From: FromTheRafters on
"Jenn" <nope(a)noway.atnohow.anyday> wrote in message
news:hs6tsp$tsc$1(a)news.eternal-september.org...

[...]

> I thought I got out of the malvertizement before it got me... Is
> there a way to avoid such things?

Not really, it is the way the web works (both for the advertising and
the redirects). These things rely on exploiting human nature or software
vulnerabilities. If you could only keep all software fully up-to-date at
all times and fully close the 0-day effect, then you could avoid *bad*
websites having any effect on you automatically. Then it is just a
matter of recognizing the social engineering displayed by the *bad*
website as such and prevent its having success by enlisting your
cooperation (your computer is so riddled with malware that there's
hardly room for the desktop, we can help you if you download and execute
this nifty program...then ...if you want your computer back...$$$).

If you've got scripting enabled while surfing, and a messagbox looking
gizmo appears saying your computer is infected, you can't even trust the
"X" in the corner. You must use the task manager to end the session, or
go through the fake scan. I usually just ignore the things and let them
collect in the tray. They go away when I end the browsing session
anyway.

If you are the curious type, you can use the task manager to "maximize"
the box and then read the IP address from the address bar. You can
copy/paste that address if you go offline and invoke the fake scan (the
box retains focus otherwise).


From: Jenn on

"FromTheRafters" <erratic(a)nomail.afraid.org> wrote in message
news:hs7fdj$762$1(a)news.eternal-september.org...
> "Jenn" <nope(a)noway.atnohow.anyday> wrote in message
> news:hs6tsp$tsc$1(a)news.eternal-september.org...
>
> [...]
>
>> I thought I got out of the malvertizement before it got me... Is there a
>> way to avoid such things?
>
> Not really, it is the way the web works (both for the advertising and the
> redirects). These things rely on exploiting human nature or software
> vulnerabilities. If you could only keep all software fully up-to-date at
> all times and fully close the 0-day effect, then you could avoid *bad*
> websites having any effect on you automatically. Then it is just a matter
> of recognizing the social engineering displayed by the *bad* website as
> such and prevent its having success by enlisting your cooperation (your
> computer is so riddled with malware that there's hardly room for the
> desktop, we can help you if you download and execute this nifty
> program...then ...if you want your computer back...$$$).
>
> If you've got scripting enabled while surfing, and a messagbox looking
> gizmo appears saying your computer is infected, you can't even trust the
> "X" in the corner. You must use the task manager to end the session, or go
> through the fake scan. I usually just ignore the things and let them
> collect in the tray. They go away when I end the browsing session anyway.
>
> If you are the curious type, you can use the task manager to "maximize"
> the box and then read the IP address from the address bar. You can
> copy/paste that address if you go offline and invoke the fake scan (the
> box retains focus otherwise).


... so you're saying to just do control-alt-delete to get to the task manager
and end the browser session... when the browser is closed you can get to
your malware prog to run it?
--
Jenn (from Oklahoma)


From: FromTheRafters on
"Jenn" <nope(a)noway.atnohow.anyday> wrote in message
news:hs804r$s95$1(a)news.eternal-september.org...
>
> "FromTheRafters" <erratic(a)nomail.afraid.org> wrote in message
> news:hs7fdj$762$1(a)news.eternal-september.org...
>> "Jenn" <nope(a)noway.atnohow.anyday> wrote in message
>> news:hs6tsp$tsc$1(a)news.eternal-september.org...
>>
>> [...]
>>
>>> I thought I got out of the malvertizement before it got me... Is
>>> there a way to avoid such things?
>>
>> Not really, it is the way the web works (both for the advertising and
>> the redirects). These things rely on exploiting human nature or
>> software vulnerabilities. If you could only keep all software fully
>> up-to-date at all times and fully close the 0-day effect, then you
>> could avoid *bad* websites having any effect on you automatically.
>> Then it is just a matter of recognizing the social engineering
>> displayed by the *bad* website as such and prevent its having success
>> by enlisting your cooperation (your computer is so riddled with
>> malware that there's hardly room for the desktop, we can help you if
>> you download and execute this nifty program...then ...if you want
>> your computer back...$$$).
>>
>> If you've got scripting enabled while surfing, and a messagbox
>> looking gizmo appears saying your computer is infected, you can't
>> even trust the "X" in the corner. You must use the task manager to
>> end the session, or go through the fake scan. I usually just ignore
>> the things and let them collect in the tray. They go away when I end
>> the browsing session anyway.
>>
>> If you are the curious type, you can use the task manager to
>> "maximize" the box and then read the IP address from the address bar.
>> You can copy/paste that address if you go offline and invoke the fake
>> scan (the box retains focus otherwise).
>
>
> .. so you're saying to just do control-alt-delete to get to the task
> manager and end the browser session... when the browser is closed you
> can get to your malware prog to run it?

In most cases, ending the session is the way to avoid *that* malware
altogether. If you try to close the box by any other method you are
taken to the exploit site and exposed to the actual malware. If you have
already experienced the 'fake scan' then it is too late to end the
session to avoid the exposure.


From: Dustin Cook on
ASCII <me2(a)privacy.net> wrote in news:4be7fbdf.606390(a)EDCBIC:

> FromTheRafters wrote:
>>If you have
>>already experienced the 'fake scan' then it is too late to end the
>>session to avoid the exposure.
>
> 'Exposure' that's totally inert if your system isn't vulnerable.
> It's almost amusing the lengths some folk will go to,
> to avoid hardening their system.
> FWIW: I have invoked the fake (js applet) scan yet still nothing
> happens, unless my woes are so severe that even RaiD's application
> can't detect any.
>

Ascii, My app hasn't had a database update in nearly 2 years. I hope your
not relying on BugHunter alone. :)


--
"Hrrngh! Someday I'm going to hurl this...er...roll this...hrrngh.. nudge
this boulder right down a cliff." - Goblin Warrior

From: FromTheRafters on
"Dustin Cook" <bughunter.dustin(a)gmail.com> wrote in message
news:Xns9D74EB60FC369HHI2948AJD832(a)69.16.185.247...

> Ascii, My app hasn't had a database update in nearly 2 years. I hope
> your
> not relying on BugHunter alone. :)

He probably never gets anything for it to look at anyway.


First  |  Prev  | 
Pages: 1 2 3 4 5
Prev: antivir za win98
Next: Ping: David Kaye