[Gllug] Security (was: p2p programs)

Christopher Currie ccurrie at usa.net
Mon Nov 14 20:17:15 UTC 2005


On : Mon, 14 Nov 2005 08:24:03 +0000 Simon Morris <mozrat at gmail.com> wrote:

> A fully patched Windows
>machine with anti-virus and a firewall is secure enough.

How secure is secure enough? 

Early this year I found a live (though encisted) Windows virus on my desktop 
machine (dual boot Suse 9.x/Windows ME), which had been there since Day One 
in 2001, when it had been copied from my previous Windows 95 box, where it 
had been since 1998. 

During that  time, I had been running successively F-PROT, McAffee, NAV, and 
AVG; all systematically updated, on the successive boxes (except since early 
2004, I think, when I had not gone on line with Windows at all). I'd done 
regular full scans. For all or most of the time I'd been running ZoneAlarm 
Pro as a firewall, and getting the security updates.

Luckily the virus had never been activated. It was in an old mailbox of my 
wife's to whom a now dead relative had sent it: one of those lovely Windows 
e-mail viruses that you click on to start the infection off. (I forget which 
one it was, but one of the fairly notorious ones). 

Luckily at the time we had been running PC-ELM in DOS mode as our mailer, so 
my wife did not know how to use that to achieve virus-launching Windows 
clicks.

How did I find it? I was testing a live CD with Chronomium, a french Linux 
distro which can be used to disinfect Windows disks. It actually runs a 
version of F-PROT in MSDOS mode. (It wanted to update its F-PRot but I 
wouldn't let it as that meant installing stuff on the hard drive). So it 
ground away for hours with the obsolete F-PROT. But it ground exceeding 
small.

Nowadays we run behind a router, and we maintain security on the Windows 
partition by the simple precaution of unplugging the router before booting up 
with Windows (which only one of the family now uses, to play games). Only 
Linux is used to access the Internet.

Christopher




-- 
Gllug mailing list  -  Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug




More information about the GLLUG mailing list