hummingbird wrote:

> 'Beauregard T. Shagnasty' wrote:
<snippage>
>> So that was a Windows trojan then?
>
> The one in question is called "trojan.systemposer".

That is a nasty one. It's a rootkit as well, and - depending on what
else it downloaded and installed - nearly impossible to get rid of.
Experts suggest you flatten and reinstall to be totally sure you are rid
of everything.

>> Ok, I understand. To become infected, you probably needed to be using
>> a Windows OS,
>
> I use XP-Pro. I have no idea if *nix suffers the same problems. Some
> people say it's more secure, but that's probably because the hackers
> focus on MS s/w.

Linux is not affected. And not because hackers focus on Windows, it's
because they won't be successful targeting Linux. In order to install
anything, my Linux operating system will ask me for my root password.
When that occurs, everything else on the desktop is frozen. All I have
to do is answer [ Cancel ] - if it would ever occur in the first place.
There are no Linux viruses/trojans in the wild, simply because they
can't be reproduced outside a lab.

In order to successfully compromise a Linux PC, you have to be sitting
in front of it.

>> probably Internet Explorer,
>
> I use an IE clone (Avant).

That's an IE shell rather than a clone, so you are still using IE
beneath that shell, with much of the same security issue.

>> probably allowing ActiveX, probably don't have patches to stop
>> malicious iframe redirection (which is quite common on hacked
>> sites). [I guess you meant iframe, rather than a-frame.]
>
> Sorry, yes I meant i-frame.

http://htmlhelp.com/reference/html40...al/iframe.html

> The problem with banning Active-X across the board in IE browsers is
> that some websites simply don't display correctly without it.

There are so few of those sites anymore, and in most cases, you can find
alternative sites for the same information. You could also use Firefox
with the 'simulate ActiveX' extension, which would probably work but be
a lot more secure.

>>> After I got hit by it, I added the URL into my HOSTS file to prevent
>>> myself ever going there again in error.
>>
>> If you got hit by this trojan, then which of the above were you not
>> securing yourself from? Windows/IE/ActiveX/patches/iframes ?
>
> All, but I took immediate to kill it and recovered within an hour.

Some sites about that trojan indicate that an hour might not be long
enough. <g>

> I might add that that was the first time ever I got hit, and that
> is without running AV s/w and not having a lot of browser patches,
> although my browsing security is quite tight.
>
> I read in the thread that you don't use Windows, so you probably
> don't have all these problems. But my earlier point was about them
> affecting a majority of users using Windows.

Sure, almost everyone uses Windows. And the hackers love it because of
all the holes in it. ;-)

--
-bts
-Friends don't let friends drive Windows