Hackers seed Web sites to infiltrate PCs

http://www.usatoday.com/tech/news/2004-06-27-web-attack_x.htm
Posted 6/27/2004 9:26 PM

Hackers seed Web sites to infiltrate PCs

By Byron Acohido and Jon Swartz, USA TODAY

SEATTLE — Surfing the Internet just got much riskier.
In a new type of Web attack that could begin to spread, security experts estimate hundreds of thousands of Internet users unwittingly got their PCs compromised last week simply by clicking on a favorite Web page.

Profit-minded intruders stealthily seeded Web pages with contagions to help them steal personal information and turn compromised PCs into spam relays.

"It's a new wrinkle of phishing schemes," says Hal Hendershot, section chief of the FBI's computer-intrusion section. "We're concerned about what's next. The crooks could amass credit cards to sell or use them."

computer. Luckily I have my security stuff turned on. But I'm still getting all sorts of alerts and it is bugging the hell out of me.

I spend MORE time checking my system for bugs and intrusions, running secruity programs etc, than I ever had to in my life. I hate this.

:mad:

on my PC, it's free, it's a firewall and as far as I know it blocks everything... http://www.zonelabs.com

They have versions you pay for but they have a free version too.

Micro$oft $ecurity. Enjoy.

Mozilla.

Part of what I do for a living is design Web Sites, so I need to have IE / Mozilla / Opera installed, but after last week's little news item I've been using Mozilla 1.6 100% of the time).

My "Security Toolkit," with the most updated versions and definition files updated weekly:

Norton AntiVirus
ZoneAlarm Pro V5
TDS ("Trojan Defense System" from DiamondCS, http://www.diamondcs.com.au/)
CryptoSuite (also from DiamondCS, for encrypting and securely deleting files)
AdAware
Spybot Search & Destroy
Webroot Window Washer 5
Webroot SpySweeper Version 3

Plus, regular visits to Steve Gibson's http://www.grc.com Web Site to run "Shields Up" and his other tests, for a reality check.

For the times I do use IE (or NetCaptor, which is nothing more than an IE "front end"), per Microsoft's suggestion, I have set the browser security level to "high." That means a lot of legitimate, scripted material no longer works unless I "custom add" the URLs for specific sites.

Fast browser, no pop-up ads, customizable with over 70 plug-ins and under constant development.

I will bet you have Norton installed on your computer. Norton will have you believe you are being attacked by the Hack the planet organization. Best thing you could do with that bloated piece of shit software is delete it off your drive (Good luck with that) it don't like being deleted. Norton wants you to pay for their software every year. There are several great and FREE Anti-Virus programs and Firewalls that will not drive you nuts with false positives.

I've had nothing but good things to say about Norton Internet Security.

:shrug:

intelligent updater from the NAV website {symantec.com}

just sux to have to update now weekly...
dp

First, you're 100% right about the uninstall. If you want to remove ANY Norton / Symantec product and avoid system stability issues or conflicts with other software, you have to go to their web site, plow through their "knowledge base," and find the MANUAL uninstall instructions for your product. Using their uninstaller or control panel's "add /remove programs" function will ALWAYS leave junk files behind. In some cases you also need to tweak the registry...NOT a good idea for someone who's a novice.

I use Norton AntiVirus and like it, but have had major headaches with many of their other products. Avoid "SystemWorks 2004" like the PLAGUE...I've read many horror stories about systems that slow to a crawl after installation.

My lawyer uses Norton Internet Security and spends half his day swatting away false positive alerts. When his sunscription runs out I'm going to help him uninstall it and install ZoneAlarm Pro.

Steve Gibson's "Personal Firewall Score Board" is at:

http://grc.com/lt/scoreboard.htm

Regarding Symantec's Firewall:

"Automatic Rule Creation — Just a BAD idea: At my urging, Symantec has changed the default setting for their product family's extremely unsafe automatic firewall rule creation to off. The ONLY WAY automatic rule creation could ever be safe would be if their provided database were to include pre-computed SHA1 hash signatures for known programs. Without pre-computed signatures, and with automatic rule creation enabled, any malicious program can still masquerade as a "known" program to invisibly and silently gain unrestricted access to the Internet. (That's not good.)

My enduring complaint is that NO WHERE does Symantec explain the danger of their automatic rule creation. Therefore unwitting users might turn it on in order to eliminate the pop-up questions which are so necessary for end-user security (in the absence of pre-computed SHA1 hash signatures)."

You will love the tabbed browzing.

Netscape is not vulnerable to that virus. I'm soaking in it now!

Got a Mac. No virus, no problems.
Well, except with System 8.6 and OpenTransport, but hey, I did something stupid.

I've gone from OS6 to Panther within 15 years and NEVER one virus attack. OSX 3.4 has awesome firewall protection, plus you can program routers to set up a primary firewall. There are, of course, other ways to protect yourself. I only use virus scanners to kill PC viruses so I won't infect PC users by accident.

Scaring the innocent, "when people are frighten you can get them to do anything" remember that quote. Why do they have to tell people this shit all the time is beyond belief. They are the same people stealing your info for security reasons trust me on that I work for an IT company so i know how they operate. This is just scaring people away from DU, from using their PCs that all.


Do not make irrational judgment. Thats all I have to say. :dunce:

using DU was just an example to get my point across.