From: BillW50 on 22 Apr 2010 15:53 In news:c54kANGIAG0LFwX3(a)bancom.co.uk, tony sayer typed on Thu, 22 Apr 2010 15:41:12 +0100: > In article <hqp98b$4al$1(a)news.eternal-september.org>, BillW50 > <BillW50(a)aol.kom> scribeth thus >> In news:JeoRJdDKBA0LFwXm(a)bancom.co.uk, >> tony sayer typed on Thu, 22 Apr 2010 08:52:42 +0100: >>>> I actually tried this once as a test. Installed the original >>>> Windows 2000 release, no firewall, no anti-virus, nor any updates >>>> back in 2002. Although I had it networked to another computer and >>>> that one was setup to scan the unprotected one. And that was very >>>> interesting. Two servers slipped two viruses on the computer within >>>> 90 seconds and I didn't even access any of those servers. Those >>>> bots finds unprotected computers really fast. Pretty clever! But >>>> not clever enough to fool me. lol >>> >>> Was this -directly- connected to the net, or via a ADSL/Router NAT >>> unit like a lot of people now use?.. >> >> Hi Tony! It was connected up by dial-up. If it had a router >> connected, that never would have happened (well a correctly setup >> router anyway). And the viruses were inert until the user rebooted >> the computer. Then the viruses would install themselves and infect >> the system. >> > > Indeed.. but surely these days would anyone connect -directly- to the > net?. > > Seeing that wireless routers with inbuilt NAT seem to be all the rage > these days?.. Well there are a number of households with only one computer which uses just a ADSL modem to connect. And the ISP assigns them an IP address (usually dynamic) which can be seen from the outside world directly to your computer. And they would have the same problem without a firewall. Cable modem users are on their own little neighborhood network from all I know and they would be safe from random attacks from the outside world. So you are right, but there is still enough users out there that could be still at risk. I don't know, maybe 20 million alone in the US would be my best guess. -- Bill Gateway M465e ('06 era) - Windows XP SP3
From: Barry Watzman on 22 Apr 2010 19:00 There have been a number of studies showing that the mean time before infection of a pre-XP-SP2 computer (fresh install Windows, no other security software, connect to the internet (broadband connection), DO ***NOTHING***, just let it sit with a configured and working IP connection) is less than 5 minutes. This holds for any computer running any version of Windows prior to XP SP2, with no added security software and not running behind a firewall or at least a router with NAT. Most people have no idea how great the risks are. tony sayer wrote: >> I actually tried this once as a test. Installed the original Windows >> 2000 release, no firewall, no anti-virus, nor any updates back in 2002. >> Although I had it networked to another computer and that one was setup >> to scan the unprotected one. And that was very interesting. Two servers >> slipped two viruses on the computer within 90 seconds and I didn't even >> access any of those servers. Those bots finds unprotected computers >> really fast. Pretty clever! But not clever enough to fool me. lol > > Was this -directly- connected to the net, or via a ADSL/Router NAT unit > like a lot of people now use?..
From: Barry Watzman on 22 Apr 2010 19:02 Not all cable modems and DSL routers have an internal router with NAT. Many will still give a single connected computer a public IP address. tony sayer wrote: > > Indeed.. but surely these days would anyone connect -directly- to the > net?. > > Seeing that wireless routers with inbuilt NAT seem to be all the rage > these days?..
From: The Natural Philosopher on 23 Apr 2010 04:52 Barry Watzman wrote: > There have been a number of studies showing that the mean time before > infection of a pre-XP-SP2 computer (fresh install Windows, no other > security software, connect to the internet (broadband connection), DO > ***NOTHING***, just let it sit with a configured and working IP > connection) is less than 5 minutes. > I.e. teh same tim as it takes to laod Windows anyway! Windows IS a virus..
From: Adrian C on 23 Apr 2010 11:26
On 19/04/2010 23:13, BillW50 wrote: > Heck lots of applications write in the Program Folder. Off of the top of > my head, instant messengers (which stores the chat logs there), > anti-virus software (which updates the virus database there), Microsoft > Office (which stores saved templates there), Faststone Capture (stores > saved screen shots there), etc. Well, not any more ... UAC File & Registry Virtualization sends the actual writes (and eventual reads) somewhere else. It's a process that mostly works if all applications are fooled by the redirection. Doesn't always work though :-( Like last week installing Apache on Vista I found Apache had set the documents directory 'htdocs' straight in the midst of 'Program Files' and steadfastly served http from that location. Copying web files there from my editor program (Eclipse) was futile, they disapear somewhere else and Apache never got the chance to serve them. The workaround was to configure Apache to support the htdocs folder relocated somewhere else, and keep UAC active. I won't turn that off. -- Adrian C |