Free vs paid

[gaz]

FromTheRafters wrote:
> Li'l Abner wrote:
>> I have a customer whose hard drive failed and I have now reinstalled
>> WIndows 7 on a new drive.
>>
>> His provider is HughesNet. They have him on a plan where he has a
>> ZoneAlarm Security Suite of some kind or another that is supposed to
>> protect him from everything. But they are charging him $3.95 a month
>> for it. He has never had malware problems and is not a risky surfer. He
>> is a
>> mule addict and practically every site he visits has to do with
>> mules... :-) I have suggested installing the free version of Avira or
>> Avast, or
>> Microsoft Security Essentials.
>>
>> Does he even need a firewall other than the Windows firewall? If so,
>> I could always install the free version of ZoneAlarm.
>>
>> Or should I just reinstall the ZA Suite and let him keep paying?
>>
>> Personally, I use the free version of Avira and the paid version of
>> MBAM which runs resident. It's rare that either ever detects
>> anything and I live a helluva lot more dangerous than my customer :-)
>>
> Avira and the firewall that came with Windows 7 is just fine IMO.

Which provides close to zero protection against the most common type of
current infections, the rogue security software installers.

[FromTheRafters]

gaz wrote:
> FromTheRafters wrote:
>> Li'l Abner wrote:
>>> I have a customer whose hard drive failed and I have now reinstalled
>>> WIndows 7 on a new drive.
>>>
>>> His provider is HughesNet. They have him on a plan where he has a
>>> ZoneAlarm Security Suite of some kind or another that is supposed to
>>> protect him from everything. But they are charging him $3.95 a month
>>> for it. He has never had malware problems and is not a risky surfer. He
>>> is a
>>> mule addict and practically every site he visits has to do with
>>> mules... :-) I have suggested installing the free version of Avira or
>>> Avast, or
>>> Microsoft Security Essentials.
>>>
>>> Does he even need a firewall other than the Windows firewall? If so,
>>> I could always install the free version of ZoneAlarm.
>>>
>>> Or should I just reinstall the ZA Suite and let him keep paying?
>>>
>>> Personally, I use the free version of Avira and the paid version of
>>> MBAM which runs resident. It's rare that either ever detects
>>> anything and I live a helluva lot more dangerous than my customer :-)
>>>
>> Avira and the firewall that came with Windows 7 is just fine IMO.
>
> Which provides close to zero protection against the most common type of
> current infections, the rogue security software installers.

The idea is to not install them. If you go around installing malware, no
firewall is going to save you.

[David H. Lipman]

From: "FromTheRafters" <erratic@nomail.afraid.org>

>>
>> Which provides close to zero protection against the most common type of
>> current infections, the rogue security software installers.
>
> The idea is to not install them. If you go around installing malware, no firewall is
> going to save you.

The vast majority use Social Engineering which is the human exploit.


--
Dave
Multi-AV Scanning Tool - http://www.pctipp.ch/downloads/dl/35905.asp

[FromTheRafters]

David H. Lipman wrote:
> From: "FromTheRafters"<erratic@nomail.afraid.org>
>
>>>
>>> Which provides close to zero protection against the most common type of
>>> current infections, the rogue security software installers.
>>
>> The idea is to not install them. If you go around installing malware, no firewall is
>> going to save you.
>
> The vast majority use Social Engineering which is the human exploit.
>
Depending on what gets downloaded, the firewall is
already defeated.

I think gaz was implying that you need a better
firewall to detect lame 'phone home' attempts.
I am of the opinion that you've already lost the
race when you have malware running behind the
firewall.

[David H. Lipman]

From: "FromTheRafters" <erratic@nomail.afraid.org>

> David H. Lipman wrote:
>> From: "FromTheRafters"<erratic@nomail.afraid.org>
>>
>>>> Which provides close to zero protection against the most common type of
>>>> current infections, the rogue security software installers.
>>>
>>> The idea is to not install them. If you go around installing malware, no firewall is
>>> going to save you.
>>
>> The vast majority use Social Engineering which is the human exploit.
>>
> Depending on what gets downloaded, the firewall is
> already defeated.
>
> I think gaz was implying that you need a better
> firewall to detect lame 'phone home' attempts.
> I am of the opinion that you've already lost the
> race when you have malware running behind the
> firewall.

Yes. The only hope is that the FireWall detects unusual outgoing packets and blocks
it/them.


--
Dave
Multi-AV Scanning Tool - http://www.pctipp.ch/downloads/dl/35905.asp

[Shadow]

On Tue, 7 Jun 2011 21:11:45 -0400, "David H. Lipman"
<DLipman~nospam~@Verizon.Net> wrote:

>From: "FromTheRafters" <erratic@nomail.afraid.org>
>
>> David H. Lipman wrote:
>>> From: "FromTheRafters"<erratic@nomail.afraid.org>
>>>
>>>>> Which provides close to zero protection against the most common type of
>>>>> current infections, the rogue security software installers.
>>>>
>>>> The idea is to not install them. If you go around installing malware, no firewall is
>>>> going to save you.
>>>
>>> The vast majority use Social Engineering which is the human exploit.
>>>
>> Depending on what gets downloaded, the firewall is
>> already defeated.
>>
>> I think gaz was implying that you need a better
>> firewall to detect lame 'phone home' attempts.
>> I am of the opinion that you've already lost the
>> race when you have malware running behind the
>> firewall.
>
>Yes. The only hope is that the FireWall detects unusual outgoing packets and blocks
>it/them.
The only malware I ever ran on my PC was picked up by kerio
2.1.5 the next day, when it tried to phone home. Antivirus firms took
up to a month to add it to their databases. I had to remove it
manually.
[]'s

[David H. Lipman]

From: "Shadow" <Sh@dow.br>

> On Tue, 7 Jun 2011 21:11:45 -0400, "David H. Lipman"
> <DLipman~nospam~@Verizon.Net> wrote:
>
>> From: "FromTheRafters" <erratic@nomail.afraid.org>
>>
>>> David H. Lipman wrote:
>>>> From: "FromTheRafters"<erratic@nomail.afraid.org>
>>>>
>>>>>> Which provides close to zero protection against the most common type of
>>>>>> current infections, the rogue security software installers.
>>>>>
>>>>> The idea is to not install them. If you go around installing malware, no firewall is
>>>>> going to save you.
>>>>
>>>> The vast majority use Social Engineering which is the human exploit.
>>>>
>>> Depending on what gets downloaded, the firewall is
>>> already defeated.
>>>
>>> I think gaz was implying that you need a better
>>> firewall to detect lame 'phone home' attempts.
>>> I am of the opinion that you've already lost the
>>> race when you have malware running behind the
>>> firewall.
>>
>> Yes. The only hope is that the FireWall detects unusual outgoing packets and blocks
>> it/them.
> The only malware I ever ran on my PC was picked up by kerio
> 2.1.5 the next day, when it tried to phone home. Antivirus firms took
> up to a month to add it to their databases. I had to remove it
> manually.
> []'s

Which "Antivirus firms took up to a month to add it to their databases" ?


--
Dave
Multi-AV Scanning Tool - http://www.pctipp.ch/downloads/dl/35905.asp

[gaz]

FromTheRafters wrote:
> David H. Lipman wrote:
>> From: "FromTheRafters"<erratic@nomail.afraid.org>
>>
>>>>
>>>> Which provides close to zero protection against the most common
>>>> type of current infections, the rogue security software installers.
>>>
>>> The idea is to not install them. If you go around installing
>>> malware, no firewall is going to save you.
>>
>> The vast majority use Social Engineering which is the human exploit.
>>
> Depending on what gets downloaded, the firewall is
> already defeated.
>
> I think gaz was implying that you need a better
> firewall to detect lame 'phone home' attempts.
> I am of the opinion that you've already lost the
> race when you have malware running behind the
> firewall.

I was thinking more, a security product that can stop these installations.
Avira is an excellent anti virus, but, like all the other anti virus and
internet security products seem to be unable to stop even malware products
which are months old.

As others have mentioned, probably a paid for malwarebytes is necessary. At
least they are quick to get on top of these infections.

[FromTheRafters]

gaz wrote:
> FromTheRafters wrote:
>> David H. Lipman wrote:
>>> From: "FromTheRafters"<erratic@nomail.afraid.org>
>>>
>>>>>
>>>>> Which provides close to zero protection against the most common
>>>>> type of current infections, the rogue security software installers.
>>>>
>>>> The idea is to not install them. If you go around installing
>>>> malware, no firewall is going to save you.
>>>
>>> The vast majority use Social Engineering which is the human exploit.
>>>
>> Depending on what gets downloaded, the firewall is
>> already defeated.
>>
>> I think gaz was implying that you need a better
>> firewall to detect lame 'phone home' attempts.
>> I am of the opinion that you've already lost the
>> race when you have malware running behind the
>> firewall.
>
> I was thinking more, a security product that can stop these installations.
> Avira is an excellent anti virus, but, like all the other anti virus and
> internet security products seem to be unable to stop even malware products
> which are months old.
>
> As others have mentioned, probably a paid for malwarebytes is necessary. At
> least they are quick to get on top of these infections.

For AV it used to be a case of which one can, and which cannot, detect a
certain virus. With simple trojans running rampant, it comes down to who
can react the fastest and get detectability to the customer quickly.
Nevermind that the trojan will be morphed into a different form the very
next day.

[Dustin]

FromTheRafters <erratic@nomail.afraid.org> wrote in
news:isols7$itq$1@dont-email.me:

> gaz wrote:
>> FromTheRafters wrote:
>>> David H. Lipman wrote:
>>>> From: "FromTheRafters"<erratic@nomail.afraid.org>
>>>>
>>>>>>
>>>>>> Which provides close to zero protection against the most common
>>>>>> type of current infections, the rogue security software
>>>>>> installers.
>>>>>
>>>>> The idea is to not install them. If you go around installing
>>>>> malware, no firewall is going to save you.
>>>>
>>>> The vast majority use Social Engineering which is the human
>>>> exploit.
>>>>
>>> Depending on what gets downloaded, the firewall is
>>> already defeated.
>>>
>>> I think gaz was implying that you need a better
>>> firewall to detect lame 'phone home' attempts.
>>> I am of the opinion that you've already lost the
>>> race when you have malware running behind the
>>> firewall.
>>
>> I was thinking more, a security product that can stop these
>> installations. Avira is an excellent anti virus, but, like all the
>> other anti virus and internet security products seem to be unable
>> to stop even malware products which are months old.
>>
>> As others have mentioned, probably a paid for malwarebytes is
>> necessary. At least they are quick to get on top of these
>> infections.
>
> For AV it used to be a case of which one can, and which cannot,
> detect a certain virus. With simple trojans running rampant, it
> comes down to who can react the fastest and get detectability to the
> customer quickly. Nevermind that the trojan will be morphed into a
> different form the very next day.

Forget the very next day, try the very next download. server side poly.


--
Why drink the water from my hand?
Contagious as you think I am
Just tilt my sun towards your domain
Your cup runneth over again