And keep your system patched up using windows update. Avoid Adobe products if possible, acrobat and flash are giant security holes and Adobe's basically doing sweet fanny adams to fix them.
Click to expand...

Thanks! no shady sites haha, just torrent sites to watch tv shows that I missed etc. I try to update my comp. as much as possible with symantic live update. I guess I need better virus protection
 
Grall said:
Malo,

Why's your company still relying on IE6? It's obsolete and being phased out faster and faster by basically everyone important. Does MS even release security updates for it? Even if they do, they won't do it forever. IE6 is already causing you problems, it's just going to get worse from here on out, never better.
Click to expand...

I didn't say IE6, I said IE. Many sites run by companies serving our industry require IE 7 or 8.
 
Mize said:
Does anyone have links to this type of malware site? Preferably a "test your vulnerability" site, but I'll take the real thing too. I'd like to see how good my security is.
Click to expand...

I do (click on some of the links, you dont have to download any files)

Warning this is a real site go there at your own peril

http://gf.wiretarget.com/

ps: keep an eye on running processes for any additional processes and check your startup entries for anything being added
kill process, delete file, delete startup entry.

what happened in opera when i still had reader installed was the browser would crash (I think an url to a pdf file would cause a buffer overflow) then a process would be created and an entry in the startup section of the registry
 
Maybe put the link in a spoiler tag in case of casual clicking from users?
 
Renny 722 said:
Thanks! no shady sites haha, just torrent sites to watch tv shows that I missed etc. I try to update my comp. as much as possible with symantic live update. I guess I need better virus protection
Click to expand...

Heh, many public torrent sites, ARE a bit shady. I've had a few of the popular ones (piratebay, isohunt, etc.) redirect to sites that attempted to inject malware including the one mentioned in this thread.

Regards,
SB
 
Grall said:
Two of the people behind this exact scumware are in fact being prosecuted right now for fraud on the order of tens of millions of $. If convicted on all counts, they stand to serve 200+ years in jail. :LOL:

Sorry I don't have a link in my back pocket, but sites like Ars Technica has covered this trial I believe. If you search around a bit there I'm sure you can find more information.

This will probably not stop this malware, I'm sure there are more people behind these two jokers who will continue ripping us off.
Click to expand...


Great news! :p
 
Little update on the acrobat problem mentioned earlier
"Alternatively, the company said that Adobe Reader and Acrobat users could delete or rename the "authplay.dll" file on their system.

However, Adobe said that doing so meant that "users will experience a non-exploitable crash or error message when opening a PDF file that contains SWF [Adobe Flash] content.""
 
Interesting Lifehacker post today about security, viruses: http://lifehacker.com/5559102/micro...ds-unknown-malware-but-avoids-false-positives


Looks like Microsoft Security Essentials works out pretty well. Another interesting product linked is this: http://secunia.com/vulnerability_scanning/personal/. Basically it lets you know when your software is out of date. I might try it out. For one, I can turn off the multitude of update notifications that individual apps send out in various manners. That in itself would be nice, to stay with a unified notification.
 
Scott_Arm said:
Interesting Lifehacker post today about security, viruses: http://lifehacker.com/5559102/micro...ds-unknown-malware-but-avoids-false-positives


Looks like Microsoft Security Essentials works out pretty well. Another interesting product linked is this: http://secunia.com/vulnerability_scanning/personal/. Basically it lets you know when your software is out of date. I might try it out. For one, I can turn off the multitude of update notifications that individual apps send out in various manners. That in itself would be nice, to stay with a unified notification.
Click to expand...

the trouble is that their source for performance data changes dramatically every time the report is issued. Kaspersky was near dead last two report cycles ago, etc. Anti-malware software never catches more than about 70% so it's not a complete solution IMHO.
 
You must log in or register to reply here.

Similar threads

BRiT
Oracle finally does what everyone else couldn't...
Replies
11
Views
8K
Deleted member 2197
D
D
Diligent Engine - A Modern Cross-Platform Graphics Library
Replies
0
Views
4K
diligent
D
Babel-17
FAH: A fix for the "On client "local" 127.0.0.1:36330: Option 'gpu-index' has ..." issue
Replies
1
Views
2K
Grall
G
Rys
Subscriptions and Donations
3 4 5
Replies
96
Views
32K
entity279
E
D
Adobe malwares best friend
Replies
9
Views
3K
Davros
D
Back
Top