How to be prepared for the next famous virus/naughtyware.

Overmann · 10. Oct 2010, 11:46 PM

Sorry, the title was supposed to be a question, I make it look like this is gonna be a guide.

If any that is.

The last famous virus I got on my computer was the sasser or blaster worm I can't remember, and sure it was bothersome.

Do you think that, with all this new security software sprawling around and about the internet there will be another famous virus to cause major trouble?

Avira has this fancy heuristic algorithm that is clever enough to catch potential viruses not defined yet on the updates but creates false positives.

If not, then, what do you think is next? What threats exist to be afraid of with new operating systems specially designed for internet browsing (i.e. Google OS)?

Terarus · 11. Oct 2010, 04:35 AM

I think any of the following are good places to start:

LUA
SPR
HIPS
Virtualization

Studmuffin · 19. Oct 2010, 05:33 PM

I tend to agree with Trjam from Wilders Security.

Re: October 2010 15 antymalware 0-day (exploits) test
Only 20 tested and they all did like crap. AV industry, you have problems. Regardless of how you break down the testing, it only shows that when it comes to fighting malware, the industry is crying out for a new way to fight it.

Avira missed 20 percent at best, so if 5000 had been used 1000 would have been missed. That totally sucks.

What is needed is the ability to isolate all internet facing apps that if needed to write to your pc, are checked in a manner to ensure for no malware. Meaning what writes may be delayed.

Why oh why do some of this so called specialty malware vendors not join forces. Sandboxie, DefenseWall, Prevx and others, hold the key, but they have got to assist each other in creating the product, then reap the rewards.

2011, yeah, the year of the malware epidemic I am starting to think. Hold tight to your wallet. More later....

MidnightCowboy · 19. Oct 2010, 06:52 PM

Yes, Trjam talks a lot of sense here.

Over the past 12 months especially I've made a point of studying the various tests and to me several things are unchallengeable.

No two results will place the same programs in the same order.
No two people, vendors, or so called "experts" can agree about what constitutes the biggest risk, a standard methodology for assessing protection or which product is likely to achieve it.
Whichever way you look at it, overall nothing is going to guarantee you much above 85% detection and even then it might not block or remove everything it sees

Now a 15% risk window in this type of environment is massive which no doubt accounts for the infection rate. On the other hand we all know folks who have little attachment to piles of security software and yet have remained trouble free, often for years. This then brings into play two more factors, luck and application. Placing too much emphasis on being lucky is stretching things a bit far

so it appears to me that the method of applying security to a computer is just as important as the programs chosen to do it with.

Without trying to generalize too much, the folks I know who stay out of trouble adopt a simplistic approach using separate programs for each security layer. Very few use HIPS or a firewall with one combined, and many don't use a third party firewall at all. On the other hand those I used to see with the most regular infections usually had paid software which promised total protection. IMO with a 15% possibility of infection, anyone believing talk about 360 this, that or the other needs a rethink

The one thing that everyone does agree about now is that visiting infected sites carries the greatest risk. Why then do so many users expect their AV to "grab" whatever nasty is on there instead of not going there in the first place? I appreciate that nothing is infallible, but even if you like the hot picture sites there's plenty to choose from with green WOT ratings

To me, a security biased DNS service like ClearCloud or Comodo, other browser protections and attention to general surfing habits will do more to close down this 15% risk window than adding yet another piece of software to your collection.

kendall.a · 19. Oct 2010, 07:00 PM

Quote:

To me, a security biased DNS service like ClearCloud or Comodo, other browser protections and attention to general surfing habits will do more to close down this 15% risk window than adding yet another piece of software to your collection.

I couldn't agree more MC! That's why I used ClearCloud, MSE, and WinPatrol (Paid); along with the Windows 7 firewall, and practice safe browsing habits. It's a simple setup. I'm debating about adding Sandboxie, but I don't think you need anything beyond that except for some on-demand scanners. (As long as you are smart and browse safely.)

Studmuffin · 20. Oct 2010, 02:51 AM

I agree with both of you...What do either of you think about AVG Link Scanner?

kendall.a · 20. Oct 2010, 05:21 AM

I've never used it and don't know much about it. However, I wonder how much it adds if you are already using ClearCloud and WOT (and possibly even NoScript)?

MidnightCowboy · 20. Oct 2010, 08:03 AM

Quote:

Originally Posted by Studmuffin

I agree with both of you...What do either of you think about AVG Link Scanner?

As with all of these things, mixed results depending on where you look. This is one of the better reviews and the latest version of Link Scanner is a definite improvement. You are definitely better of with it than without so long as it runs how you want it to on your system.

http://www.practicalecommerce.com/ar...Malicious-Code

Studmuffin · 20. Oct 2010, 04:21 PM

Link Scanner doesn't appear to do much on Iron. (favorite browser)
I could use DNS Servers when I had a wireless connection, but am using Lan now and they don't work as well. I really don't want to go through the router to try and get DNS to work, so...

MidnightCowboy · 20. Oct 2010, 08:14 PM

Quote:

Originally Posted by Studmuffin

Link Scanner doesn't appear to do much on Iron. (favorite browser)

From the AVG Website:
The LinkScanner technology supports MS Internet Explorer and Mozilla Firefox, and consists of two features, AVG Search-Shield and AVG Active Surf-Shield.

10. Oct 2010, 11:46 PM	#1 (permalink)
Overmann Member Join Date: Oct 2008 Location: The Robot Ark Posts: 22	How to be prepared for the next famous virus/naughtyware. Sorry, the title was supposed to be a question, I make it look like this is gonna be a guide. If any that is. The last famous virus I got on my computer was the sasser or blaster worm I can't remember, and sure it was bothersome. Do you think that, with all this new security software sprawling around and about the internet there will be another famous virus to cause major trouble? Avira has this fancy heuristic algorithm that is clever enough to catch potential viruses not defined yet on the updates but creates false positives. If not, then, what do you think is next? What threats exist to be afraid of with new operating systems specially designed for internet browsing (i.e. Google OS)? Last edited by Overmann; 11. Oct 2010 at 12:25 AM. Reason: Clarification.

19. Oct 2010, 06:52 PM	#4 (permalink)
MidnightCowboy Site Manager Join Date: Aug 2008 Location: South American Banana Republic, third bunch from the left Posts: 9,250	Yes, Trjam talks a lot of sense here. Over the past 12 months especially I've made a point of studying the various tests and to me several things are unchallengeable. No two results will place the same programs in the same order. No two people, vendors, or so called "experts" can agree about what constitutes the biggest risk, a standard methodology for assessing protection or which product is likely to achieve it. Whichever way you look at it, overall nothing is going to guarantee you much above 85% detection and even then it might not block or remove everything it sees Now a 15% risk window in this type of environment is massive which no doubt accounts for the infection rate. On the other hand we all know folks who have little attachment to piles of security software and yet have remained trouble free, often for years. This then brings into play two more factors, luck and application. Placing too much emphasis on being lucky is stretching things a bit far so it appears to me that the method of applying security to a computer is just as important as the programs chosen to do it with. Without trying to generalize too much, the folks I know who stay out of trouble adopt a simplistic approach using separate programs for each security layer. Very few use HIPS or a firewall with one combined, and many don't use a third party firewall at all. On the other hand those I used to see with the most regular infections usually had paid software which promised total protection. IMO with a 15% possibility of infection, anyone believing talk about 360 this, that or the other needs a rethink The one thing that everyone does agree about now is that visiting infected sites carries the greatest risk. Why then do so many users expect their AV to "grab" whatever nasty is on there instead of not going there in the first place? I appreciate that nothing is infallible, but even if you like the hot picture sites there's plenty to choose from with green WOT ratings To me, a security biased DNS service like ClearCloud or Comodo, other browser protections and attention to general surfing habits will do more to close down this 15% risk window than adding yet another piece of software to your collection. __________________ Knows nothing and cares even less

20. Oct 2010, 05:21 AM	#7 (permalink)
kendall.a Foundation Editor/Forum Manager Intern Join Date: Apr 2008 Location: Colorado, USA Posts: 1,814	I've never used it and don't know much about it. However, I wonder how much it adds if you are already using ClearCloud and WOT (and possibly even NoScript)? __________________ <-------Is looking for his brain....

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

11. Oct 2010, 04:35 AM	#2 (permalink)
Terarus Senior Member Join Date: May 2009 Posts: 157	I think any of the following are good places to start: LUA SPR HIPS Virtualization

19. Oct 2010, 05:33 PM	#3 (permalink)
Studmuffin Member Join Date: Aug 2010 Posts: 15	I tend to agree with Trjam from Wilders Security. Re: October 2010 15 antymalware 0-day (exploits) test Only 20 tested and they all did like crap. AV industry, you have problems. Regardless of how you break down the testing, it only shows that when it comes to fighting malware, the industry is crying out for a new way to fight it. Avira missed 20 percent at best, so if 5000 had been used 1000 would have been missed. That totally sucks. What is needed is the ability to isolate all internet facing apps that if needed to write to your pc, are checked in a manner to ensure for no malware. Meaning what writes may be delayed. Why oh why do some of this so called specialty malware vendors not join forces. Sandboxie, DefenseWall, Prevx and others, hold the key, but they have got to assist each other in creating the product, then reap the rewards. 2011, yeah, the year of the malware epidemic I am starting to think. Hold tight to your wallet. More later....

20. Oct 2010, 02:51 AM	#6 (permalink)
Studmuffin Member Join Date: Aug 2010 Posts: 15	I agree with both of you...What do either of you think about AVG Link Scanner?

20. Oct 2010, 04:21 PM	#9 (permalink)
Studmuffin Member Join Date: Aug 2010 Posts: 15	Link Scanner doesn't appear to do much on Iron. (favorite browser) I could use DNS Servers when I had a wireless connection, but am using Lan now and they don't work as well. I really don't want to go through the router to try and get DNS to work, so...