From: RayLopez99 on
On Mar 23, 11:36 pm, "FromTheRafters" <erra...(a)nomail.afraid.org>
wrote:
> "RayLopez99" <raylope...(a)gmail.com> wrote in message
>
> news:c6895e3d-0dc9-4a01-92c8-4866bf57485c(a)e1g2000yqh.googlegroups.com...
>
> But so far nobody has proved that viruses are a serious problem in
> Windows.
>
> ***
> Viruses are rare (unless you are in the "all worms are viruses" camp).
> *Malware* is a serious problem in Windows.
> ***

Seems you know what you are talking about, unlike the vast majority in
COLA (linux group).

What do you see as "malware" in Windows that's a serious problem?
(I'm not arguing, just asking since I'm curious). Stuff like toolbars
that are always being asked to be installed in your browser, that
would require user input to be installed? Or stuff automatically
installed? Or something else?

RL
From: RayLopez99 on
On Mar 24, 12:20 am, Leythos <spam999f...(a)rrohio.com> wrote:
> In article <2b3461cc-d2b5-46c0-9fa3-32fd26e1418a@
> 33g2000yqj.googlegroups.com>, raylope...(a)gmail.com says...
>
>
> RL, you seem to be a combative personality type based on your posts.
>

Projection noted.

> Many people that do REAL work use IM all over the planet, many
> development teams, support teams, etc...

I suppose if you are in sales. Development teams? Why? Except for
group online meetings, and even, then (Skype video is better) I would
think email is better...but perhaps you're right.

>
> What you seem to be missing is the concept of how malware is spread on
> windows machines - exploits and social engineering as well as drive-by
> web attacks. Like many malware spread via IM, Facebook, email, they all
> appear to be legit attachments, files, links, until you inspect them and
> for most people that's too late.

Fine. THEORY. Give me a real work EXAMPLE Leythos.

>
> I've already proven

HA HA HA. A comedian. A combative comedian. Andrew Dice Clay your
show name?


> that having an Antivirus solution doesn't protect
> you in all cases. We've all, at least those of us that run IT companies,
> have seen exploits get past "Local User" accounts, such as the SQL
> injection ones....

BU LL S H IT. Now you've become the "Rex Ballard" of C.O.L.A. SQL
injection attacks are ancient history and obsolete, due to the way
commands are entered, parametrically, in ADO.NET (Windows database
language). I know, as I code. Any other falsehoods you care to
share?


>
> So, running as a local user, with any version of anti-virus software
> from any vendor, all patches installed from MS, I've seen, first hand,
> hundreds of Windows WP and now Vista/Win 7 computers compromised.

Nope. You have not seen. What you've seen (and I've seen this too) is
a corporation get infected because a user installed a virus by
mistake, and sent it around to co-workers (typically via email) who
did not have the latest AV patches installed on their machines.
Corporations use old hardware and software and are often behind the
times in Safe Hex.

>
> Oh, and most of those computers were not using IM, didn't even have it
> installed.
>

Oh, really? Oh. Doubtful. How did they get infected then?

RL
From: RayLopez99 on
On Mar 24, 12:26 am, Leythos <spam999f...(a)rrohio.com> wrote:

> HA HA HA - and yet it just about shutdown internet use for days in many
> locations.
>
> You really didn't look very long or hard, it's one of the largest events
> in the history of the internet.
>
> http://en.wikipedia.org/wiki/SQL_slammer_%28computer_worm%29


Proves my point: a zero day attack and when did this happen? 05:30
UTC on January 25, 2003.

Ancient history, like your name.

Goodbye Leythos (sounds Greek to me!)

RL
From: Lusotec on
RayLopez99 wrote:
> Leythos wrote:
>> HA HA HA - and yet it just about shutdown internet use for days in many
>> locations.
>>
>> You really didn't look very long or hard, it's one of the largest events
>> in the history of the internet.
>>
>> http://en.wikipedia.org/wiki/SQL_slammer_%28computer_worm%29
>
> Proves my point: a zero day attack and when did this happen? 05:30
> UTC on January 25, 2003.

It was *not* a zero day attack. The vulnerability was known and a patch was
available a good number of months prior to the attack. Learn the terminology
before posting.

Any way, for a virus to stop these kinds of attacks (remote buffer overruns)
it would have to filter the network traffic, and that is impractical for any
server with significant traffic.

Regards.

From: Lusotec on
RayLopez99 wrote:
> Leythos wrote:
>> that having an Antivirus solution doesn't protect
>> you in all cases. We've all, at least those of us that run IT companies,
>> have seen exploits get past "Local User" accounts, such as the SQL
>> injection ones....
>
> BU LL S H IT. Now you've become the "Rex Ballard" of C.O.L.A. SQL
> injection attacks are ancient history and obsolete, due to the way
> commands are entered, parametrically, in ADO.NET (Windows database
> language). I know, as I code. Any other falsehoods you care to
> share?

SQL injection vulnerabilities (and attacks) are very common, very current,
and will continue to be for the foreseeable future, much like other kinds of
vulnerabilities.

Do you really think that just by using ADO.NET you have eliminated the
possibility for SQL injection vulnerabilities? Are you that clueless?!

Just because a database access framework like ADO.NET allows for
parametrized queries does not mean that everyone uses them correctly all the
time, or uses them at all.

Regards.