On The Insider: Britney's Bikini-Clad Top 10
BNET Business Network:
BNET
TechRepublic
ZDNet
TalkBack 4 of 7:
Next »
« Previous
If you get caught by virus with Symantec...
If you get caught by virus with Symantec... each time a new threat was appearing, then most likely, you are not performing updates often enough. You're targetted very soon, and you would better use another AV that protects you much more proactively and sooner with more frequent security updates, or with a more efficent heuristic scanner.

Really, Symantec antivirus "solutions" are all ressource hogs on any system; they have invested to much into building a "cute" GUI that desserves its own application;

Consider something better, updated automatically at least once a day. Get AVG Antivirus (even the free version, with automated daily updates will protect you more efficently).

Remember two things:
* about one quarter to one fifth of all PCs connected to broadband Internet accesses at home are infected by bots.
* about one fourth of all emails sent worldwide are spam, most of them being sent being sent from bot infected PCs.
* most bot infected PCs were infected by spammed virus that download backdoors
* backdoors allow controling what the bot will perform from anywhere in the world
* the bot will typically run a keylogger to get your system password (allowing the bot to install later a rootkit with system privileges)
* with system privileges, the installed bot becomes a rootkit invisible to your currently running antivirus
* the bot will open any ports it needs by deconfiguring most common local firewalls
* some bots will be able to deconfigure an external firewall, notably if your ISP provides it within the free modem-router needed to access to its service
* bots are remotely controlable and can then perform actions on your local network to scan for emails of all your contacts, or to scan documents to perform social engineering
* social engineering allow bots to convince you that an email is legitimate despite it was completely forged. it can convince you to visit your online bank to perform some checking operations
* bots will keylog your password once you visit your online bank, or will keylog your credit card info when you are typing them even in a secure online purchase form
* bots will transmit all your most preious data to some remote website controled by criminals, they can use your account to steal money from it using multiple small money transfers that you won't notice immediately
* bots are then participating to the relaying of spam, so your host become a spam sender
* bots are also participating to the relying of virus, through worms and trojans
* bots are used to relay phishing emails
* bots are also used to host a web site on your PC that other users will see when they follow a phishing email sent by you or by other bots participating to the same bot network
* your PC will connect private data sent by others, and will relay it to criminals, so you become complice of crimes and liable for possible damages requested by someone that was stolen woith your help, or by his bank by not acting against the threats. if a judge decides you are complice, you'll have to pay for the financial damages caused to others.


Really, if you were caught several times with Symantec running, forget about using it and use another product. It's also highly probably that you need to learn the basic protection needed by not reading spam and not following links to sites without getting sure that it will link to a legitimate site.

Change your use of the Internet, and forget about following any link found in emails, unless those mails come people that you trust and the content of the email is explaining what is in attachment and your contact said you that he effectively sent you an attachment.

If you're directly attacked, then consider not receiving your emails directly to your PC. Consider redirecting your mails to a mail filtering service that you will subscribe to filter spams and virus... Virus are quite easy to detect and filter out because their signatures are easy to find, and most variants are reated from the same codebase. Very new viruses start at slow pace in a local area where it is detected within the first hours; at that early time, it does not infect lot of people because people are getting and reading their emails quite slowly.

On the opposite, all antivirus companies are using "honey pots" (which are apparently normal email addresses that they create and register on normal ISPs where their customers are located) and the participation of ISPs monitoring the traffic usage spikes (including suspect port scans on many IPs assigned to their customers, or many failures to route and connect to some of their customers because they still did not delegated the IP to a final user). This means that antivirus companies are detecting virus very early, often before most people will open their emails.

Even in that case, there will always remain a few emails that are not filtered out by phishing/spam filters or antivirus tools.

Look at the basic things you should know to defend yourself, and read the Symantec paper (these recommandations are valid for any email user, not only Symante customers). There's lot that can be done only through education of users. They are validated by lots of security agencies.

If you still don't trust Symantec here, look at what other security organisms are saying to defend yourself (also look at papers found here in C|NET Security Center, or at governement sites for homeland security: there are defenses that every one can learn); it's not difficult to learn how to reognize almost all threats, and what you can do on your PC to create other defensive fences.

And well, read the websites that speak about new security issues. As you are discussing here, it's a good start for better knowledge and better security.

Any antivirus will not be as performant as you, because you are certainly smarter than a piece of software which is just here to help you manage most issues (so you'll save time). If this is too diffiult for you, consider externalizing most of the local security to some security providers that highly skilled and will use the most efficient systems to help your defence.

And finally beware that email is not the only input door through which you can be infected. There are trojans also on the web, in many personal blogs (that are insufficiently secured), in some freewares or heap sharewares that increase your security risk or expoe you to new risks (because of their known bugs).
Posted by: PhilippeV   Posted on: 03/20/07 You are currently: a Guest | Members login | Terms of Use
Reply to Story Reply to Message

Alert moderator to an offensive message

Subscribe to this discussion via Email or RSS

what does Symantec know about Viruses  jimmymes | 03/19/07
Then why are using it?  ibabadur1 | 03/19/07
Then why are using it?  ibabadur1 | 03/19/07
If you get caught by virus with Symantec...  PhilippeV | 03/20/07
suggestion and answer  jjarman | 03/21/07
IP blocking by country?  cfortune | 03/21/07
IP blocking by country?  SO.CAL Guy | 04/05/07

What do you think?

SponsoredWhite Papers, Webcasts, and Downloads

advertisement
advertisement

Meet Doc