Antivurus 2008 Has Arrived

[kylie]

it will be substription like cable TV. you will have some 200 "approved" sites and everything else will cost extra, or so the plan goes....

that sounds to me like what I heard AOL was in the beginning...

[braincell]

A lot of the hype about security feeds on peoples natural paranoia. Use a router with a password, update your OS and other software, don't go to porn sites, don't use cracked software, beware of "free software", don't open attachments from people you don't know duh!

This is why people get viruses. Most of the problems are from the multitude of idiotic stupid people in the world.

[Neutron]

LOL how could you fall for that.

there is nowhere on the window you can click which will not install it, so what you do is change your windows colors from default so you know that one is false. if one pops up that looks like standard windows colors, close it on the taskbar. dont try clicking the red X it will just install it anyways.

dont use internet exploder. firefox with adblock plus is much better and safer.(still a memory hog though)

do spybot "innoculate" which stop most sites with that crap from working

get a "hosts" file which kills even more of them.
http://everythingisnt.com/hosts.html

[Tau]

At the risk of sounding incredibly naive, I'd like to ask your opinion on something that is not quite clear to me. A while ago I bought a Mac, and this has been my internet connection for about a year or so. I do not use anti-virus or anything, and usually people tell me that I do not have to, but then their justifications vary...

Thing is, I never had any problems on this computer, and I scan all downloaded files with ClamXav before transferring any updates or soft to the XP DAW. Things appear to be working well so far, but because I'm not as familiar with OSX as with XP, I might just be missing it. What I would like to ask you is, am I just being an idiot, and really should install some AV software on the Mac, or is it true that OSX is (practically) virus free?

You seem to know a lot on the subject, and I could use some unbiased information.

Thanks,

T

[garyb]

OSX is relatively free of virii because of the laws of scale. it makes less sense to write virii for OSX since there aren't as many people browsing with that platform(of course, OSX has huge back doors that can be exploited, which is required by the powers that be). there ARE unix virii, you're just not very likely to run into them......

as i understand it, the OLD mac os(OS2-9), was virtually impervious to any virus. even if someone were to infect it, it could be eliminated with a simple cut and paste from the install files. OSX is not like that, however.

[braincell]

For me programs like Spybot Search and Destroy are just a waste of time because they never find anything bad on my computer.

[garyb]

if spybot and spywareblaster are used correctly and updated, you never will find anything bad.

[braincell]

I don't use the "inoculate". Once in a while like every few years I check out of curiosity and they don't find anything so I am not going to use them anymore because they are a waste of time for me.

[garyb]

ok.


fwiw, i've cleaned many a machine with that useless prog, and innocultion is what you want, it works, but i don't doubt your solution works and possibly better.



[fun rant on]
the Nortons of this world are the virus creators(who was that kid who programmed the first one over at MIT or...?, what is his relationship to the present system?). they are partnered with M$, IBM(eyebeam as Alan Watt likes to say ), and all they other players that decide what you will really be enthralled with, into the future. the Hegelian Dialectic wins again...problem, reaction, solution.
[fun rant off]

[braincell]

The most important thing is to use a router with a secure password. This is because it contains a NAT firewall. Software firewalls are not as secure.

If you set Firefox to delete all cookies when you close it, I bet you will find that Spybot doesn't find anything. The adware and malware are cookies. Adware is a privacy issue and not dangerous but it makes you think Spybot is doing a lot more than it is when you could have simply deleted the cookies manually in your browser.

[kylie]

The most important thing is to use a router with a secure password.

yep, this is indeed a good suggestion. more and more router manufacturers start to move away from default passwords nowadays, but still one should set a different one.

This is because it contains a NAT firewall. Software firewalls are not as secure.

this is rubbish.

1) NAT and firewalling are two completely different things. both work, nevertheless, hand in hand on your router to add extra security for the connected network behind it.
NAT does not automatically mean 1:n NAT, often referred to as PAT, which is what you probably use. there's also static NATing which is, if unprotected by filter mechanisms, as unsecure as connecting an unsecured host without a NAT gateway to the open internet.
2) all firewalls, including those nice blackboxes, are coded in software, in the end. and there are huge differences between a simple portfilter, a stateful firewall engine, and maybe application based filtering, or IDS/IPS systems.

-greetings, markus-

[braincell]

You are so wrong once again. Why don't you do some research before you mouth off? Do a google search. All the experts disagree with what you just said. I use both types of firewalls but if I had to pick one over the other clearly the hardware NAT firewall is more important.

[kylie]

You are so wrong once again. Why don't you do some research before you mouth off? Do a google search. All the experts disagree with what you just said.

I'm my own expert on that matter. you, instead, seem to know almost nothing about what you typed. you just fire up google to find proofs for everything you want to prove wrong or right. that has nothing to do with knowledge.

if you can't tell the difference between a firewall and a NAT device, just don't pretend you do.

and, no, there is no such thing as a hardware firewall. it is a piece of hardware running an OS with a software firewall on top of it. it just don't look like that.

[braincell]

You are not fooling anyone. I never said a hardware firewall is the same thing as a software firewall. I said it is better for security. I don't know you. You have no credentials as far as I am concerned. A lot of people have done research on this matter and they always say a hardware firewall offers more security and I have not once heard anyone (with the exception of you) claim anything else. I know you will come back with some other crap trying to prove how intelligent you are. Don't bother.You are not going to sway me or anyone else who knows how to search the internet for answers.

[kylie]

You are not fooling anyone. I never said a hardware firewall is the same thing as a software firewall. I said it is better for security.

then you may be more precise. one of the worlds most respected firewall, the checkpoint firewall-1, IS a piece of software only. you can get it as a black box (or appliance) as well as a software you install to a (limited in choice) piece of hardware you own. that doesn't make it a hardware firewall.
of course you can't compare it to your norton internet security. but without differencing the sherre statement a software firewall is more insecure than a black box is wrong. ask your experts.

it can do NAT as well, but NAT is an absolutely independend feature. NAT is not firewalling just because most home routers do PAT on their single provider assigned ip and drop everything that is not a related package to an established outgoing connection just because they are not

if you, nevertheless, define a software firewall a piece of software you run on the host you work on, while the thing you call "hardware firewall" is a different box you put between your pc and the cable modem, I'm willing to admit that I would recommend the box over the (personal) fw software, as well. I said that already.

but just because a box provides NAT it is not a firewall. and a misconfigured NAT device can still be as open as space. translating addresses is not a filtering method. only combining both mechanisms can provide additional security. and that's what your google experts will tell you as well. period.

mixing up definitions makes you no expert whatsoever.

I don't know you. You have no credentials as far as I am concerned.

I don't know you either. and as long as you don't bring up credentials you are as dumb as I am. (while I hold some industry-approved certifications on that matter, alongside some years of implementing and maintaining firewall and NAT devices for our customers).

A lot of people have done research on this matter and they always say a hardware firewall offers more security and I have not once heard anyone (with the exception of you) claim anything else.

see above. I did not claim anything wrong. but I stand with my comments that NAT and firewalling are different things. things that can go well together, but work as well separately. and sometimes you don't even want both together.

I know you will come back with some other crap trying to prove how intelligent you are.

and why would you know that? because you are the only smart person here? you're so funny...

[Neutron]

OSX is relatively free of virii because of the laws of scale. it makes less sense to write virii for OSX since there aren't as many people browsing with that platform(of course, OSX has huge back doors that can be exploited, which is required by the powers that be). there ARE unix virii, you're just not very likely to run into them......

as i understand it, the OLD mac os(OS2-9), was virtually impervious to any virus. even if someone were to infect it, it could be eliminated with a simple cut and paste from the install files. OSX is not like that, however.

its becoming more popular now, and if apple did the smart thing and sell OS/X to everyone to use on any machine now there is not future for windows, (vista = windows 7 is based on vista ) dont worry, there will be tons of virus for you.

[Neutron]

For me programs like Spybot Search and Destroy are just a waste of time because they never find anything bad on my computer.

Its great for helping freinds or relatives who insist od downloading "free smileys" "free screen savers" clicking on "virus warnings" which are actually spyware infecting popups, and so on. also the teatimer shows you when a program is changing your registry, which is often useful for stopping unneeded startup "helpers" especially from adobe reader and apple.

[valis]

Haute Secure uses a different method and furthermore it is much more effective at blocking bad sites than Firefox is. I know this because I use Firefox and Haute Secure. If you don't use Haute Secure, then you don't know what you are talking about.

I'm not sure if that was directed at my post but I said nothing about Haute Secure?

[valis]

I've just been using CCleaner's startup section lately because it happens to be installed on my pc's. I used to dig into the reg keys so that I could disable things like QTtask that like to re-add themselves each time they run (by modifying but not removing the key) but simply unchecking or "disabling" the keys in most apps (without removing/deleting them) accomplishes the same thing these days.

Incidentally kylie is being technically correct NAT (Network Address Translation) doesn't necessarily come with any form of firewall as it only provides a mechanism to translate between internal and external ports & ips. While NAT is some protection in and of itself. the 3 common types of firewalls are packet filtering (or custom iptables), a 'SPI' (stateful packet inspection) firewall and an 'application layer' firewall (as of uPnP home routers come close to the 3rd but in a more permissive sense than the term firewall really means).

For an average user many computing terms get confused as the publishers & writers try to distill things for them, fpr instance 'hard disk' (which people would often use in referring to 3.5" floppies) and 'cpu' (people tend to refer to the case and everything in it as the 'cpu'). Those are extreme examples, but since there's many sites out there that define things like this it's small wonder discussions can become confused by nomenclature.

[kylie]

Incidentally kylie is being technically correct NAT (Network Address Translation) doesn't necessarily come with any form of firewall as it only provides a mechanism to translate between internal and external ports & ips. While NAT is some protection in and of itself.

NAT in general means NO protection of anything. when you start differencing and discover the various types of NAT you will, indeed, notice that PAT (being a special case of NAT) can act in a protective way because of its very own nature. unfortunately NAT and PAT are often confused, mainly because PAT has evolved as one of the more commonly used variants of NAT. it was not mainly introduced because of its protective nature but because of address space preservation. there was a time when ISPs handed over /24 assignments without asking further. but they became more and more restrictive with their assignments, and even encouraged you to make use of server multihoming and, of course, use of RFC1918 address space behind NAT/PAT capable routers.

the advantages and disadvantages of NAT and PAT show up clearly when you start to deal with it seriously.

the 3 common types of firewalls are packet filtering (or custom iptables), a 'SPI' (stateful packet inspection) firewall and an 'application layer' firewall (as of uPnP home routers come close to the 3rd but in a more permissive sense than the term firewall really means).

operating a firewall does, moreover, not necessarily imply the use of NAT or PAT. firewalling can occur before or after addresses are translated, depending on your policies, and the capability of your firewall implementation.
NAT and PAT can even be done on the same device. but in case you do 1:1 NAT for whole IP ranges or static NAT for single hosts you have to limit access to the public address with firewall mechanisms, otherwise the translated address is almost fully accessible from the outside as if it would have been placed beside the NAT device and not behind it. (well, there are protocols and protocol suites that do not behave the same when NATed, like IPSec, but there are approaches to work around that problems.)

but keep in mind that the "hardware firewall" device referred to in this thread will mainly do add protection from the outside world. if you don't care for protection from the inside network, a PAT device with filters wont help you. it cannot decide whether the smtp connections from your spambot trojan is a bad thing or if it's just you sending out greeting cards to half of the world.
a software controlling what application is allowed to make connections to the outside (a function various personal firewall software products provide) is, thus not a bad addition to the "hardware firewall", although I admit that it is probably of limited use, provided the malware you caught is able to disable or manipulate it. and so we're back at virus scanners...

-greetings, markus-