Privateer 3 Online?

I don't currently do network stuff on the corporate level, but my previous job was working the abuse desk at AboveNet, a major backbone provider with multiple terabits of total bandwidth. 300 e-mail complaints a day was a "slow" day, and often it would quite handily surpass twice that amount. I may not have been a server admin, but my word was generally enough to cut entire OC-3s or bigger off due to abuse from the customer hanging off of that particular line (where it wasn't sufficient was when AN legal came into play... gh0d, I hated those sphincterboys), and I did occasionally get log access, to see just what kind of crap went down in the length of a few hours.

Most of the guys at grcsucks.com (which I can now access, BTW... temp network fuckery has cleared up) aren't just random yahoos off the street, either, and go into great detail to examine Gibson's hucksterism and lack of accurate information.

Now, as for ZoneAlarm, so what if someone looking for an infected machine pokes at your box? If it's not infected, you have nothing to worry about (assuming you're not a total retard that runs every file they ever see... I don't know you, DA, so I can't really make a judgement on that particular point). The popup has [MiB]precisely dick[/MiB] to do with any real defense of your system, it just makes you think that the money you spent on ZA (sucker!) was worth it.

As TC said, though, if ZA is the only thing keeping your network from dying a horrid death, you have a seriously screwed up system. Get thee to a competent network sysadmin.
 
Originally posted by TC
If you've got things like that happening, you've got a major security problem somewhere... Go fix it, instead of trying to patch it over with a software solution.

Very true. A box without any loopholes won't need a firewall.
BTW: If you do business I'd definitely go hardware firewall. Software is really only for private use.

Originally posted by TC

The release of XP has absolutely nothing to do with anything...

Actually XP introduced problems. The hing is this: Old Windows versions had a broken/light implementation of TCP/IP. XP has the full one like Linux for example. Now this is a good thing per se. The problem is that XP is far more easier to hack and so a hacker got millions of now full powered machines to abuse.
So while actually not a bad idea by Microsoft is still poses new Problems for the Web as a whole.

Originally posted by DarkeningAddict

What makes this so frustrating to me is the fact that no matter what Antivirus software we use, it either misses or fails to disinfect certain trojans.

You might want to look into a specialised trojan scanner. Antivirus software is known for having rather bad detection rates (<90%) for trojans.

Originally posted by Death

As for ZA, like all "personal firewall" gooberware, its primary purpose is to throw up lots of scary-looking (to the uninformed) popups screaming about nearly every type of access being a "possible intrusion" or somesuch.

I'd not condemn ZA as that. It isn't that bad. Of course if people start to get hysterical that is a different problem. Also if people would bother to click on the more info button ZA shows they'd get a detailed analysis that tells them that "an attack" to port 80 is most harmless.
I'd not bet too much on any personal firewall in regards of hackers however. They are more useful to find spyware/trojans connecting out and to stop script kiddies from getting in.

Originally posted by Ghost
WinME.
I have two machines, one with XP and the other with ME,
and the one with ME sometimes has that icon in the tray (or task) bar that means that you are updating your machine

In ME I think it is really only one one button to turn it off, isn't it?
I think even 95 can be brough to autoupdate, BTW.

Originally posted by Ghost

>Not that I'd name stability together with any Windows, but even in the Microsoft sector XP isn't the most stable
Maybe is your experience.

Nope, that is a fact.
 
Originally posted by TC
If you're actually running a buiness on the web off this machine, get a real, hardware firewall and someone who knows how to set it up properly and fix whatever security problems you already have. ..

We have a server with its own firewall.

To have trojans magically appear, your security is either wide open or you're doing things that aren't incredibly intellegent to begin with...

The trojans come in as attachments or embedded activeX files in e-mail. As soon as they are downloaded, I get an alert from FSecure that tells me what was downloaded and where it is {usually in a temp folder}, but the software can't disinfect it, nor can it be deleted. I've got one on my hd right now called "Space Ape's Stuff" that can't be deleted. It came from an attachment in an e-mail.

...Though I will add that it's hardly a problem if you don't use an insecure mail reader, and don't open things that are, in pretty much every case, obviously viruses.

I'm not that stupid, thank you. I don't open attached exe files. The newest version of the klez worm is embedded in html code, so if you get an e-mail that has html in it, the virus is automatically downloaded. There's another one called i.exploit, I think, that hides in an attatchment and is automatically downloaded when the e-mail is read. Even just deleting the message activates and downloads the virus.
I can of course disable all attached files, but that impedes my ability to send and receive necessary data to and from customers and manufacturers. So in other words, in order to configure my e-mail to make it virus proof, I have to cripple it to the point of near uselessness.


Umm... do you update the virus definitions?

Daily, automatically. I download the updates as they become available.


By the way, this used to be an occasional problem. I'd get a virus infection once or twice a year. In the last 9 months to a year, it's become a constant battle. Whether it's because of XP or not, it's definitely getting worse.
 
Originally posted by Death
Now, as for ZoneAlarm, so what if someone looking for an infected machine pokes at your box? If it's not infected, you have nothing to worry about (assuming you're not a total retard that runs every file they ever see... I don't know you, DA, so I can't really make a judgement on that particular point).

No, I don't. I may not be a power user, but "a total retard" I'm not.

The popup has [MiB]precisely dick[/MiB] to do with any real defense of your system...

I disagree. The popug gives you the exact time of the attempted intrusion and the ip address from which it came. When we first installed ZA, we actually tracked those ip addresses and contacted the isp they were going through. They looked into it and apparently contacted the pc owner or owners and a about a week later, we saw a noticeable drop in the number of attacks. Then, because the time of reported attack is precise to the second, we could see that the hacker was changing his tactics. He was sending the attack from three separate ip adresses simultaneously. When this failed, he eventually left us alone.

it just makes you think that the money you spent on ZA (sucker!) was worth it.

I use the free version. You did know ZoneAlarm is free for personal use didn't you? That's one of the best things about it, imho.

And finally, you mentioned something about the harmlessness of "script kiddies". Not so. This hacker was accessing our Quickbooks files, which is where we keep our customers' credit card information. The so-called "script kiddie" had hacked his way into a position to be able to perpetrate credit card fraud, which is also on the rise.

We've turned away at least 5 people in the last few weeks trying to buy very expensive equipment with stolen credit cards. Now I don't know that those credit cards were accessed by hacking, but that's certainly a possibility.

Now, having argued with you about the merits of ZoneAlarm, I'll go check out grcsucks.com and see what these people have to say about Mr. Gibson.

Thanks everybody for your input.
 
Originally posted by DarkeningAddict
The trojans come in as attachments or embedded activeX files in e-mail. As soon as they are downloaded, I get an alert from FSecure that tells me what was downloaded and where it is {usually in a temp folder}, but the software can't disinfect it, nor can it be deleted. I've got one on my hd right now called "Space Ape's Stuff" that can't be deleted. It came from an attachment in an e-mail.

I'm not that stupid, thank you. I don't open attached exe files. The newest version of the klez worm is embedded in html code, so if you get an e-mail that has html in it, the virus is automatically downloaded. There's another one called i.exploit, I think, that hides in an attatchment and is automatically downloaded when the e-mail is read. Even just deleting the message activates and downloads the virus.
I can of course disable all attached files, but that impedes my ability to send and receive necessary data to and from customers and manufacturers. So in other words, in order to configure my e-mail to make it virus proof, I have to cripple it to the point of near uselessness.

Hey, look what I said!

"Though I will add that it's hardly a problem if you don't use an insecure mail reader, and don't open things that are, in pretty much every case, obviously viruses."

Quite seriously, if you're using a mail reader (Outlook, I'll assume) that automatically executes some or any attached code, or html documents, you're asking for stupid amounts of trouble. It's a horrible design that basically assumes everyone you get mail from is a helpful, kind person that doesn't want to screw you over. Grab something that *doesn't* do this.
 
Originally posted by Ghost
Nope, your experience

I didn't ever use XP enough to give a real opinion actually (read long term test). I only got in debt experience up to 98SE (including NT). All other systems while I used them I did not used them for weeks or months. (Yes I did not reboot 98 SE for weeks).
Of course I crashed _EVERY_ system I ever tried already. That includes OS/2, several unix derivates and NextStep.

Originally posted by DarkeningAddict
When we first installed ZA, we actually tracked those ip addresses and contacted the isp they were going through. They looked into it and apparently contacted the pc owner or owners and a about a week later, we saw a noticeable drop in the number of attacks.

Well I dunno, but later versions of ZA seem to be less sensible in reporting. I noticed a dramatic reduction of reports when installing some version and thereafter.
Anyhow I don't use ZA anymore. There are better systems. More complicated however. ZA is the most user friendly one IMHO.

Originally posted by DarkeningAddict

And finally, you mentioned something about the harmlessness of "script kiddies".

Oh I fear them more then I do pros.


PS: If you use Outlook 2000 or Outlook Express 4,5,6 you might want to have a look at Esecurity free.
A nice small program that filters out scripts before they go into outlook (works like a proxy). Only problem is that it is German only. But then I think you can guess that options - there aren't that many after all.
http://www.pcwelt.de/downloads/utilities/sicherheit/20770/
 
Email

I use Outlook because of its blind carbon copy feature. We send e-mail to a private list of customers for sales updates. If you guys know of another e-mail product that has better security and bcc, I'd like to hear about it. Of course, I can disable html and attachments, but since I send html in e-mail responses to customers, it's not my favorite option.
 
BCC is a standard feature, I'm yet to see a mail client that doesn't have it. (though some may hide the field by default)

I use Mozilla mail. It lets you disable HTML and all kinds of scripting. Actually, they're disabled by default. Mozilla is still in development, but I'm sure that mature software like Eudora is secure.
 
Originally posted by KrisV
BCC is a standard feature, I'm yet to see a mail client that doesn't have it. (though some may hide the field by default)

Even Agent, which I use and is primarily designed as a news reader and not an e-mail program, has BCC...
 
BCC

Actually, I prefer Netscape, which is what I use at home. The newer versions have bcc, but I don't see any option for disabling attachments or HTML.
How secure do you guys think it is? If it's worse than Outlook, I guess I'll look into Eudora.
Thanks again.
 
Originally posted by WildWeasel
You're bashing a system that you've hardly used?

I didn't say I hardly used it. I said I don't have long run experiences on it. When I only use any well maintained Windows for 3-4 hours at a time only and don't use any whacky software I don't expect to crash anyone of those.
 
Back
Top