Today I had a nice chat with a friend of mine about the latest computer threat in my country (and abroad too, I think, but I'm not sure), the virus called Nyxem (I'm also not sure if this is the name, because I saw a lot of people talking about that it has many names), and the damage that it does to our PC (deleting every file store there, no matter if it's a media type of file or executable). I went home and started informing myself of some web sites that has security scans (big corporation sites like McAfee, Norton or Sygate). Here are some interesting links I found:
Symantec Security Scan (Norton) (http://security.symantec.com/sscv6/home.asp?langid=ie&venid=sym&plfid=23&pkj=RPWOFCVMHEHPZGAKFLY)
Sygate Security Scan (http://scan.sygate.com/)
I would like you to test your computers and post the results (don't mention the ports you have blocked or opened on your computer, but only how many ports are blocked or opened - security reasons only :roll: ). I would also want to ask you all (especially those of you who know networking a little bit more, or you experts) what are some of the notions I found after I tested my PC. Let's discuss on this.

Microsoft Spyware and firewall
Norton Anti-Virus and Firewall
Ad Aware
PcCillin Virus Blocker
Google, Yahoo and Msn Popup blockers

Simple, nothing gets in, nothing gets out

An error has occurred

Symantec Security Check is not compatible with your computer settings because:

Error 001

Security Scan and Virus Detection do not work with your operating system. To run Security Scan and Virus Detection, you must be using Windows 98/ME, NT 4.0 Workstation/2000 Pro/XP, or Mac OS 8.1 or higher.
Oh well... They don't suppport Windows Server 2003 that I'm running. :(

Sygate's test found two open ports. HTTP and SSH. As they should be open as I'm running webserver and SSH server...

And those two ports are open on my server, not on this computer anyways (the tests couldn't find this computer as it's behind my server and firewall).


Simple, nothing gets in, nothing gets out
The moment you plug into the net you become vulnerable no matter what you are running (and especially if you are just running software firewalls...).

Sygate's test found two open ports. HTTP and SSH. As they should be open as I'm running webserver and SSH server...

Yeah, Norton found HTTP (port 80) opened, although I am not running any web server. SSH is stealth, though. Sygate found them blocked.

One thing for the norton users.
That thing blows.
So many people come in the store complaining that norton screwed their pc's up. anyway.

thius is what i got.

Kaspersky Anti-Virus (strongest i ever seen)
Kaspersky Anti-hacker (strongest i've seen )

Yes, as soon you have your ethernet or your phoneline online your in the virus/spyware/adware world. You can't run or hide.

You can maintain your self cleaner than not having anything protecting or scanned.

Also the only way to get rid of 100% of the viruses and spywares is too format and not plug the pc into the internet.

most problems i got with kaspersky

One thing for the norton users.
That thing blows.
So many people come in the store complaining that norton screwed their pc's up. anyway.

thius is what i got.

Kaspersky Anti-Virus (strongest i ever seen)
Kaspersky Anti-hacker (strongest i've seen )

I had Norton Internet Security 2003 once, and it blocked MSN Messenger and mIRC for I don't know what reason. Kaspersky though, made my operating system stop working, meaning the minute I started the system I couldn't do anything else but move the mouse pointer on the screen, that's all. I uninstalled it the next moment. Now I'm using Bit Defender 8 Professional (an antivirus from my country :roll: ) and Sygate Professional Firewall 5.6 . I'm very content with them.

One thing for the norton users.
That thing blows.
So many people come in the store complaining that norton screwed their pc's up. anyway.
The users blows.

99.9% of the users doesn't know a thing how the software is supposed to be used. They thinks that firewall is something that prevents all bad in the world without doing anything oneself...

Norton's (or actually Symantec's) software firewall's only bigger downside is it's heavy sctructure. It's uses too much resources. But it does it's job quite well.


Kaspersky Anti-Virus (strongest i ever seen)
Kaspersky Anti-hacker (strongest i've seen )

You haven't much seen then.

In recent virus protection test all these got full scores:
BitDefender
Computer Associates eTrust - VET
F-Secure
Kaspersky Lab
McAfee
Eset Nod32
Microsoft OneCare
Sophos
Symantec

And wrongly configured, all of them are worth nothing.

Software firewalls are fine addition to hardware (/dedicated) firewalls. But again, wrongly configured they are worth nothing.


Yes, as soon you have your ethernet or your phoneline online your in the virus/spyware/adware world. You can't run or hide.
Virus, spyware and adware cannot enter your computer if unless you let them to go there. Firewall isn't against them. Port blocking won't stop them coming. Virus cannot get to your computer if you don't let it go there. Adware and spyware cannot come to your computer if you don't install them yourself.

Firewall is against threats that comes from network. Worms and crackers are those threats. Not virii, adwares or spywares.

Of course firewall can prevent those working, but that is after the damage is done and the virus/adware/spyware is on your computer and tries to connect to the internet.





If one wonders what I'm using then here's list...

On this computer (and other computers I have her):
No virus detection
No firewall
Common sense

On my server:
Norton virus center 2000 for servers (I can use this to scan my other computers, too, when I want to do so. That's couple times a year)
Software firewall (Kerio 2.1.5)

The server is behind dedicated firewall. Other computers are behind the server.

In past 5 years...
number of virii: 0
spyware/adware installed: 0

Is a trojan the same with an adware, spyware, dialer etc.? Or does it have its particularities?

PC Chillin is the # 1 Virusscanner in the world

what Ekasra says is 100% right.This package keeps everything away from the computer.Check out MY security:

3 times Norton Antivirus
3 times Norton Firewall
2 times Windows Firewall
2 times Microsoft Anti Spyware

Not to mention the extra things that are in the sever below me.

My PC is defended like the office below me.It rules!

Is a trojan the same with an adware, spyware, dialer etc.? Or does it have its particularities?
Trojan is mixture of virus & spyware (it actually predates specification of spyware).

It is software that installs into computer and then acts like virus. Can 'call home', open your ports for crackers to use, or just spread itself to new sources from your computers (in which point it really becomes worm). Trojans are what script kiddies usually use. They cannot do real attacks without these precoded trojans that leaves backdoors for them. One of the most well know trojan in history is Sub7.

Virus is just piece of code living as a parasite in host (usually a file or central memory). It cannot survive without host.

Trojan is parasite that is same time it's own host. It may look like normal program to outside but includes malfunctioning code (if you know history of Troja and it's Trojan Horse you understand the name of Trojan).

Do you even really need a antivirus? If you know what you're doing and you're not opening attachments from unknown senders, wouldn't you be safe enough? I mean, I don't use any antivirus or spyware blocker, and I never had a virus since my last prebuilt computer 6 years ago. Am I just lucky or are you guys using some wierd freaky stuff with your computers?

Do you even really need a antivirus? If you know what you're doing and you're not opening attachments from unknown senders, wouldn't you be safe enough? I mean, I don't use any antivirus or spyware blocker, and I never had a virus since my last prebuilt computer 6 years ago. Am I just lucky or are you guys using some wierd freaky stuff with your computers?
It's good to have some protection against virii for the first case scenario. Common sense helps to avoid them but you might make little mistake and then everything breaks lose... But to remember that anti-virus softwares nowadays aren't that much of anti-virus but anti-worm/trojan/spyware/adware softwares. Their main work area has changed lately.

But remember that ANY file can have virus. Even text file can contain virus. And once it is on your computer, and if it's code is launched somehow (launching it from text file would be tricky, tho) you are in trouble (assuming it's virus that is supposed to spread and do damage on your computer... Not all are such virii).

Every single file you have downloaded from internet could have had virus. No matter from what website it is from (big, well known sites are of course much, much, much more trusful than some lil site that has existed one day and offering naked_alizee.exe file... ). Every single file you have ever copied to your computer from any media (discs, CDs, memsticks, ipod, celly, you name it) could have had virus in it. In the 90s there were some software sold on stores that was affected by virus. Someone in the software company had had virus that infected the final product that end up to the stores... In theory, that could happen even nowadays. Thankfully, big companies usually have up to date virus protections, so chances are small for that happening.

But you are right about virii, tho. Regular virii has become quite rare actually. There's many reason for it. Emails are usually prefiltered at servers so you don't even get virii messages (or get the message but the virii has been removed).

Also, people has become lazy. Nowadays virii aren't what they used to be. Old virii were very neatly coded with low level languages (ASM and such), each of them masterpieces on their own area. They had the latest and the best memory controlling codes and everything. Their way to spread from file to file were brilliant. Masterpieces, as said...

Nowadays they are big and clumsy codes build with high level languages. They are ineffective, too big not to notice, and full of bugs...

Boot virii have practically extincted already. Last big epidemia was died around 2000. Macro & other virii are about to face the same destiny...

Gone are the 'good' old days of virii...

Bigger problem nowadays are the worms. Worm can easily spread to millions of unsecure computers in matter of hours. If anything, this is the real threat of internet. Superworm could literally kill the internet.

Thankfully, most of the worms are written to work on only on Windows machines so the real backbone of the internet has been safe for now.

But it's just matter of the time when first superworm epidemia starts exploiding newly found vulnerability...

I have NOD32 Antivirus System, Sygate Personal Firewall Pro, RegSupreme and Ad-Aware 6 8)

i got my shit on lock down!

no one can hac



(edit) :cry: my computer has a virus :cry:

Yes, RMJ, you are right about the virii nowadays, but there is one big programmer in my country that built a virus so powerful that no big corporation of anti-mallicious software has the antidote for it, only the one who built it. On 3rd of February he negociated over a large sum of money, the selling of that antidote. At least that's what the media says.

Well... What does media know about programming. :)

But corporations do buy knowledge from skilled hackers. Nothing new in that. The best hackers and crackers are always wanted on security business. If they know how to by pass security they knows how to fix it, too. It's very valuable knowledge, and saves time and money from the corporation to find the solution by themselves.

Well... What does media know about programming. :)

But corporations do buy knowledge from skilled hackers. Nothing new in that. The best hackers and crackers are always wanted on security business. If they know how to by pass security they knows how to fix it, too. It's very valuable knowledge, and saves time and money from the corporation to find the solution by themselves.
They don't know much about programming, they're just spreading the news, that's all. :)

Well, they aren't wrong about the idea behind the news but the way they put it is funny. :)

Well, they aren't wrong about the idea behind the news but the way they put it is funny. :)
Yeah, maybe it is but I have some friends who had that virus and they still regret that day. I don't know if it's true what they said, but if it is, then they didn't secure their PC's very good, or they opened the mails that contained it (because this virus was spread via email).

Well i am using a PC Cillin. very good works well. blocks spys, viruses, simple to use. :D

Locked tight here. All of them. :)

NOD32 antivirus
Kerio firewall
SpywareDoctor
AdAware
Spybot Search & Destroy

Spywareblaster running in the backround.

All behind a router.

:cheesy:

Use CCleaner to flush out your system. It's free and works great.
http://www.ccleaner.com/

And oh, use Firefox not IE.

Well... What does media know about programming. :)

But corporations do buy knowledge from skilled hackers. Nothing new in that. The best hackers and crackers are always wanted on security business. If they know how to by pass security they knows how to fix it, too. It's very valuable knowledge, and saves time and money from the corporation to find the solution by themselves.

I had learnt an article on "cracker" and "hacker" before on college English class(I'm very very missing that time when I was in the previous half of my college life,you know I 'll graduate not long later,but if I have passed the entrance examinmation of graduate school,I can sitll stay in college for 3 years more,haha, maybe Lili could bless me,I love you ,Llili!),ok ,back to the topic,yes indeed many computer & net guardians do come from hackers or crackers,whatever, the guys are very useful to their countries.

By the way,do you know the virus of "Alizee" that once exploded massively in Europe and Japan?

I use microsoft anti spyware, avast anti virus, and HijackThis.

does somebody use NOD32, is ti good? maybe i´m going to buy it

does somebody use NOD32, is ti good? maybe i´m going to buy itWell it's good right now, first I use Antivir (www.free-av.com)(but you have to download the updates manually :? ), then Kapersky (which blocks my internet conection :x ) and now I use NOD32 which updates by itself :P . No problems so far with virus :wink:

i´m not going to use kaspersky, i have only problems with that

i´m not going to use kaspersky, i have only problems with thatWell then NOD32 it's your best choice.

I have a news article on the latest threat online. A romanian hacker just built a new form of trojan that infects the PC's and grants full access for the hacker to them. The trojan's name is Troian.Ardamax.A and it is spread via e-mail or instant messenger services.

http://www.bitdefender.ro/NW231-ro--Un-nou-virus-“Made-in-Romania”.html

Here is the translation:

The Bitdefender division from Softwin Romania warns of a new virus, which develops, in a few days, an informatical attack on the Romanian internet users' computers. Over one thousand PC have been already infected.

The virus, under the name Troian.Ardamax.A is the work of a Romanian programmer. It is sent via e-mail messages or through instant online chat, asking the users to access a certain link to an archive file.

For a few days, lots of e-mail addresses from Romania received this type of message:

"hey, Ionut (equivalent to Johnny, in English), here's the program I told you so much about... I will give you the IP addresses which you need to type, and we'll talk when you connect to the internet again... contact me as soon as possible! http:// [LINK REMOVED]/vladutz2006/client.zip"

{the other example is similar to this}

The archive file to which the link indicates contains an executable file (clien.exe or client.exe), which pretends to be a well known tool (Putty). Once executed, this file installs a "commercial keylogger" (a type of program which watches the infected user's keyboard). The keylogger is difficult to detetct by the users, because it is not visible in the task bar or system tray.
The keylogger is capable of monitorizing the keyboard and to obtain the passwords from the ICQ Pro, Skype, Windows Messenger, Google Talk, Yahoo! Messenger, Miranda, QiP accounts.

Once they are obtained, the accounts can be compromised, by modifying the passwords and the hacker total control granted over them.

Using these accounts, the author is able to send to all the contacts from the address books of the virus link users or to the pages which asks for the typing of the username and passwords.

"The news in this virus case is the way of spreading and the interest of the Romanian programmer to send it to as many of his compatriots' computers as he can", says Bogdan Dumitru, Bit Defender CTO.

What needs to be done in case you got this virus? The Bit Defender specialists advice you NOT to:

"access the received links, via the online messages services including the ones mentioned above. In case the virus is detected on your computer, allow Bit Defender to delete all the infected files."

{the rest is advertising..}

Remember that this virus is only spread inside Romanian networks, but if the mentioned programmer is not apprehanded, this virus will probably leave my country's "boarders" (in case it hasn't done it already).

Both tests left nothing pass.

Running an hardware firewall (won't describe the brand), Windows XP with an antivirus and Ad-Aware and Firefox. Or Linux.

I would say my security is quite alright, and soon it will be better as my network will look something like this:

http://exet-upload.mine.nu/upl/Admin/network.png

And my software protection consists of NOD32 as my AV and Agnitum Outpost as my FW.

I have every protection program there is. I #$%$##$ had any problems ^&%$$##$%%^^&***. I have bnever had A virusssssssssss invade my commmmmmmmputterrrrrrrrr. Idont no whut u are worried about.

I have every protection program there is. I #$%$##$ had any problems ^&%$$##$%%^^&***. I have bnever had A virusssssssssss invade my commmmmmmmputterrrrrrrrr. Idont no whut u are worried about.
It's not a worry it's a precaution, because it's better to prevent than heal. Us, internet users need to be filled in with the latest threats.

I have every protection program there is. I #$%$##$ had any problems ^&%$$##$%%^^&***. I have bnever had A virusssssssssss invade my commmmmmmmputterrrrrrrrr. Idont no whut u are worried about.
It's not a worry it's a precaution, because it's better to prevent than heal. Us, internet users need to be filled in with the latest threats.

I was just messing around. Of course I have Spysweeper, Window Washer, Norton Internet Security, Norton Anti-Virus, Ad-Aware Pro, and Ad-Watch.

Ekasra seems to have a comprehensive set of protection. Do you have ZoneAlarm as a firewall? (Not that you need anymore since you have two)