Originally posted by: dnuggett
Originally posted by: BikeDude
Originally posted by: dnuggett
I've always wondered how people have the time to go through the registry etc. to determine if they have been hit by a virus when running an antivirus is much easier. Or is it they that don't know, and assume since the machine is running ok that there isn't a virus? Rhetorical question BTW...
Cute.
But: What do you do when faced with a brand new virus? You're the first person hit; Now what? Your AV is dead in the water. All it does is provide you a false sense of security.
I scan from time to time (using Housecall). Never found anything.
netstat and process explorer are your friends. AV is just for show. First identify the target vectors, THEN figure out if AV is really worth it. I've certainly seen more AV related problems rather than virus-related ones!
Cute? What do you think the percentage chance of being the first one hit by a virus is?
What's even better is you assume that virus is going to show up in the process explorer, now thats a good one. Do you honestly think it has to? Be careful how you answer, you may just being throwing one of your methods out the window. Or you may just be confirming you aren't really sure how a virus can mask itself. Either way....
Will you will be looking at netstat 24/7 to stop an attack? Or is your computer only on when you are on it? Do you do a data verification on all data down/uploaded?
Netstat is great as a bandwidth monitor activity monitor, that's where it stops.
Now stare at that thing for one minute when you are not using an outgoing/incoming connection.
Why are you still getting an incoming reading every now and then. Do you know what it should/shouldn't look like?
Is that the ISP pinging the modem?
Is it really? What else could it be?
There is no preventitive measure with that program, and if you think there is I feel for you. Talk about a false sense of security.
Originally posted by: dnuggett
Cute? What do you think the percentage chance of being the first one hit by a virus is?
What's even better is you assume that virus is going to show up in the process explorer
confirming you aren't really sure how a virus can mask itself. Either way....
Do you know what it should/shouldn't look like?
Is that the ISP pinging the modem?
Talk about a false sense of security.
Originally posted by: dnuggett
The user is the ultimate solution, but the fact remains best practices are to have one running.
Originally posted by: BikeDude
Originally posted by: dnuggett
The user is the ultimate solution, but the fact remains best practices are to have one running.
Best practices according to who? (AV manufacturers?) For everybody?
I've seen several people argue the way you do since '88 or so. AV has been adopted widely since, yet the number of attacks is still on a rise, is it not?
Security net? More like a false sense of security. AV fools users into thinking they're safe, thus they gladly click wherever it pleases them. "I'm protected, ergo I click". I certainly recall Melissa and the delay before the AV companies managed to get their signatures updated. Not pretty.
AV is there because we can't be bothered to educate the users. It is far from foolproof; We need to make considerable progress with heuristic scanning methods first.
I'd also like to point out that for regular users, mail worms are the least of their worries. Phishing attacks designed to lure the user to surrender e*bay account details is a sign of things to come. At the end of the day, the users need to be educated. (but then again, the same holds true for the "real" world -- plenty of con men/women around)
AV boils down to a very crude method of protection. You might as well wear a plastic cup on your head.
Originally posted by: atchon
I reinstall about once a month on average probably...but i have a seperate boot harddrive and all my major programs on a dvd so its not to bad to get everything back to how it was.
Originally posted by: BikeDude
Originally posted by: dnuggett
The user is the ultimate solution, but the fact remains best practices are to have one running.
Best practices according to who? (AV manufacturers?) For everybody?
I've seen several people argue the way you do since '88 or so. AV has been adopted widely since, yet the number of attacks is still on a rise, is it not?
Security net? More like a false sense of security. AV fools users into thinking they're safe, thus they gladly click wherever it pleases them. "I'm protected, ergo I click". I certainly recall Melissa and the delay before the AV companies managed to get their signatures updated. Not pretty.
AV is there because we can't be bothered to educate the users. It is far from foolproof; We need to make considerable progress with heuristic scanning methods first.
I'd also like to point out that for regular users, mail worms are the least of their worries. Phishing attacks designed to lure the user to surrender e*bay account details is a sign of things to come. At the end of the day, the users need to be educated. (but then again, the same holds true for the "real" world -- plenty of con men/women around)
AV boils down to a very crude method of protection. You might as well wear a plastic cup on your head.
Originally posted by: goku
Originally posted by: atchon
I reinstall about once a month on average probably...but i have a seperate boot harddrive and all my major programs on a dvd so its not to bad to get everything back to how it was.
noob