On CBS MoneyWatch: 5 Holiday Shopping Tips
BNET Business Network:
BNET
TechRepublic
ZDNet
TalkBack 39 of 79:
Next »
« Previous
It saved me
When I was infected by the Russian org crime trojan in the end of June (IIS/IE JS exploit). My first sign of a break in was when Notepad, and then Wmplayer wanted to send data to an IP in St Petersburg owned by "sovintel.ru". I didn't see any good that could happen from notepad surfing the web, so I didn't allow it and started investigating what was going on. It was a good thing too, because over a week later Trend Micro still didn't recognize it.

Still, I'm guessing you know much more about the technical side of this than I do:

"Once hostile code has gained root access to your system, you've already lost. Any firewall can be easily disabled or cicumvented with only a few lines of code."

Is this the case even if you aren't logged in as an admin? If this is true, this is what MS should be working on; providing hooks to ensure SW firewalls and AV can't be disabled by software without user confirmation. They should be helping the AV and firewall vendors, not running them out of business.
Posted by: enduser_z   Posted on: 08/09/04 You are currently: a Guest | Members login | Terms of Use
Reply to Story Reply to Message

Alert moderator to an offensive message

Subscribe to this discussion via Email or RSS

MS sees the light!  enduser_z | 08/08/04
Outbound blocking  Jomo_z | 08/09/04
There is NO WAY to make Windoze secure !  realitycheck101 | 08/08/04
You're right ..  worknman | 08/09/04
Ech..  sshreve@... | 08/11/04
You're right, but...  friedcow | 08/09/04
"UNIX is basically a simple operating system, but you have to be a genius t  bsfisher | 08/09/04
Sure there is...  rbochan | 08/09/04
You guys are forgetting...  ollie_z | 08/09/04
Not just home users  Anton Philidor | 08/09/04
Windows Security  gsquared | 08/09/04
Nope...  Linux User 147560 | 08/09/04
Arrogance or ignorance? BOTH  Squawkbox | 08/08/04
seems you missed the point  zijiang | 08/08/04
Good point HOWEVER  Squawkbox | 08/09/04
Hope you mean metaphorical rats  Anton Philidor | 08/09/04
Yes Yes metaphorical rats  Squawkbox | 08/09/04
MS has different requirements than 3rd party vendors  dsnyder_z | 08/09/04
Thanks NOW I understand, that is why I asked  Squawkbox | 08/09/04
Processes  sshreve@... | 08/11/04
Ironic comments  Nigel Johnstone | 08/09/04
Incremental security step  Anton Philidor | 08/09/04
No mention of hardware firewalls  wdlists@... | 08/09/04
There you go with that common sense approach again.  No_Ax_to_Grind | 08/09/04
Why not hardware.  donford74@... | 08/17/04
Why outbound blocking is so important  friedcow | 08/09/04
It is "game over"  toadlife | 08/09/04
Answer this then  Taz_z | 08/09/04
Answers  toadlife | 08/09/04
Good answers  Taz_z | 08/09/04
easy  tamuhockey | 08/09/04
I hadn't thought of that.  enduser_z | 08/09/04
Not sure, but I don't think so.  tamuhockey | 08/10/04
Why outbound blocking gives a false sense of security  johnrich | 08/13/04
The "Outbound blocking" myth rears it's ugly head again  toadlife | 08/09/04
Mostly wrong  Taz_z | 08/09/04
All I'm saying is that outbound blocking is an overblown feature  toadlife | 08/09/04
All good answers  Taz_z | 08/09/04
It saved me  enduser_z | 08/09/04
admin is needed  toadlife | 08/09/04
Damned if they do, damned if they don't.  No_Ax_to_Grind | 08/09/04
But half-a$$ed works  Anton Philidor | 08/09/04
Al about persecption.  No_Ax_to_Grind | 08/09/04
"... great ..."?  Anton Philidor | 08/09/04
Who said anything about selling it?  No_Ax_to_Grind | 08/09/04
You're right; I left out a step.  Anton Philidor | 08/09/04
Except IE an WMP aren't free  voska | 08/09/04
Re:Except IE an WMP aren't free  Michael L Hereid Sr | 08/15/04
Amen, Brother Ax!  ollie_z | 08/09/04
One problem, I don't trust MS  voska | 08/09/04
come again?  tamuhockey | 08/09/04
RE: Microsoft is the reason we need AV software  Scrat | 08/12/04
Forget Windoze, you Lindoze instead  FilledOut | 08/09/04
ANTI-TRUST around the corner?  No_Ax_to_Grind | 08/09/04
Hmmm, and not a single responce.  No_Ax_to_Grind | 08/09/04
Anti-Trust  blacksheepxlch1 | 08/09/04
Because we all know your right  voska | 08/09/04
UNIX  bsfisher | 08/09/04
It is almost funny!  blacksheepxlch1 | 08/09/04
firewalls  half@... | 08/09/04
Outbound filtering is overrated!  omdguy | 08/09/04
Not that good at all!  htotten | 08/09/04
Sorry, but  richdave | 08/09/04
UNIX hard to use? errm SCO has run on a lot of tills (and so does linux)  hipparchus2000 | 08/09/04
elbow / butt label co-ordination problem.  richdave | 08/09/04
Not perfect, but much better than the alternative.  JonathonDoe | 08/10/04
Competition, no; enterprise/user satisfaction, yes.  Anton Philidor | 08/10/04
it is a freebe firewall  V Sanders | 08/10/04
Ironically this motto  michael-t | 08/10/04
Consiracy Theory  noetze | 08/12/04
Better than nothing... maybe!  jwschull@... | 08/12/04
The average user is the problem.  rwire@... | 08/12/04
hooray!  CheeseToast | 08/13/04
Long Way To Go  isowipe | 08/12/04
Educating the public  Chiatzu | 08/13/04
If they blocked outbound then...  msdead | 08/13/04
ABS FUD  ArturoWeenie | 08/15/04
re "SP2's new firewall: Not good enough"  V Sanders | 08/16/04
Windows Firewall(XP sp2)  coolone1232001 | 12/08/04

What do you think?

SponsoredWhite Papers, Webcasts, and Downloads

advertisement
advertisement

SmartPlanet

Click Here