Speakerplans.com Homepage
Forum Home Forum Home > Other Chat > Computer Talk
  New Posts New Posts RSS Feed - Conficker virus rant (boring)
  FAQ FAQ  Forum Search   Events   Register Register  Login Login

Conficker virus rant (boring)

 Post Reply Post Reply Page  123>
Author
Message
chickenfizz View Drop Down
Young Croc
Young Croc
Avatar

Joined: 17 March 2008
Location: United Kingdom
Status: Offline
Points: 982
Post Options Post Options   Thanks (0) Thanks(0)   Quote chickenfizz Quote  Post ReplyReply Direct Link To This Post Topic: Conficker virus rant (boring)
    Posted: 20 January 2009 at 9:56am
OK, I've been reading about this terrible worm that's been affecting millions of PCs etc...

I'm having a rant, don't take what I say here as fact, it's mostly speculation and wonderings.

There doesn't seem to be a lot of information about how the worm actually attacks, I understand it's through a security hole in the windows 'server' service. All the advice on the web says, "users should always install all the latest patches from microsoft and make sure your security software is up to date".

Personally I suspect this is crap (although I don't know for sure). I've seen many PCs with automatic updates enabled and running the latest security magic and they all run like a bag of hammers and half the time you've got things popping up from the taskbar demanding attention, restarts, updates more resources etc etc. And often these PCs still have viruses anyway! After recently fixing a PC for someone I updated them to the latest version of AVG, this litterally halfed the performance of the machine. For years I've run windows XP with no anti-virus, with no automatic updates (although I do install service packs) and with windows friggin security center disabled. I am behind a hardware firewall and use a hosts file to block ads etc and have sensible surfing habits! I haven't had a virus in the last 4 or 5 years.

Now I don't see why my firewall alone isn't enough to stop this virus from infecting me, as I understand it the worm is on the wan side and my computer would effectively have to ask to be infected before anything could get through to my network unless I was specifically forwarding ports to allow external access to the windows networking (foolish). Am I right?

Is the real answer to the problem, "everyone use a firewall"?

I don't see the point in preventing viruses etc by running software which uses half your memory, constantly scans files, flashes messages in your face, uses network bandwidth and cripples performace, is that not just like having a virus?
Back to Top
The Garglebard View Drop Down
Registered User
Registered User


Joined: 29 August 2008
Location: Lancashire
Status: Offline
Points: 362
Post Options Post Options   Thanks (0) Thanks(0)   Quote The Garglebard Quote  Post ReplyReply Direct Link To This Post Posted: 20 January 2009 at 10:00am
Originally posted by chickenfizz chickenfizz wrote:


I don't see the point in preventing viruses etc by running software which uses half your memory, constantly scans files, flashes messages in your face, uses network bandwidth and cripples performace, is that not just like having a virus?

Yes LOL
Back to Top
toastyghost View Drop Down
The 10,000 Points Club
The 10,000 Points Club
Avatar

Joined: 09 January 2007
Location: Manchester
Status: Offline
Points: 10866
Post Options Post Options   Thanks (0) Thanks(0)   Quote toastyghost Quote  Post ReplyReply Direct Link To This Post Posted: 20 January 2009 at 10:02am
The latest AVG is awful, but it can be made reasonable if you disable the link scanner part of it before installing.
Back to Top
AlfieDring View Drop Down
Young Croc
Young Croc
Avatar

Joined: 04 September 2006
Location: Bath, UK
Status: Offline
Points: 842
Post Options Post Options   Thanks (0) Thanks(0)   Quote AlfieDring Quote  Post ReplyReply Direct Link To This Post Posted: 20 January 2009 at 10:06am
Originally posted by chickenfizz chickenfizz wrote:

For years I've run windows XP with no anti-virus, with no automatic updates (although I do install service packs) and with windows friggin security center disabled. I am behind a hardware firewall and use a hosts file to block ads etc and have sensible surfing habits! I haven't had a virus in the last 4 or 5 years.


Same, but make that a software firewall 10 years (apart from one annoying little pesky thing, but that came off a USB key anyway...)

Alf
Back to Top
djgorey View Drop Down
Young Croc
Young Croc
Avatar

Joined: 29 December 2007
Location: S. Wales
Status: Offline
Points: 1306
Post Options Post Options   Thanks (0) Thanks(0)   Quote djgorey Quote  Post ReplyReply Direct Link To This Post Posted: 20 January 2009 at 10:10am
A lot of these e-mails warning you of "big dangerous virus" or "big dangerous scam" are pure spam.
 
And has for viruses...I've got a Mac
Back to Top
nickyburnell View Drop Down
Old Croc
Old Croc


Joined: 06 February 2005
Status: Offline
Points: 4410
Post Options Post Options   Thanks (0) Thanks(0)   Quote nickyburnell Quote  Post ReplyReply Direct Link To This Post Posted: 20 January 2009 at 10:13am

Depends on the firewall. NAT translation as I understand it wouldn't stop this. A hardware firewall configured correctly or something like ZA would I believe stop it. However, most people cannot deal with Windows updates never mind a firewall. People see PC's as TV's, something that sits in the corner when in fact they are like their cars, learn to maintain or pay.

So yes I believe a proper firewall will keep the latest bug out (or in LOL) but people don't have the knowlege/time.
As a foot note, please don't encourage people with no knowlege to run without AV. It's OK for you because you understand, hundreds of Joe Public with no AV doesn't bear thinking about.
Rgards
Nick
 This thread should be in the Computer section.
It's everything, not everythink!
Back to Top
tb_mike View Drop Down
Old Croc
Old Croc


Joined: 01 October 2004
Location: New Zealand
Status: Offline
Points: 2744
Post Options Post Options   Thanks (0) Thanks(0)   Quote tb_mike Quote  Post ReplyReply Direct Link To This Post Posted: 22 January 2009 at 4:49am
FOOD MONOCULTURE = DANGEROUS.
SOFTWARE MONOCULTURE = EQUALLY DANGEROUS

btw "windows for warships" is being brought out by the MOD!

"Monoculture and the Irish Potato Famine: cases of missing genetic variation"

If you want to see how easy it is, just search 'metasploit' on youtube.

Note that microsoft are a little wierd about it - suggesting users to use the existing windows firewall(which is rubbish). Yes our firewall is limited,but that makes things easier.Ive found that the average user isnt capable of deciding what traffic to let out. Yes they 'learn' and remember your settings. But what when thisisnotavirus.exe wants to make an outbound connection?

According to my understanding,yes a proper firewall that will block the windows service -preventing it spreading via that manner. Ofcourse you may get it from your buddys USB stick, and then your firewall may ask if a wierd exe can setup an outbound to an odd URL.

Ive been following this too. I had to look at several sites to collect decent info.

It seems to spread also by malformed autorun.inf on usb sticks aswell - check for a crazy .vmx in notepad in it.Or disable autorun.

You know its funny, Ive used XP for years with a 3rd party firewall , no AV for 99% of that time. Almost no problems,and the benefit of a very fast PC. I was on dialup until recently,so gave up updating. But im not your average user using outlook to send/receive funny .ppt,.doc,britneyspears.jpg.exe, or attempting to download LOST from warez etc.


If you scroll through the long MS article, it tells you the work arounds -disable 'computer browser' and 'server' services. These are to do with SHARES and  a person who has one pc wont even need.

Prevention is better than the cure,as anyone who has treid removing nasty malware would know.

I actually have a small XP partition,ready for quick formatting , install drivers from CD and then its fresh as...
I do about 6times a year - heaps of spyware hides in windows\system32 or your documents and settings - where youl never find it.Especially if your rootkitted-youl never even seen the malicious files. I guess you might see them if you used a linux live cd and mounted your windows partition and had a look.

I found an informative mcafee blog which explains interesting malwares. Il post the link when I find it again.
 



Edited by tb_mike - 22 January 2009 at 4:54am
Back to Top
tb_mike View Drop Down
Old Croc
Old Croc


Joined: 01 October 2004
Location: New Zealand
Status: Offline
Points: 2744
Post Options Post Options   Thanks (0) Thanks(0)   Quote tb_mike Quote  Post ReplyReply Direct Link To This Post Posted: 22 January 2009 at 5:00am
Originally posted by nickyburnell nickyburnell wrote:

Depends on the firewall. NAT translation as I understand it wouldn't stop this. A hardware firewall configured correctly or something like ZA would I believe stop it. However, most people cannot deal with Windows updates never mind a firewall. People see PC's as TV's, something that sits in the corner when in fact they are like their cars, learn to maintain or pay.

So yes I believe a proper firewall will keep the latest bug out (or in LOL) but people don't have the knowlege/time.
As a foot note, please don't encourage people with no knowlege to run without AV. It's OK for you because you understand, hundreds of Joe Public with no AV doesn't bear thinking about.
Rgards
Nick
 This thread should be in the Computer section.

I think the vast majority of people who have bought recent PCs infact run one OR MORE anti virus programs. But without a decent firewall, its like leaving the windows open with the alarms on.

The scary thing is, the latest tvs are going online, so theyl be hackable. Hopefully they run a locked down BSD or embedded linux system.

It looks like too many arent patching - http://www.theregister.co.uk/
Interestingly both our local ministry of health,and the british ministry of health got infected.
Back to Top
nickyburnell View Drop Down
Old Croc
Old Croc


Joined: 06 February 2005
Status: Offline
Points: 4410
Post Options Post Options   Thanks (0) Thanks(0)   Quote nickyburnell Quote  Post ReplyReply Direct Link To This Post Posted: 22 January 2009 at 9:40am
Just a pointer. I've seen the Conflicker on two memory sticks now. In both occasions the stick showed up in My Computer as a folder, not a drive. When cleaned back to normal.
It's everything, not everythink!
Back to Top
Disco Stu View Drop Down
Old Croc
Old Croc


Joined: 03 March 2005
Location: United Kingdom
Status: Offline
Points: 2486
Post Options Post Options   Thanks (0) Thanks(0)   Quote Disco Stu Quote  Post ReplyReply Direct Link To This Post Posted: 22 January 2009 at 10:34am
Originally posted by djgorey djgorey wrote:

And has for viruses...I've got a Mac

Macs have viruses too, they just dont have a big enough market share yet for people to bother, as a huge amount of people own windows machines, and microsoft is particularly vulnerable.

If they overtake microsoft and become the main computer market, you will see more viruses.

Its just a computer, ALL systems can be hacked.

Stu
All you need to know is:
Sensitivity + Power Handling - Power Compression = Max Output

My acts:
www.myspace.com/thebowiexperience
www.myspace.com/scheisseelektronisches
Back to Top
djgorey View Drop Down
Young Croc
Young Croc
Avatar

Joined: 29 December 2007
Location: S. Wales
Status: Offline
Points: 1306
Post Options Post Options   Thanks (0) Thanks(0)   Quote djgorey Quote  Post ReplyReply Direct Link To This Post Posted: 22 January 2009 at 10:47am
Originally posted by Disco Stu Disco Stu wrote:

[QUOTE=djgorey]
Macs have viruses too, they just dont have a big enough market share yet for people to bother, as a huge amount of people own windows machines, and microsoft is particularly vulnerable.

If they overtake microsoft and become the main computer market, you will see more viruses.

Its just a computer, ALL systems can be hacked.

Stu
 
Yes I totally agree!  As soon as Apple get more popular than Microsoft (which is probably never going to happen), the viruses will be there.  However, at the moment, I'll keep my smug face on!  For the virus writers, it's all about having the biggest impact and they'll never get that from writing a virus for a computer only a small percentage have.
Back to Top
darkmatter View Drop Down
Old Croc
Old Croc


Joined: 26 February 2005
Location: LDN
Status: Offline
Points: 2425
Post Options Post Options   Thanks (0) Thanks(0)   Quote darkmatter Quote  Post ReplyReply Direct Link To This Post Posted: 22 January 2009 at 12:29pm
I've had hardly any problems over the last few years by running a decent rule based firewall (Kerio 2.1.5).

I agree, instead of running ten pieces of antivirus software you might as well have a virusLOL
Back to Top
 Post Reply Post Reply Page  123>

Forum Jump Forum Permissions View Drop Down

Forum Software by Web Wiz Forums® version 12.05
Copyright ©2001-2022 Web Wiz Ltd.

This page was generated in 0.059 seconds.