AnimeSuki Forums

Register Forum Rules FAQ Members List Social Groups Search Today's Posts Mark Forums Read

Go Back   AnimeSuki Forum > AnimeSuki & Technology > Tech Support

Notices

Reply
 
Thread Tools
Old 2007-09-09, 22:12   Link #21
KholdStare
ISML Technical Staff
*Graphic Designer
 
 
Join Date: Dec 2006
Location: Phoenix, AZ
Age: 25
Send a message via AIM to KholdStare Send a message via MSN to KholdStare
It depends on what you do. I've used AVG for about 3 years now and I've NEVER had a virus. However, all I do is surfing and use torrents. I don't go to unusual sites or download ROMs off french web sites that I couldn't understand. If you don't do anything extreme, the AVG is almost perfect for you.

Otherwise I recommend McAfee. If you browse through Limewire or other second generation peer-to-peer networks, then I wouldn't trust AVG doing it all for you. I've had problems with Norton many many times, so I would stay away from it.
KholdStare is offline   Reply With Quote
Old 2007-09-10, 00:43   Link #22
grey_moon
Yummy, sweet and unyuu!!!
 
 
Join Date: Dec 2004
@Potatochobit - Is norton the only anti-virus program you are running?
__________________
grey_moon is offline   Reply With Quote
Old 2007-09-10, 10:34   Link #23
Syaoran
Contemplating Naruto
 
 
Join Date: Dec 2005
Quote:
Originally Posted by grey_moon View Post
@Potatochobit - Is norton the only anti-virus program you are running?
So this question makes me ask another one... Do you people install more than one antivirus!?
That like one of the worst things you could do... It results into conflicts rather than doubling your ability to remove a virus.
__________________

Visit http://syaoran.miniville.fr/ or help them get a job (~_^)
Syaoran is offline   Reply With Quote
Old 2007-09-10, 10:55   Link #24
arcadeplayer987
Senior Member
 
Join Date: Apr 2007
Quote:
Originally Posted by Syaoran View Post
So this question makes me ask another one... Do you people install more than one antivirus!?
That like one of the worst things you could do... It results into conflicts rather than doubling your ability to remove a virus.
you need to be stupid to install more than one antivirus, because they will not work properly at all
__________________

www.arcadebuilder.net - The Best Arcade Script. Own your own arcade website today
arcadeplayer987 is offline   Reply With Quote
Old 2007-09-10, 13:08   Link #25
grey_moon
Yummy, sweet and unyuu!!!
 
 
Join Date: Dec 2004
Quote:
Originally Posted by arcadeplayer987 View Post
you need to be stupid to install more than one antivirus, because they will not work properly at all
They may have been just mis-informed, as it is good practice to have more then one on-demand scanner to give you a second opinion. Especially if your current on-access scanner has been compromised by mal-ware.
__________________
grey_moon is offline   Reply With Quote
Old 2007-09-10, 14:07   Link #26
KholdStare
ISML Technical Staff
*Graphic Designer
 
 
Join Date: Dec 2006
Location: Phoenix, AZ
Age: 25
Send a message via AIM to KholdStare Send a message via MSN to KholdStare
I don't see how you can in the first place. For most big antivirus brands, you have to uninstall your current antivirus (even if it's the same brand but earlier version) before it the let you install the new one. Scanners are different though...they just scan.
KholdStare is offline   Reply With Quote
Old 2007-09-10, 15:50   Link #27
Ledgem
Love Yourself
 
 
Join Date: Mar 2003
Location: Northeast USA
Age: 28
Does anyone have any recommendations for Mac OS X antivirus scanners? I don't buy the idea that no viruses will ever become prevalent on the system, and I'd like a protective measure. I've found two options: Norton, and ClamAV. I use Norton Corporate for Windows but I'm wary of any other version; ClamAV for Mac OS has enough disclaimers about possible data loss and what not to make me nervous. Any recommendations?
__________________
Ledgem is offline   Reply With Quote
Old 2007-09-10, 16:41   Link #28
SeijiSensei
AS Oji-kun
 
 
Join Date: Nov 2006
Location: Mucking about
Age: 64
Quote:
Originally Posted by Ledgem View Post
ClamAV for Mac OS has enough disclaimers about possible data loss and what not to make me nervous. Any recommendations?
I took a quick peek at both the main ClamAV site (http://www.clamav.net/) and the site for the Mac OS X version (http://www.clamxav.com/). I didn't really see the references to data loss that you mention. There is something in the FAQ about missing emails, but that just refers to moving infected messages into a quarantine.

If you're paranoid about using the whole ClamXAV thing, you can always just run clamscan from the command line. Hell, if your Mac has a C compiler, you can just download the code from the ClamAV site and compile and install it yourself. You won't get the pretty GUI tools, of course. I don't know how hard it is to set up automated processes on a Mac (does it use crond for instance?), but I'd guess it shouldn't be too difficult to run "clamscan /" once a week or so.

I've scanned all the mail for myself and my clients with ClamAV for years now, and it works like a charm. I'd recommend it to anyone looking for a no-frills virus scanner as long as they don't care about stuff like "on-demand" scanning or those other things that come with McAfee or other commercial products. If you're accustomed to a "nanny-style" virus scanner, ClamAV probably isn't your best choice.

Also remember that, being a *nix system, it's pretty hard to break the OS since as an ordinary user you can't make changes to places like /lib, /usr/lib, /sbin or /usr/sbin the same way an XP user can alter files in \windows\system32. And, you'd never run some random piece of software you download off the Internet as root would you? (Well, to be honest, I've done that, but usually we're talking about something like the "named" nameserver or a version of sendmail, not jacks_hot_new_software.) Oh, and you can always protect yourself against something being executed without your consent by making sure the executable bit is turned off at the directory level.
__________________
SeijiSensei is offline   Reply With Quote
Old 2007-09-10, 20:13   Link #29
Potatochobit
Certified Organic
 
Join Date: Dec 2005
naw, just use norton internet 2007. but the problem could have arrised from the older norton not uninstalling completey. also HP computers come with goofy pre-installed software that are annoying. I thought about gettting zonealarm as my other choice.
__________________
*Retired*
Potatochobit is offline   Reply With Quote
Old 2007-09-11, 03:41   Link #30
grey_moon
Yummy, sweet and unyuu!!!
 
 
Join Date: Dec 2004
With Macs and Linux generally you scan for viruses to prevent yourself from delivering viruses to MS users. This is not to say there are no viruses for them, but there are very rare.

There is quite a funny spoof on the steps needed for a virus to be installed on the first two OS's

http://www.gnu.org/fun/jokes/evilmalware.html

What it boils down to is not that there are no threats on Mac's or Linux, but there are different types of threats. The things to scan for are rootkits, the two favourites of mine are:

rkhunter
http://rkhunter.sourceforge.net/
chkrootkit
http://www.chkrootkit.org/

both are supported by macs

there are plenty of other things you can do such as
parsing your log files.
doing an audit of your files.
running a intrusion detection program, sorry I don't know one for mac, but psad is the one i use for nix.

Basically scanning for viruses is quite low down on the list, and normally is done because nix/mac users are considerate to windows users hence the first place you normally find av is plugged into the mailing agent.

*Edit*
And I just realised I just repeated what SeijiSensei said

Quote:
Originally Posted by Potatochobit View Post
naw, just use norton internet 2007. but the problem could have arrised from the older norton not uninstalling completey. also HP computers come with goofy pre-installed software that are annoying. I thought about gettting zonealarm as my other choice.
You can normally run a cleaner to make sure it uninstalls correctly:

http://service1.symantec.com/SUPPORT...05033108162039

zonealarm has always scored very highly on the top10 firewall review site and i haven't seen it slated on wilders . but personally I have never used it, I went from kerio 2.15 to outpost firewall
__________________
grey_moon is offline   Reply With Quote
Old 2007-09-12, 16:41   Link #31
Ledgem
Love Yourself
 
 
Join Date: Mar 2003
Location: Northeast USA
Age: 28
The joke I've heard about Linux viruses is that if you were to get one, it'd be an email claiming "This virus works on the honor system. Please run the attached file and forward this message to everyone on your contact list, thanks."

Just how serious are the threats of rootkits - is it likely that people would encounter one? I know about them and what they can do, but not how easily you can pick one up. They're pretty frightening...
__________________
Ledgem is offline   Reply With Quote
Old 2007-09-12, 17:30   Link #32
SeijiSensei
AS Oji-kun
 
 
Join Date: Nov 2006
Location: Mucking about
Age: 64
I've had Linux running on various Internet-facing servers since the mid-90's. In that time I've never had a rootkit installed.

The only time I've had a server compromised was when someone exploited a hole in Apache 1.1.x some years back and used it to install an IRC relay. They couldn't get root; they only had the Apache user's permissions. It was my own fault for not keeping Apache quite up to date. (Now I use yum for that.) I've changed some permissions on directories like /tmp so the apache user can't write there. Next time around I'll create a separate logical volume for /tmp and mount it with the noexec option.

I have a variety of Internet-facing services running on these machines including web servers, an SMTP store-and-forward proxy, POP/IMAP client services, SSH, FTP, DNS, etc. As long as the servers are kept up-to-date with security patches, I don't think these kind of brute-force attacks would be very successful. For the more paranoid among us there are things like tripwire that you can run if it helps you sleep better at night.

You obviously could install something yourself that might compromise the machine, but it wouldn't be that easy. I almost never install anything that I don't get from a known repository. I have a few obscure programs (like that SMTP proxy) that I compile from source, but that's it.

I worried briefly about rootkits some time ago, but I don't really worry about them any more.

Nothing would prevent you from downloading and installing a progam that could run as an ordinary user and add you into a botnet. For instance, it wouldn't be hard to write a trojan that would use HTTP or IRC to check in with the botnet master, download some spam, then generate the messages and hand them over to sendmail (or postfix, qmail, etc.) for delivery. None of those activities require more than ordinary user privileges. Still unless you're willing to download and install just anything, I don't think this is a big risk either.
__________________
SeijiSensei is offline   Reply With Quote
Old 2007-09-12, 20:23   Link #33
Jyukai.
~In a Music Box~
 
 
Join Date: Aug 2007
Send a message via MSN to Jyukai.
IMO, Norton is good for corporate usage, not for home. If you want a free, and updated daily/frequently anti-virus software, you'd be better off using Avira Antivir. Avira AntiVir

Norton eats resources and its not very stable(many problems reported). But if you want to try it, go ahead. It doesn't suck alot, but does its job most of the time.
Jyukai. is offline   Reply With Quote
Old 2007-09-12, 21:04   Link #34
grey_moon
Yummy, sweet and unyuu!!!
 
 
Join Date: Dec 2004
its easy to get compromised if you don't patch and have services exposed to the rest of the world that you should hide.

Normally if someone compromises a service it takes the rights of the service (hence always running stuff as non root users), but there is a pretty well known wu-ftp hack which can escalate the rights to root with a buffer overflow attack. It's used as part of the learning tree demo.

Now the issue with this is:

a. you have to be running wu-ftp
b. you have to be running a older variant (non patched)
c. you have have it exposed to the nasty person
d. not too sure what services like apparmour would do to it

So basically there are lots of issues that make it difficult for an attacker to compromise a system as long as good practices are followed.

for example I do a lot of hardening on server boxes, but i don't run a majority of routines on my desktops. The reason why is the server boxes are routinely exposed to the internet and getting too much data can mean I loose the real information because I am swamped.

I guess its about risk assessment where you have to take into account value of resource and exposure to risks. Remember value of resource is not only data but someone using your resource like SS mentioned above, and that includes using your box to hack someone else....

For example my home data server has no real exposure to the internet, but it was setup after swallowing a paranoid pill and even then any sensitive data is saved to a locally mounted encrypted drive. To others my data my be worthless, but to me my data is valuable so I am willing to invest the time into protecting it. also it would irk me to no end if someone did compromise me
__________________
grey_moon is offline   Reply With Quote
Reply

Tags
antivirus, malware

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT -5. The time now is 09:41.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.
We use Silk.