FAO David H lipman

Discussion in 'Virus Information' started by RJK, Sep 2, 2006.

  1. RJK

    RJK Guest

    ....please find your multi-av logs you were interested in seeing on my free
    webspace:-
    http://www.rk73.wanadoo.co.uk

    ....regards, Richard
     
    RJK, Sep 2, 2006
    #1
    1. Advertisements

  2. RJK

    RJK Guest

    oops, I think I'll take them down, just noticed there's email addresses is
    them !
    ....will email them.


    regards, Richard
     
    RJK, Sep 2, 2006
    #2
    1. Advertisements

  3. RJK

    RJK Guest

    "in them" even !!!

    regards, Richard


     
    RJK, Sep 2, 2006
    #3
  4. From: "RJK" <>

    | "in them" even !!!
    |
    | regards, Richard
    |

    ZIP them and attach them here or post them in;
    alt.binaries.comp.virus
     
    David H. Lipman, Sep 2, 2006
    #4
  5. RJK

    p00lb0y Guest

    David:

    Would you provide a complete list, or perhaps at least yours, of the
    newsgroups that are pertinent to security, both Microsoft and public?

    Also, any list of web links you trust and frequent would be appreciated.

    I would like to learn more and I believe you can accelerate this process.

    TIA,

    p00lb0y
     
    p00lb0y, Sep 2, 2006
    #5
  6. RJK

    RJK Guest

    Thnx for your email, those multi-av logs were indeed interesting !! I don't
    intend leaving his hd as it was, indeed I'm am currently zero filling his
    80gb 6Y080L0 hd via the "low level format" PowerMax (Maxtor) CaleraDOS /
    boot-floppy utility prog. ... I wonder why they still call it a low-level
    format when it's not really that any more ?

    ....to summarise, KW had, (in frustration and unbeknownst to me - apparantly
    MONTHS ago!), uninstalled NIS because a certain web site wouldn't script in
    a IE6 window, and he had not switched on XP's firewall as a replacement -
    and then he'd installed AVG free, thinking that was all that was needed as a
    replacement for NIS ! In other words he didn't know the difference between
    a firewall and a/v programs. REALLY annoying that was because I had in the
    past REPEATEDLY explained the function and difference between a firewall and
    a/v programSSSSSSSSSSS !!!!!!!!!!! ...the more I ponder on that, the more
    annoyed I become, WHY do I take so much time to explain things to people,
    (in REALLY simple terms and yet they simply don't grasp what I've taken
    great effort to explain, ...at great length), when that effort seems to have
    been in vain ? !!! ...too tired to correct all that bad grammar and
    punctuation in that lot !

    I think that as punishment, after I've reinstalled everything, and tweaked
    up some security layers and settings in IE6 for him, I'll subscribe him to
    EWIDO and make him pay for it !! ...I like my Ewido, reccomended by
    yourself some time ago but, feel distinctly uneasy about the .cz at the
    end of EWIDO web details / addresses! I wonder if Czeckoslovakians are a
    security time-bomb ?

    regards, Richard
     
    RJK, Sep 3, 2006
    #6
  7. RJK AKA in microsoft.public.security.virus on
    9/2/2006,after much thought,came up with this jewel:

    Do KW a favour(not punish) and take him to the store,purchase a router
    and configure it's firewall for him.And while your at it make him buy
    NOD32 along with EWIDO.Perhaps if he spends enough he will begin to
    understand.......

    max
    --
    Playing Nice on Usenet:
    http://oakroadsystems.com/genl/unice.htm#xpost
    My Pages:
    Virus Removal Instructions
    http://home.neo.rr.com/manna4u/
    Keeping Windows Clean
    http://home.neo.rr.com/manna4u/keepingclean.html
    Windows Help and Tools
    http://home.neo.rr.com/manna4u/tools.html
    Change nomail.afraid.org to gmail.com to reply.
    nomail.afraid.org is setup specifically for use in USENET
    Feel free to use it yourself.
     
    What's in a Name?, Sep 3, 2006
    #7
  8. From: "What's in a Name?" <>


    |
    | Do KW a favour(not punish) and take him to the store,purchase a router
    | and configure it's firewall for him.And while your at it make him buy
    | NOD32 along with EWIDO.Perhaps if he spends enough he will begin to
    | understand.......
    |
    | max

    A Router may help. The infectors were BOTs and could have taken advantage of OS
    vulnerabilities to infect the platform.
     
    David H. Lipman, Sep 3, 2006
    #8
  9. From: "p00lb0y" <>


    | David:
    |
    | Would you provide a complete list, or perhaps at least yours, of the
    | newsgroups that are pertinent to security, both Microsoft and public?
    |
    | Also, any list of web links you trust and frequent would be appreciated.
    |
    | I would like to learn more and I believe you can accelerate this process.
    |
    | TIA,
    |
    | p00lb0y


    Oy Vay !

    You don't REALLY need that do you ?
     
    David H. Lipman, Sep 3, 2006
    #9
  10. RJK

    Guest Guest

    A bit of advice here from a former teacher:

    How often to you hear from customers / users who DO understand your
    explanations, and DO know the difference between a Firewall and an
    Anti-Virus program? Probably not too often -- because they follow
    your advice and don't return to you with a computer filled to the
    gills with malware.

    Please don't change just because some of your customers fail to listen
    or understand. Keep on giving those good, simple, explanations.
    There are many, many of us who appreciate it and follow it.

    Don't punish him. But do base your computer help on his inability to
    understand or follow your prior advice. So install something he can't
    defeat, if possible.

    Good luck.

    Awaiting your responses with baited breath, I remain, yours truly,
    <*(((>< ~~~
    ~~~~~~~~~~~
     
    Guest, Sep 3, 2006
    #10
  11. It happens.

    The real question is why does MS duhafult so often such that a trained
    sysadmin's life is easier because he doesn't have to change a setting,
    while newbies have to know how to change the setting to be safe?

    Think; hiding file name extensions, auto-rebooting on errors, firewall
    off by duhfault in XP prior to SP2, etc.
    I don't see why they should be, unless you p1ss them off ;-)

    Is .cz still Czech and Slovakia, or is .sl Slovakia?

    BTW, I agree with you about Ewido, it rocks. AFAIK it's German, but
    has been bought out by AVG. I prefer AVG to Norton, but then I'd
    prolly prefer a soldering iron in my eye to Norton too


    Drugs are usually safe. Inject? (Y/n)
     
    cquirke (MVP Windows shell/user), Sep 9, 2006
    #11
  12. I do the following on all consumer PCs I build:
    - XP SP2, no earlier XP
    - kill hidden admin shares
    - kill restart on system errors
    - kill restart on RPC failures
    - enable RC Set commands
    - show file name extensions
    - show all files and system folders (controversial)
    - disable 3rd-party browser enhancements in IE
    - disable both "install on demand"
    - disable WSH and MS Office macros
    - unless on LAN, block F&PS
    - insist on NAT router for ADSL, set up as router
    - kill WiFi, unless essential; if essential, require WPA
    - install Spyware Blaster and apply protections
    - locate all incoming material OUT of "My Documents"
    - Eudora instead of OE/Outlook, set up as above

    Then, whenever I see the system:
    - uninstall Sun JRE and replace with newest version
    - upgrade Firefox, Winamp, Acrobat Reader if present
    - check XP update status
    - check settings status


    Drugs are usually safe. Inject? (Y/n)
     
    cquirke (MVP Windows shell/user), Sep 9, 2006
    #12
  13. From: "cquirke (MVP Windows shell/user)" <>

    | On Sun, 3 Sep 2006 14:13:57 -0400, "David H. Lipman"
    |
    | I do the following on all consumer PCs I build:
    | - XP SP2, no earlier XP
    | - kill hidden admin shares
    | - kill restart on system errors
    | - kill restart on RPC failures
    | - enable RC Set commands
    | - show file name extensions
    | - show all files and system folders (controversial)
    | - disable 3rd-party browser enhancements in IE
    | - disable both "install on demand"
    | - disable WSH and MS Office macros
    | - unless on LAN, block F&PS
    | - insist on NAT router for ADSL, set up as router
    | - kill WiFi, unless essential; if essential, require WPA
    | - install Spyware Blaster and apply protections
    | - locate all incoming material OUT of "My Documents"
    | - Eudora instead of OE/Outlook, set up as above
    |
    | Then, whenever I see the system:
    | - uninstall Sun JRE and replace with newest version
    | - upgrade Firefox, Winamp, Acrobat Reader if present
    | - check XP update status
    | - check settings status
    |


    I wouldn't cripple the PC by killing off admin shares. They come in handy. But then again,
    WinXP HE doesn't have admin shares to begin with.
     
    David H. Lipman, Sep 9, 2006
    #13
  14. It doesn't cripple the PC (I've yet to see something that doesn't work
    because they were disabled), though it can impact on network
    management, so sysadmins may not want to do this.
    For network management, maybe. But if there's no network and/or no
    network manager, then they're 0 benefit, n risk.... when benefit = 0,
    even small values for n are enough to tilt the scales.
    True. With a blank password, neither does Pro, but the risk is that
    users will use a weak password (e.g. to get Tasks to work, if they
    don't want to use the SP2 "run only when logged on" approach)


    Drugs are usually safe. Inject? (Y/n)
     
    cquirke (MVP Windows shell/user), Sep 9, 2006
    #14
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.