Don't trust...



D

dude

Guest
Virus risk

(dodgy .scr extension)






<snip>/NudeNeighbourTanning.scr
 
On Mon, 29 Sep 2003 12:58:28 +1000, "dude" <[email protected]> wrote:

>Virus risk
>
>(dodgy .scr extension)
>
>
>
>
>
>
><snip>/NudeNeighbourTanning.scr
>
>


Oh gee really?
You'd think any sensible person would be running an anti-virus, and
not click attachments. :)
 
In aus.cars Carsten Bauer <[email protected]> wrote:
> On Mon, 29 Sep 2003 12:58:28 +1000, "dude" <[email protected]> wrote:


>>Virus risk


>>(dodgy .scr extension)


>><snip>/NudeNeighbourTanning.scr


> Oh gee really?
> You'd think any sensible person would be running an anti-virus, and
> not click attachments. :)


I don't think that it'll run on any of my linux boxes. :)

--
Athol
<http://cust.idl.com.au/athol>
Linux Registered User # 254000
I'm a Libran Engineer. I don't argue, I discuss.
 
athol wrote:
> In aus.cars Carsten Bauer <[email protected]> wrote:
>
>>On Mon, 29 Sep 2003 12:58:28 +1000, "dude" <[email protected]> wrote:

>
>
>>>Virus risk

>
>
>>>(dodgy .scr extension)

>
>
>>><snip>/NudeNeighbourTanning.scr

>
>
>>Oh gee really?
>>You'd think any sensible person would be running an anti-virus, and
>>not click attachments. :)

>
>
> I don't think that it'll run on any of my linux boxes. :)
>


I use Windows, but don't have a virus scanner. I connect to the net and
occasionally download shareware, but never pirate software. I don't get
viruses.

--
Ben Thomas - Melbourne - Australia
Current car: silver manual Holden Astra SRi
Dream car: black Lamborghini Diablo

Respect for the man in the ice-cream van.
 
> >
> > I don't think that it'll run on any of my linux boxes. :)
> >

>
> I use Windows, but don't have a virus scanner. I connect to the net and
> occasionally download shareware, but never pirate software. I don't get
> viruses.
>


Same goes for me. A bit of commonsense helps too. I do download stuff and
run it on my machine, but only if I am certain I know what it is.
---
DFM
 
On Tue, 07 Oct 2003 22:07:07 GMT, Ben Thomas wrote:

> I use Windows, but don't have a virus scanner. I connect to the net and
> occasionally download shareware, but never pirate software. I don't get
> viruses.


I was the same... until my brother started using my computer two years ago.
Heh, the good ol' days. <g>

But if you're curious if your system is infected, Symantec have an "online"
virus checker on their website. It's an ActiveX-enabled page that will scan
your whole system and let you know if your system is infected. I don't know
if it will remove the viruses, however.

Sarch
 
Sarch <[email protected]> wrote in message
news:p[email protected]...
> On Tue, 07 Oct 2003 22:07:07 GMT, Ben Thomas wrote:
>
> > I use Windows, but don't have a virus scanner. I connect to the net and
> > occasionally download shareware, but never pirate software. I don't get
> > viruses.

>
> I was the same... until my brother started using my computer two years

ago.
> Heh, the good ol' days. <g>
>
> But if you're curious if your system is infected, Symantec have an

"online"
> virus checker on their website. It's an ActiveX-enabled page that will

scan
> your whole system and let you know if your system is infected. I don't

know
> if it will remove the viruses, however.
>


The idea is ok, but doesn't work too well if the virus is using your machine
as a server to spam your friends or random computers. The virus gobbles up
the bandwidth, and the ActiveX component ends up being shoved out. The scan
can take forever!

Killing services can control this, but some viruses stop you from stopping
services even! The last virus I got (cant recall the name), about 18 months
ago was on W2000 and used my own IIS to spam random IP addresses. Good old
W2000 kept telling me it couldn't shut those services down!!!! I have to go
out and buy the Symantec cd, and even then I had to manually remove it by
digging into the registry, dll's, and all that fun stuff!
---
DFM
 
Just go to gibson research and down load free avg for personal use and
free zone alarm for a firewall... then you have two pair of undies..

Sarch wrote:
>
> On Tue, 07 Oct 2003 22:07:07 GMT, Ben Thomas wrote:
>
> > I use Windows, but don't have a virus scanner. I connect to the net and
> > occasionally download shareware, but never pirate software. I don't get
> > viruses.

>
> I was the same... until my brother started using my computer two years ago.
> Heh, the good ol' days. <g>
>
> But if you're curious if your system is infected, Symantec have an "online"
> virus checker on their website. It's an ActiveX-enabled page that will scan
> your whole system and let you know if your system is infected. I don't know
> if it will remove the viruses, however.
>
> Sarch


--
Unix Rules... help your mates and introduce them.
 
On Wed, 8 Oct 2003 12:49:20 +1000, Deep Freud Moors wrote:

> The idea is ok, but doesn't work too well if the virus is using your machine
> as a server to spam your friends or random computers. The virus gobbles up
> the bandwidth, and the ActiveX component ends up being shoved out. The scan
> can take forever!


Yeah, being a free service, and with the intention of trying to draw you
towards buying the full retail software, Symantec provide you with no
options to limit your scan. It'll do a full scan of all your files on all
your drives and partitions. The service is there just so you can verify
that your computer has been infected in some form. But as you've pointed
out, it's of no use if your ActiveX functionality has been hijacked by
viruses.

> Killing services can control this, but some viruses stop you from stopping
> services even! The last virus I got (cant recall the name), about 18 months
> ago was on W2000 and used my own IIS to spam random IP addresses. Good old
> W2000 kept telling me it couldn't shut those services down!!!! I have to go
> out and buy the Symantec cd, and even then I had to manually remove it by
> digging into the registry, dll's, and all that fun stuff!


I haven't had this issue yet - touch wood. The only virus I found were
macro viruses in Word documents that I received from someone (from project
partners at university), but that's about it (the macros were never run).
But when my computer-illiterate brother started using my PC, I pretty much
had to purchase a virus scanner just to be safe. Of course, restrictive
account permissions do kind of minimise any potential damage that may arise
even with a virus scanner installed, but this is open-for-attack Windows
we're talking about.

Sarch
 
"GB" <[email protected]> wrote in message news:[email protected]...
> "Deep Freud Moors" <deepfloydmars@yIaWONThBITEoYA!o.co.uk> wrote in
> news:[email protected]:
> > On Tue, 07 Oct 2003 22:07:07 GMT, Ben Thomas wrote:
> >> I use Windows, but don't have a virus scanner. I connect to the net
> >> and occasionally download shareware, but never pirate software. I
> >> don't get viruses.

> > Same goes for me. A bit of commonsense helps too. I do download stuff
> > and run it on my machine, but only if I am certain I know what it is.

>
> That's all very well and good, but for a couple of key problems.
> First up, you've both lulled yourselves into a very false sense
> of security. Whilst the behaviour you've adopted is certainly
> sensible, and generally works quite adequately against virii, it
> simply isn't enough to keep yourself safe from, in particular,
> worms anymore. Never was, in fact.
>
>
> I'm not sure which Windows you're using. Mr Thomas is using
> Windows 98. That puts him in a slightly ahead-of-the-pack
> position *only* in respect of the last couple of worms that
> have made headlines, and the new one that is gonna hit sometime
> Real Soon Now (tm). It does not, however, buy him very much
> time in the grand scheme of things.
>
> The last couple of worms (Blaster, Welchia and derivatives)
> that made headlines exploited a couple of failings specific
> to the Windows NT (and derivatives) OS. Your Windows 98 is
> not vulnerable to that one.
>
> That's not to say that there won't be a new vulnerability
> uncovered tomorrow that does put you at risk.
>
>
> What makes your and Mr Thomas' positions so laughable is
> that you're both using Microsoft Outlook Express to read
> and post to usenet. That is just begging for trouble. You,
> more than anyone, should be scanning, patching and blocking
> like crazy.
>
> What makes your and Mr Thomas' positions so irresponsible
> is that you're both carrying on with this laughably silly
> behaviour while having your computers connected to the
> public Internet. You're imposing your silly behaviour on
> me, and millions of other people, and that makes you
> fundamentally irresponsible.
>
> <RANT> (yup, I wasn't ranting up until now!) That's the
> problem with kids today. They think that 'cos they paid
> some money to their ISP, they have some sort of *right*
> to be 'on' the public Internet, and that as a direct
> result of having paid their money, they can behave how
> they damn well please, completely ignore any sense of
> community, or social responsibility, and generally maintain
> an "I'm all right Jack, screw you" attitude.
>
> Remember kids, the faster you download, the larger your
> penis gets.
>
> </RANT>


> There is a growing advocacy in IT circles towards
> the active withdrawal of service and/or punishment
> of individuals who practice what you two advocate.


Only by fools who havent got a clue about the law.

> Many Universities, particularly in the
> US, already implement such actions.


Separate issue entirely to whats legally possible with
customers who have paid for their net connection.

> One that made the IT press recently actively scans all
> computers (including those brought on-campus by students,
> and those connected in student dormitrys (sp?)) connected
> to the University network to check whether (a) they are
> running any nasties (worms, back doors, etc), and (b)
> they are adequately protected against such nasties.


And anyone with a clue would realise that that sort
of activity is completely illegal when done by the ISP.

> If they don't pass the test, the system sends the student
> a pop-up message to their screen, and an email message
> that they can presumably pick up from another computer
> later, then shuts down the network port that their
> computer is connected to. Instant withdrawal of service.


And any ISP stupid enough to try that would end up
with its guts for garters when its stupid enough to try
that with a paying customer who has a clue about the law.

> Their authentication won't work again until after they
> have brought their computer to a designated place
> for University staff to inspect and confirm compliance.


In spades with that.

> It's a good system.


Completely impractical and ILLEGAL for an ISP.

> I think that the hefty fines that some advocate
> are a little over-the-top, but withdrawal of network
> and/or Internet service pending compliance is
> certainly an excellent approach in my view.


More fool you.

The law prevents jackbooted thugs like you
from behaving like that with commercial services.

> In my view, you're perfectly welcome to operate your
> flawed configurations, with your fundamentally flawed
> practices in the comfort and privacy of your own network.


Your view is completely and utterly irrelevant.

> When you connect to the public Internet, *you*
> become *my* problem. I have serious issues with that.


Your problem. You're always welcome to not use the public
internet if what can be done legally doesnt appeal to you.

> By all means, unplug your network from the 'net now,
> and continue with your heads jammed in the sand, but
> for $diety's sake, stop advocating (and bragging about)
> such fundamentally stupid and irresponsible behaviour.


True of you in spades.
 
GB <[email protected]> wrote in
message news:[email protected]...
> Rod Speed <[email protected]> wrote
>> GB <[email protected]> wrote


>>> There is a growing advocacy in IT circles towards
>>> the active withdrawal of service and/or punishment
>>> of individuals who practice what you two advocate.


>> Only by fools who havent got a clue about the law.


> Er, yup, that pretty much sums up the
> vast majority of those working in IT.


You in spades.

>>> Many Universities, particularly in the
>>> US, already implement such actions.


>> Separate issue entirely to whats legally possible with
>> customers who have paid for their net connection.


> So Australian law considers ISPs to be proper
> 'telecommunications providers' now?


The technical term is actually carriage service
providers as far as the legislation is concerned.

And that stuff is mostly provisions of the trade
practices act, not the telecoms act anyway.

> Kinda moves the goal posts, yeah.


Nope, thats been the law in this country for decades now.

> What about the likes of AOL and Compu$erve, those who go to great
> lengths to imply that what they're giving you is not 'The Internet'?


Completely irrelevant whether its 'The Internet' or not.

>> And anyone with a clue would realise that that sort
>> of activity is completely illegal when done by the ISP.


> Doesn't make it a bad idea tho :)


Corse it does. Its a stupid and totally impractical approach.

> Is it actually 'completely illegal',


Yep, completely illegal.

> or are you exaggerating as far in the libetarian side


Nope, I'm rubbing your nose in what the law doesnt allow.

> as I am in the authorotarian just to prove a point, or do ISPs really
> have no control over what their customers do on their networks?


As long as their customer isnt doing anything illegal themselves,
the ISP gets no say on how they choose to operate their PCs.

In spades with what was being discussed,
running virus checkers etc on their PC etc.

>> And any ISP stupid enough to try that would end up
>> with its guts for garters when its stupid enough to try
>> that with a paying customer who has a clue about the law.


> Depends what the customer bought, right?


Nope.

> Can I put a variation on the old "Not a common carrier" in my TOS,


Doesnt change a thing. You are or you aint, doesnt matter a
damn what the TOS says about that, and pulling the plug on
the service the customer has paid for just because they dont
run a virus checker doesnt have a damned thing to do with
whether the ISP is or is not a common carrier anyway.

> combine that with a requirement to do basic common sense
> things like scan for virii and worms, and patch windows
> holes, and block bad ports as a condition of supply?


Not legal.

The most they can do legally is TEMPORARILY stop
you from using their service if they can PROVE that
your system is infected and is causing a problem for
their service as a result of that infection. And they have
to allow the user to use the service they have paid for
once they have fixed the problem too.

And they certainly cannot ever 'punish' anyone.

> All very pie in the sky of course,
> never gonna happen, blah-di-blah.


You were the one stupid enough to
advocate that completely illegal approach.

>>> It's a good system.


>> Completely impractical and ILLEGAL for an ISP.


> Yup, but it's a good system.


****. Jackbooted thuggery is never a good system.

>>> I think that the hefty fines that some advocate
>>> are a little over-the-top, but withdrawal of network
>>> and/or Internet service pending compliance is
>>> certainly an excellent approach in my view.


>> More fool you.


> Geez, I tone it down for the audience,
> and you still give me a hard time.


You spew mindless ****, you get an appropriate response.

> What I *really* want is physical violence. 'The beatings
> will cease when the cluelessness abates' type stuff :)


Gone blind yet ?

>> The law prevents jackbooted thugs like you
>> from behaving like that with commercial services.


> Giz examples Rod. Not having a go, genuinely interested.


Read the trade practices act or the ACCC's
pdf that summarises some bits of it.

> I understand that the commecial practicalities of implementing
> such a thing are, well, not. Not so clued on the legal angle though...


Consumer rights are a bit hard to summarise in a sentance or two.

>>> In my view, you're perfectly welcome to operate your
>>> flawed configurations, with your fundamentally flawed
>>> practices in the comfort and privacy of your own network.


>> Your view is completely and utterly irrelevant.


> Flushed where I belong then? :)


Yep.

>>> By all means, unplug your network from the 'net now,
>>> and continue with your heads jammed in the sand, but
>>> for $diety's sake, stop advocating (and bragging about)
>>> such fundamentally stupid and irresponsible behaviour.


>> True of you in spades.


> I try my best :)


It aint good enough. Do the decent thing and top yourself forthwith.