• Visitors can check out the Forum FAQ by clicking this link. You have to register before you can post: click the REGISTER link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. View our Forum Privacy Policy.
  • Want to receive the latest contracting news and advice straight to your inbox? Sign up to the ContractorUK newsletter here. Every sign up will also be entered into a draw to WIN £100 Amazon vouchers!

You are not logged in or you do not have permission to access this page. This could be due to one of several reasons:

  • You are not logged in. If you are already registered, fill in the form below to log in, or follow the "Sign Up" link to register a new account.
  • You may not have sufficient privileges to access this page. Are you trying to edit someone else's post, access administrative features or some other privileged system?
  • If you are trying to post, the administrator may have disabled your account, or it may be awaiting activation.

Previously on "Help! ccsvchst.exe is killing my machine!"

Collapse

  • doodab
    replied
    Originally posted by PAH View Post


    Maybe ISPs should concentrate on filtering out this stuff at source. Every PC or hosted server has to connect to the internet somewhere, so first port of call should be firewalled against the scum.

    Why should those at the end of the chain have to protect against those at the beginning?
    A firewall that prevents outgoing connections is protecting the beginning of the chain.

    ISPs randomly preventing people connecting to the net would break loads of legitimate things and probably not work. Even with deep packet inspection it would be trivial for malware writers to circumvent with encryption or steganography.

    Leave a comment:


  • PAH
    replied
    Originally posted by DaveB View Post
    It generally hovers somwehere around 10 minutes.


    Maybe ISPs should concentrate on filtering out this stuff at source. Every PC or hosted server has to connect to the internet somewhere, so first port of call should be firewalled against the scum.

    Why should those at the end of the chain have to protect against those at the beginning?

    Leave a comment:


  • DaveB
    replied
    Originally posted by PAH View Post
    I remember reading an article a few years ago in one of the computer magazines where they did a test for how true it was that the internet was awash with nasties trying to infect your home computer via an unsecured internet connection.

    I think they had the PC connected to an unsecure connection for less that a day before they had all sorts of infections uploaded to it.

    Of course, this could have been a stunt, or they could have been using the office network whose IP address is probably well known to the hacker community.

    Maybe the story had 'advertisement for Zone Alarm' at the top.

    Moral of the story: There's free protection available (usually out of the box) so may as well use it, as long as it doesn't hog too many resources.
    Originally posted by doodab View Post
    I recall around the end of 2004 I helped a friend with a USB modem internet connection (which had no firewall) reinstall XP. By the time you had connected, mdownloaded and started installing updates, SP2 and anti-virus software it was infected i.e. within minutes of connecting. In the end I had to download XP SP2 and AVG from elsewhere and install offline in order to get the PC well protected enough before connecting.
    SANS run a (semi) real time survival time chart tracking the time between connecting to the internet and the first attempted connection from a malicous source. Asuming an unpatched system the first attempt will almost certainly result in infection of the target. It generally hovers somwehere around 10 minutes.

    SANS Survival Time Chart
    Last edited by DaveB; 11 July 2011, 13:21.

    Leave a comment:


  • Mason Boyne
    replied
    Originally posted by Ruprect View Post
    Get a mac

    HTHBISID
    Hope That Helps But I See I'm Dyslexic...?

    Leave a comment:


  • doodab
    replied
    Originally posted by PAH View Post
    I remember reading an article a few years ago in one of the computer magazines where they did a test for how true it was that the internet was awash with nasties trying to infect your home computer via an unsecured internet connection.

    I think they had the PC connected to an unsecure connection for less that a day before they had all sorts of infections uploaded to it.
    I recall around the end of 2004 I helped a friend with a USB modem internet connection (which had no firewall) reinstall XP. By the time you had connected, mdownloaded and started installing updates, SP2 and anti-virus software it was infected i.e. within minutes of connecting. In the end I had to download XP SP2 and AVG from elsewhere and install offline in order to get the PC well protected enough before connecting.

    Leave a comment:


  • PAH
    replied
    I remember reading an article a few years ago in one of the computer magazines where they did a test for how true it was that the internet was awash with nasties trying to infect your home computer via an unsecured internet connection.

    I think they had the PC connected to an unsecure connection for less that a day before they had all sorts of infections uploaded to it.

    Of course, this could have been a stunt, or they could have been using the office network whose IP address is probably well known to the hacker community.

    Maybe the story had 'advertisement for Zone Alarm' at the top.

    Moral of the story: There's free protection available (usually out of the box) so may as well use it, as long as it doesn't hog too many resources.

    Leave a comment:


  • amcdonald
    replied
    Originally posted by suityou01 View Post
    Zone alarm stops outbound vectors so rogue processes can't dial home with your details. A router firewall only blocks inbound.
    I guess it works fine, I've not had a virus since using it (admitedly the paid version though) for years

    Leave a comment:


  • Sysman
    replied
    Originally posted by Ruprect View Post
    Get a mac
    And if you do get a Mac, don't run Norton on it.

    (I don't know if it is still sold, but a few years ago I saws lots of reports that Norton for Mac was a resource hog)

    Leave a comment:


  • Ruprect
    replied
    Get a mac

    HTHBISID

    Leave a comment:


  • d000hg
    replied
    Originally posted by PAH View Post
    I think the Windows 7 firewall does that too. It has outbound rules that by default block programs/services unless you specify otherwise. A warning appears if something attempts to make an outbound call
    Yep, although I didn't realise that wasn't in XP too. If you install a game you sometimes get a popup when you try to play online the first time, etc.

    Leave a comment:


  • PAH
    replied
    Originally posted by suityou01 View Post
    Zone alarm stops outbound vectors so rogue processes can't dial home with your details. A router firewall only blocks inbound.
    I think the Windows 7 firewall does that too. It has outbound rules that by default block programs/services unless you specify otherwise. A warning appears if something attempts to make an outbound call so you can decide whether to add it to the safe list.


    I've been using MSE since its release but it isn't good enough on its own to catch everything. I recommend also using Malwarebytes Anti-Malware which is free for manual scans (have to pay to get live monitoring), which is good enough for periodical checking unless you routinely browse dodgy sites. In which case a virtual PC or other sandbox to browse in isolation is probably a good idea.

    Leave a comment:


  • suityou01
    replied
    Originally posted by DaveB View Post
    By and large a Firewall is a Firewall is a Firewall.

    For a home network where you don't need remote access from your office or hotel room you can just rely on your router (assuming it has one, most of them do now) in it's out of the box config. It will block all inbound traffic by default unless it's a response to a request from your network. You can run windows firewall if you really want, but if you have a firewall on your router there really isn't much point.
    Zone alarm stops outbound vectors so rogue processes can't dial home with your details. A router firewall only blocks inbound.

    Leave a comment:


  • DaveB
    replied
    By and large a Firewall is a Firewall is a Firewall.

    For a home network where you don't need remote access from your office or hotel room you can just rely on your router (assuming it has one, most of them do now) in it's out of the box config. It will block all inbound traffic by default unless it's a response to a request from your network. You can run windows firewall if you really want, but if you have a firewall on your router there really isn't much point.

    Leave a comment:


  • doodab
    replied
    I use the MS stuff. It's pretty good.

    I've not had anything serious but the desktop (still running XP) did pick up a java nagware thing a couple of times, basically due to having a very old java version on it. I cured that by uninstalling java and cleaning it up. My windows 7 machines have all been totally fine.

    Leave a comment:


  • Bwana
    replied
    <deleted>
    Last edited by Bwana; 2 June 2022, 18:20.

    Leave a comment:

Working...
X