Several months back I ran into a Freeper who thought a firewall for his/her Dad would be a little bit too much of a burden on his learning curve. 
Posted on 12/24/2004 3:35:03 PM PST by holymoly
SAN JOSE – Susan Love's problems began with a smile.
The New York City fund-raiser clicked on a happy-face attachment in a friend's e-mail last year. The virus crashed her computer within an hour.
Love, 57, salvaged her data. But within a few months her computer's performance slowed to a crawl. In December 2003, she upgraded to a Sony Vaio with an extra-large monitor and Microsoft Windows XP operating system.
Within a few days, "spyware" – programs that sneak onto computers uninvited – began sponging up valuable memory. Then her e-mail stopped arriving.
Instead of crafting holiday e-mails, she spent hours installing the latest antivirus, anti-advertising and anti-spyware software. She also instituted a rule: Her computer never gets turned off, so security programs patch vulnerabilities around the clock.
"You have to become something of a nerd to make sure your computer is safe," said Love, a former English teacher who recently installed anti-adware on her daughter's computer. "If you don't sweep the computer every night, you could hit."
Love won't be the last to get a holiday crash-course in computer security. Hackers, spammers and spies go into overdrive in December and January, when unsuspecting neophytes unwrap new computers, connect to the Internet, and, too often, get hit with viruses, spyware and other nefarious programs.
"People want to get on the Net right away, just like they want to put together and start using any Christmas present," said Tony Redmond, chief technology officer of Palo Alto, Calif.-based computer giant Hewlett-Packard Co., whose new PCs ship with 60 days of virus and adware protection. "They should be warned that the Net is a very, very dangerous place."
Although few researchers produce holiday-specific security data, experts at IBM Corp., Dell Inc., Hewlett-Packard Co., software companies and Internet service providers agree that the holidays are prime time for hackers.
Holiday viruses are so rampant that consumers could be attacked even if their first online destination is to a Web site for updating security patches.
Kris Murphy, help desk coordinator for North Carolina Internet service provider Indylink.org, said his minister got attacked last year, only a few minutes after unpacking and connecting the machine. At the time of infection, the minister was updating security patches to Windows.
"Hackers know that you are most vulnerable as soon as you go online for the first time," said Murphy, whose 10-person company hires temp consultants during the holidays to handle higher call volume. "Inexperienced people tend to fall into traps more readily because they don't recognize that this guy might be trying to get your credit card information."
Technology executives describe the relationship between hackers and security programmers as an arms race – both sides keep ratcheting up fire power. But lack of consumer awareness – if not downright naivete – allows the war to escalate.
According to a recent survey by the National Cyber Security Alliance, of the 185 million Americans with home computers, one in three say they'll never get hit by viruses or other cyber attacks. In a Consumer Reports study, 36 percent of U.S. home computers showed signs of being infected with spyware and only 41 percent of surveyed households said they actively try to prevent it.
American businesses are savvy about firewalls, spam filters, multiple passwords and other network protections, said Stuart McIrvine, director of corporate security strategy at IBM. But problems at the consumer level – from spyware to security risks in coffee shop wireless networks – are so severe that every hardware and software vendor should be worried about a backlash.
Seasonal attacks start around Thanksgiving, when online shopping begins an annual spike and marketers pummel consumers with junk e-mail – from the perfect stocking stuffer for a balding spouse to a limited-offer holiday cruise.
With the rise in e-commerce, identity thieves try even harder to obtain credit card and other financial data from wireless and home networks. They set up dummy Web sites that seem to be hosted by major financial institutions in hopes that gullible consumers will provide their account information.
Virus writers hide viruses and worms in holiday-themed e-mails, seasonal greetings cards and screensavers.
"W32/Zafi-D," a mass mailing and peer-to-peer worm, harvests addresses from Windows address books and other files. Infected e-mails' subject line begins, "Merry Christmas!" and the text reads, "Happy Hollydays."
The most vulnerable computers are the ones that have sat under Christmas trees for days or weeks. If a consumer buys equipment that arrives on Dec. 15, and it sits in the living room until Dec. 25, it could be hit by hundreds of viruses written in the 10-day interim.
Tony Ross, analyst at British security firm Sophos Plc., advised consumers to get a CD-ROM with the newest updates from their electronics vendor, next-door neighbor or the computer at their office before connecting to the Internet. They should prohibit children – who tend to be liberal in distributing their personal data – from using the machine until it's patched.
Consumers should vigilantly buy and update security software, which can add hundreds of dollars over the course of a computer's lifetime. Popular anti-spyware and anti-adware programs include Webroot Software Inc.'s Spy Sweeper ($29.95 for a one-year subscription), LavaSoft's Ad-Aware SE Professional ($39.95), Tenebril Inc.'s SpyCatcher ($29.95), the free Spybot Search & Destroy and Computer Associate Inc.'s eTrust PestPatrol ($39.95).
Some experts wonder whether the computer has become the digital age equivalent of a puppy – an enthralling treasure on Christmas morning, but a sinkhole for time and energy for years after. At very least, computers are far more demanding than the typical holiday toy, which merely requires batteries.
"At some point, people who receive them for Christmas often ask, 'Is this computer a gift or a curse?'" Ross said.
Rule #1: Never, EVER open any unsolicited e-mail attachement. In other words, if you didn't ask someone to send you that specific file, DON'T OPEN IT.
Consumers should vigilantly buy and update security software...
That is debatable. I consider many of the free products (e.g. AntiVir, Adaware SE) to be superior to their costly counterparts.
| All programs listed below are Open Source and/or Free |
| Alternatives to MSIE, Outlook/Outlook Express: Mozilla.org Mozilla & Firefox browsers, E-mail/Usenet client(s) Off By One Very small, very safe browser (no java, ActiveX, plugins) Popcorn E-mail client Pegasus Mail E-Mail client Xnews Usenet client |
| Anti-Virus: AntiVir® Personal Edition AVG Anti-Virus Antidote SuperLite (On-demand virus checker) |
| Anti-Adware/Spyware: Ad-Aware SE Spybot - Search and Destroy Spyware/Adware/Malware FAQ and Removal Guide |
I'm always amused to see files of type .scr arrive in the e-mail on my Linux machine.
I'll say it again: I don't know why light consumer users of computers/internet get Wintel boxes. It's just not worth it anymore.
I see her basic problem. You can really cut down on your problems by running Win 95/98. Most script kiddies write for the newest operating systems. and the biggest holes usually get patched by Microsoft within about 5 years of release.
BTTT
A lot of heartache can be alleviated by installing a router between the PC and the Net connection, and running a good firewall program that selectively blocks the ports most commonly attacked by worms and viruses.
Plus, browser security settings can make you even more safe.
(sigh) Microsoft thought they were sooooooo slick when they decided to bind their browser up so tightly with their OS, and introduce the security disaster known as ActiveX.
I guess they didn't count on that mistake causing millions of headaches for non-computer literate users, and spawning a cottage industry of developers building software to get rid of nasties like spyware and all the other assorted digital garbage you get if you're not careful.
24 hours? They got off light.
I recently read that the average time before out-of-the box XP is compromised is about 4 minutes.
MERRY CHRISTMAS!
Same here, I always open them, knowing they won't affect me LOL!!!
Ok, Windows 98 is safer than XP, I don't doubt that, but how do you take XP out when it comes with the new box and put in 98?
I read somewhere recently that a new unpatched (Non SP) windows XP, when connected to the internet for the first time, is infected with some form of spy/add/virus/crap in less than 24 hours.
Several months back I ran into a Freeper who thought a firewall for his/her Dad would be a little bit too much of a burden on his learning curve.
We run Windows XP Pro, not Windows XP Home Edition.
Our PC's have a second internal hard drive, either IDE/ATA or SCSI. On that second drive, we install Linux, currently, the SuSE 9.1 setup.
On the Windows XP Pro drive, we install Norton Antivirus and ZoneAlarm Pro. We keep those two, and the Windows OS updated --- we check every day.
In ZoneAlarm Pro, in the Program Controls, Program listings, we block all and any services from being servers to the Internet.
In ZoneAlarm Pro, we block ports for what ZoneAlarm Pro calls the Trusted Zone and also we block the Internet zone. The list of ports is extensive and covers the range from 1 to 65535 for TCP traffic and from 1 to 65535 for UDP traffic. We leave some gaps in those ranges; just enough to make things work, but no more.
We DO NOT use Internet Explorer for anything other than to go to the Microsoft Windows OS Updates website. We list that website as a Trusted site, in the Internet Options for Internet Explorer.
For that Trusted site, we permit ActiveX (because the Microsoft website demands it!), and we permit JavaScript.
FOR ALL OTHER TRAFFIC managed by Internet Explorer, we have DISABLED JavaScript, .NET, ActiveX, etc. We simply do not permit Internet Explorer surfing.
So ... we use Mozilla 1.7.3 Internet browser and Mozilla Firefox 1.0 Internet browser. For e-mail, we use Eudora or Mozilla Thunderbird or Mozilla 1.7.3's built-in Mail client.
We keep a list of the Tasks (see the Task Manager) in order to compare the "known good ones" with possible bad ones.
We also use Norton's old Process Viewer, an independent utility that was part of the Norton package; it may still be; but we use it to double-check the Task Manager's listing.
We also keep an up-to-date list of settings for Internet Options (for MSIE) and ZoneAlarm Pro. (In fact, I am working up an HTML version of both, right now, as a computer help desk feature for our network.)
When a PC gets a virus, we do not try any of the software routines for ridding the computer of the virus, spyware, adware, malware ... instead, we ZAP! the whole drive, format, etc. and re-install Windows XP Pro.
We keep an up-to-date build record, so that, the process is followed easily, and thus, within a day, we have a totally fresh installation.
Lastly, I should add that "We don't do the Registry." We are not satisfied that a virus can be so-cleaned out of the system, by spending a day, picking through the bales of hay.
In summation, we maintain each computer as if it were a TAC F-15. We do not have "down time." Instead, we have a backup PC for each user, which takes over, while the stricken computer is reworked in our shop.
We fly computers, complete with trim tabs and other fine adjustments; that is, we have set up an instrument panel that controls what we want to have happen, right to the edge.
Thus, the computer is always there when you need it.
We back up all data and all our important system settings, onto four separate hard drives, thence some of that to DVD or CD disc's.
BTW, if a PC suddenly flames out, we boot on the Linux SuSE side and rescue the date, copying it from the Windows XP Pro disk, over the network, to a Mac running Mac OS X v.10.3.4 Panther, which is really an Apple GUI for the BSD UNIX cousin that actually is the operating system --- including Samba (SMB) services, that make it so easy to network the Mac with PC's.
We find that Windows OS computers are delicate but useful for the few PC-based applications that we are still stuck with using. We find that Mac OS computers are durable but if one bucks, it takes a strong hand to calm it down, and then suddenly, you're back on the save side of the critical edge of the envelope.
We use all of, Linux OS boxes, the Mac, and the PC, for what they are good at doing; we use them for each of their strengths.
The PC is the most insecure, because Microsoft is determined to make holes through which marketing demographers can make money. "The Bottom Line" is that the PC is not required for business, except from some applications. We use it only for that and skip all the other "extra" troubles.
My bosses orders to me, are simple, for my work: Make it happen.
So, I don't rely on any of the machines; instead, I rely on each machine and our maintenance routines.
This is just a snapshot of what we do. Plenty of other people know much more, and the owners of this forum know everything about Linux, in contrast to my very limited but exact use of it.
Right now, I think that Linux is the way to go for older PC boxes. Use Windows for some tasks, that you must, but otherwise, for the Internet, for surfing, and for e-mail, use Linux.
The recent Linux installs are so much easier than just a couple years ago.
Good luck.
Merry Christmas
I would love to get my hands on one hacker and slap the taste out of his mouth. Just can't see the point in that crap.
Ok, Windows 98 is safer than XP, I don't doubt that, but how do you take XP out when it comes with the new box and put in 98?
You don't, unless you have a copy of 98se laying around.XP is plenty secure if you download and install SP2,AVG anti virus,Spybot Search and destroy,Spyware Blaster and Adaware.XP has it's own built in firewall but I prefer Zone Alarm.Everything I've mentioned so far is free and will keep your system in good shape if you keep it updated.Mozilla Firefox is also a safer browser but I keep I.E. around just in case.
My wife was helping out a friend with her new XP machine. Thery hadn't been online but a few minutes, getting the patch, before it was hit.
That's an impressive set-up you got going on there, please tell me it's not your home network.If it is I'm so jealous.
Consumers should vigilantly buy and update security software...
That is debatable. I consider many of the free products (e.g. AntiVir, Adaware SE) to be superior to their costly counterparts.
I agree, and with the wide range of free security products there's literally no excuse for not having up to date security or whining about it when some malicious code crashes your unprotected machine.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.