willay
Moderator
Organiser: South East, National Events
Premium Member
Registered: 10th Nov 02
Location: Roydon, Essex
User status: Offline
|
quote:
Originally posted by John
My computer doen't autorun anything, pictures are pictures(although there are ways coming out to infect jpegs) wouldn't accept any exe that wasn't trusted on msn, emails go via gmail.
Internet explorer has about a million things to stop you going to suspect sites.
Opera tells you the site is suspect and you have to agree to go to it.
Google comes up telling you something is suspect and you have to agree.
Seriously John you come across as someone who should be clued up, if you think you are at no risk for avoiding dodgy sites and so on like you said earlier then you are slightly misguided. The IT security sector is as big as it is cause people are fucking clever at fooling at you and finding vulns in software which you didn't think was possible.
|
deano87
Member
Registered: 21st Oct 06
Location: Bedfordshire Drives: Ford Fiesta
User status: Offline
|
All IP's (my computer, dad's computer, sisters laptop, Dell printer, router itself) begin with 192.168, so this is a good thing?
|
John
Member
Registered: 30th Jun 03
User status: Offline
|
I'm half arguing for the sake of it and half believe what I say.
I know most people can't help it but a bit of common sense can go a long way.
|
willay
Moderator
Organiser: South East, National Events
Premium Member
Registered: 10th Nov 02
Location: Roydon, Essex
User status: Offline
|
means they are private addressing, so you are more then likely behind a router doing NAT, which is providing you guys addressing by DHCP. Dont read into it too much 
|
willay
Moderator
Organiser: South East, National Events
Premium Member
Registered: 10th Nov 02
Location: Roydon, Essex
User status: Offline
|
quote:
Originally posted by John
I'm half arguing for the sake of it and half believe what I say.
I know most people can't help it but a bit of common sense can go a long way.
Yes and in most cases you are right when it comes to arguments mate but really, theres so much nasty shit propagating the Internet you need to see the bigger picture and realise that unless your PC has no network connection, no usb ports, no com port, no infrared, no firewire, no means of accessing another node/external media then you need AV. 
|
willay
Moderator
Organiser: South East, National Events
Premium Member
Registered: 10th Nov 02
Location: Roydon, Essex
User status: Offline
|
scare mongering for the win
http://www.realtechnews.com/posts/1511
http://www.securitystats.com/virusstats.html
http://www.f-secure.com/virus-info/statistics/
|
John
Member
Registered: 30th Jun 03
User status: Offline
|
The first 2 sites are 2005 and before.
I remember the days when a new, unpatched, install of xp connected to the net was compromised in they 12 minutes
|
willay
Moderator
Organiser: South East, National Events
Premium Member
Registered: 10th Nov 02
Location: Roydon, Essex
User status: Offline
|
recent: http://isc.sans.org/diary.html?storyid=4721
And Sans are the lads to be listening to btw 
|
John
Member
Registered: 30th Jun 03
User status: Offline
|
I've got a laptop thats due to be formatted.
Do you want me to install xp on it and stick it as DMZ on my router and see what happens to it?
|
willay
Moderator
Organiser: South East, National Events
Premium Member
Registered: 10th Nov 02
Location: Roydon, Essex
User status: Offline
|
It will get mullerd, though that depends if your ISP Entanet filters ports such as 135/tcp/udp and 445/tcp/udp which alot are now doing on the border routers to stop that happening
How are you going to determine that its infected etc?
|
John
Member
Registered: 30th Jun 03
User status: Offline
|
Entanet reseller 
Not sure, didn't think that far ahead, just curious as to if it would happen or not.
Could monitor for any file changes I suppose.
Could install a packet sniffer and see whats coming in and out of it?
|
willay
Moderator
Organiser: South East, National Events
Premium Member
Registered: 10th Nov 02
Location: Roydon, Essex
User status: Offline
|
hows the DMZ setup? is the actual PC going to have the public ip address or is it going to be private and the router is just going to forwad any unsolicited traffic to it?
just becareful cause you could risk it getting infected then scanning the local subnet to infect you etc if you arent protected.
Yeah running a wireshark session would be cool!
|
John
Member
Registered: 30th Jun 03
User status: Offline
|
I'd just set the router to forward anything to it.
I've got 8 ip addresses but never bothered to set them up, nat does the job fine.
We'd see how my confidence stacked up if that happened
|
willay
Moderator
Organiser: South East, National Events
Premium Member
Registered: 10th Nov 02
Location: Roydon, Essex
User status: Offline
|
does your router have any firewall logs? cause if your internet connection is filtered by your upstream then nothing fun will happen 
|
John
Member
Registered: 30th Jun 03
User status: Offline
|
Doesn't look like it, it's a bog standard isp supplied netgear, my last one started being a bit flakey.
Firewall totally turned off though.
|
willay
Moderator
Organiser: South East, National Events
Premium Member
Registered: 10th Nov 02
Location: Roydon, Essex
User status: Offline
|
hmm!
Well we will soon find out if 135 is filtered or not
|
Joe
Member
Registered: 20th Jun 04
Location: Hesketh Bank, Lancashire
User status: Offline
|
Wow, Mega geek thread 
|
willay
Moderator
Organiser: South East, National Events
Premium Member
Registered: 10th Nov 02
Location: Roydon, Essex
User status: Offline
|
internets
|
ed
Member
Registered: 10th Sep 03
User status: Offline
|
If you've managed to get a virus on your computer then you'll need anti virus software. I don't use one because I came to the conclusion that it's been sitting on my PC for years, and never done anything so I un-installed it so I could free up some memory and processor power.
|
pow
Premium Member
Registered: 11th Sep 06
Location: Hazlemere, Buckinghamshire
User status: Offline
|
From my experiance and what I've been told, your quite safe running a router firewall and the up to date Windows XP firewall.
But lol'ing at people having common sence stopping them from getting a virus/
|
John
Member
Registered: 30th Jun 03
User status: Offline
|
Doing this right now, currently installing xp, updates to follow.
|
willay
Moderator
Organiser: South East, National Events
Premium Member
Registered: 10th Nov 02
Location: Roydon, Essex
User status: Offline
|
SP1 or 2 blud?
|
John
Member
Registered: 30th Jun 03
User status: Offline
|
sp2 straight from msdn, i've not got an sp1 lying about or I would.
|
willay
Moderator
Organiser: South East, National Events
Premium Member
Registered: 10th Nov 02
Location: Roydon, Essex
User status: Offline
|
KTHXBAI
|
John
Member
Registered: 30th Jun 03
User status: Offline
|
Windows installed, wireless drivers installed, just getting wireshark then we'll be off.
|
