how do you get infected?

[redsss]

On the Kim Kommando show, Kim said that latest statistics reveal that the average computer (without firewall & virus protection) gets infected within 5 minutes after being connected to the internet.

My understanding is that if you don't execute unknown executables (like email attachment), that you won't get infected (barring certain security vulnerabilities).

My question is how can you get infected? (i.e. if you have installed the latest security updates on your system, why do you need a firewall/virus protection if you never execute unknown attachments/executables?)

 

[jimbopalmer]

If the OS were truly secure, you might indeed need to start the process on your end. Unfortunately, many people are forced to use Microsoft products instead. If you fall into this category, it is important to get some sort of gateway between your network and the boys being babysitted by their home computers. (at least as far back as the TRS-80, it is always 'bad luck' to depend on the same OS as boys are given by their mothers to keep them busy, so this is not really just a MS problem)

I tried to remain child-like, all I acheived was childish.

 

[LloydSev]

You get infected by being exploited. If you just load on, say, the original version of Windows XP, there are 2 full service packs and more patches which cover extremely critical exploits.

The point is, that there are so many viruses probing internet addresses, that for a computer with no patches it would only take about 5 minutes for a virus to successfully exploit an already patched flaw in XP and infect your system.

LSASS is a good example of a vulnerability that viruses take advantage of which has been fixed already. Sasser was the big one that used this vulnerability.

Computer/Network Technician
CCNA

 

[allteltec]

You can get a virus by just going to some WWW. sites. Warz Porn and hack sites sometimes "made that most of the time" has viruses inbeded in there home pages. PtoP software also will get you.

 

[BadBigBen]

here are a few points aswell:

1.) ActiveX activated.
2.) Javascript activated.
3.) Not running a Firewall.
4.) not having an active AntiVirus Progy running in the background.
5.) in place AntiSpyware scanner, like TeaTimer (SpyBot S&D) or MS/Giant AntiSpyware...

Way's not to get infected:

1.) Don't import any files from suspected sources, ie. the kid down the road who wants to show you his newest cracked game/progy.

2.) Do Not connect to the Internet at all.

add both together you get an almost 99.99999996% clean OS.
(with computers there is no 100%, as even MS has in the past used code from other non-serious sources)...

Ben





Ben

If it works don't fix it! If it doesn't use a sledgehammer...

 

[teash]

I built a friend a computer, installed windows xp, no fixes, service pack 1 he took it home and plugged it into his dsl modem. 8 min, he called me, says his computer was messing up. (It was fine before it left the house).

I took it back, reinstalled windows, and he did the same thing. On the next phone call, I asked him what he was doing and he told me he removed the built in firewall because he was going to go buy a router.

Third time, I didn't give him the computer until he went a bought the firewall/router.

So, if you ever have to install windows and go download your drivers/updates... becareful because you can become infected really quick.

 

[G0AOZ]

Having built the IPCOP Linux router a while back, I noted that Sasser and Blaster were hitting the firewall on average every 3 to 4 seconds. Say it all, doesn't it...

ROGER - G0AOZ.

 

[greyted]

GOAOZ:

Do agree with you, five seconds is the quickest hit I have personally seen. The average time for a hit is twenty-five to sixty seconds

teash:

Have also encountered the same problem on many occasions, it is the old educating end users problem, again…



Ted

"The difference between a misfortune and a calamity is this: If Gladstone fell into the Thames, it would be a misfortune. But if someone dragged him out again, that would be a calamity."
Benjamin Disraeli.