to a new 240-page security report from Microsoft dubbed the Security
Intelligence Report, America is among the most infected countries
in the world when it comes to botnets. The report uses
information collected in the first half of 2010 via the Microsoft
Malicious Software Removal Tool.Over 2.2 million PCs in
the U.S. are infected with a virus that makes them part of one of the
internet's massive botnets. The term "botnet" refers
to a group of connected computers that can be used for ill purposes
such as spamming, distributed denial of service (DDoS) attacks, and
mass credit card fraud.Brazil came in second place for most
infected computers, with 550,000 botnet-infected PCs. Per
computer population, though South Korea had the highest rate (though
its total number of infected machines is lower than that of the U.S.
or Brazil). In South Korea 14.6 out of 1,000 PCs are in a
botnet, versus 5.2 computers out of 1,000 in the U.S.Cliff
Evans, head of security and identity at Microsoft UK, comments to BBC
"Most people have this idea of a virus and how it used to
announce itself. Few people know about botnets."Fewer
people perhaps know about Microsoft's Malicious Software Removal Tool
(MRT). MRT has been is a free tool Microsoft includes with
Windows XP, Windows Vista, and Windows 7. First released in
2005, the tool is easy to run -- just go to "Start", type
"run" in the search bar, and then type "mrt"
(case insensitive) in the resulting popup. The tool will then
activate and be ready to scan your computer and remove many common
types of malware.Perhaps if everyone learns how to use the
MRT, America can escape earning the dubious distinction of being the
world's biggest botnet participant in 2011. Given the general
of security, that seems unlikely, though.Despite the
difficulty in getting the public to practice proper security,
Microsoft is taking steps to try to win the war against botnet
masters on its own. The company recently seized
control over 276 internet domains that were being used by
botnet owners. And it has beefed
up the securityof its most recent operating system, Windows 7,
making it harder to infect new PCs.
quote: Hi there some of us have ore at least know someone that got there account hacked.It happened last week to a friend of mine and spend all night fixing her damn computer and implementing new security , so i tough i write up what what i have done to prevent hack's on guild members and missing raids.1. Most of the best preventive measure is just to prevent hacks,To make them very hard and 90% of them impossible , here is a excellent link how to do that, its the same way company's secure there networks.(do it only works in the non home versions of windows XP/Vista/7 and i would recommend upgrading to a other version)http://www.mechbgon.com/srp/Its probably for some a bid hard to follow, and if you don't know how, ask someone to help you, but i would really recommend doing this.ps. Also do not turn of UAC in win Vista/7 and don't blindly click yes when it pop's up (and yes i know its a pain, but so is getting hacked)2. Get a GOOD anti virus program !!!AVG free only is not enough neither is Norton junkwareG-Data total care is a good program i can recommend, as it always ranks top in anti virus test's and is not to expensive specially if you take the 3PCs optionhttp://www.gdata-software.comIf you are a cheap ass and don't wane spend 40 bugs a year get AVG free but then point 3 is not only highly recommend but a must, preferably run A-squared every time before you start up wow3. No Anti virus software (AV) is perfect,Get extra FREE versions of AV and do at least once a week a manual scan ore after bin browsing porn ore have installed cracked programs.Also because these are all manual scan programs they wont slow you computer during gaming.These are the minimum i would install:Malwarebytes http://www.malwarebytes.org/a-squared Free http://www.emsisoft.com/en/software/eek/.Spybot search and destroy http://www.safer-networking.org/index2.htmlAlso run the Immunize option it prevents files to be changed whit out you knowing itA online virus scan is also something i would recommend once in a wile, House-call, ESET, Panda are good, kaspersky is offline making a new scanner but if back is properly one of the best.http://www.google.com/search?hl=en&q=online+virus+...4. A small but very nice program is, Secunia Personal Software Inspector (PSI)Its a small program that checks version Nr of you programs and compare's it whit a list online for programs whit security updates, its very small and uses almost no memory and resources.Its like windows update for the rest of your programshttp://secunia.com/vulnerability_scanning/personal...The new Beta 2.0 dose now all update's automatically ware possible http://secunia.com/PSI2SetupBeta.exe 5. Authenticator: Get one .This all may seem to some of you over the top, but on the other hand getting hacked is no fun eider, specially for people whit access to the guild bank, as it is a account hackers dream.And doing these manual scans is not that hard just start one when your getting food taking a dump getting to sleep ore taking a bad because you really stink ore so, and your PC is doing noting anyway, security its just a mind set, and a fact of live we have to live whit, ore get hacked ;-)Hope this will help some people getting there security up to date.
quote: one in four Windows cars burst into flames
quote: Oh, and Macs are completely infallible... i assure you they are not.
quote: i don't mind mac but i'm left wondering why it is that you care so much?
quote: I combine things in the following way under Windows XP/Vista/7...=> MSE + Limited/Standard User + SRP or Applocker or Parental Controls + EMET 2.0(1) MSE (Microsoft Security Essentials)=> Scans files locally.=> Might want to scan files manually via http://www.virustotal.com/ instead. (As that uses multiple AV engines...But has a 20MB file size limit.)(2) Limited or Standard User=> Can't write into Windows + Program Files directories unless you provide Administrator password.=> Make sure you password the default Administrator level account!=> Greatly reduce malware that needs Administrator privileges.(3) SRP or Applocker or Parental Controls=> SRP = Software Restriction Policy=> These three allow one to create a whitelist for the Limited or Standard User.=> Whitelist = "deny everything by default, except the legit apps I allow!"=> Combined with (2) causes a Catch-22 situation for malware! (Can't run! Can't infect!)=> Special note! Parental Controls is a lite version of SRP. It won't help with DLL injection-type malware!=> You may want to use this as an alternative to Parental Controls: http://blog.didierstevens.com/programs/ariad/(4) EMET 2.0=> EMET = Enhanced Mitigation Experience Toolkit=> "Hardens" apps like Adobe Reader or web-side apps like IE, Firefox, etc.=> Get it here: http://www.microsoft.com/downloads/e...0-362559fd2...=> Requires .Net 2.0 framework (You can install .Net 3.5 framework instead.)Of course, one still needs to hammer in on the issue of getting your software from legit sources (not hacked/cracked from P2P, Warez, Usenet, etc) and ignoring everything else. As well as keeping the system up-to-date. (Subscribe to MS's Security Bulletin mailinglist.)Anyway, that's how I "secure" various Windows desktop systems I'm responsible for. The good news is that all the above are free! :) (I use a mixed Windows/Linux environment. Linux for servers, network security via PacketFence, and specific workstations roles.)
quote: Macs are less fallible than Windows PCs
quote: "god like"
quote: I care because it pains me to see so many people trapped in the tortured madhouse that is Windows computing.
quote: Any system that requires the following to work safely
quote: I repeat - Windows is the platform getting infected all the time - why do you put up with it?
quote: because i use my computer for more than just surfing the web and playing with art programs....
quote: Microsoft could make an image for a repair disk available via its web site. The idea would be to run the current Windows environment from the optical drive, with a full GUI, access to the internet, etc.
quote: And...Mac's are much more vunerable to such attacks, due to not having modern security measures built into the OS.
quote: Not a Mac advocate, but apparently all the safeguards in Windows Vista and 7 couldn't stop this from remote code execution: http://www.microsoft.com/technet/security/bulletin... Oh, and btw, this is what hacked Google in China. Microsoft knew of the vulnerability months earlier but did not release the patch until Google went public with the attack. So much for Microsoft security. Nothing's changed.
quote: Mac advocate or not, the bulletin you linked has nothing to do with the Windows Operating System. It's for Internet Explorer. Those are completely separate software entities and you can use one to infer that the other is insecure. It would be like myself (or another poster) linking a known defect with Safari web browser and claiming that Mac OS X is insecure. That is simply not the case, Safari has a problem, not Mac OS X.
quote: IE has not been truly built into windows explorer since IE6.
quote: But its not like it used to be, built directly into Windows Explorer.
quote: P.S Where did you see they withheld anything? MS releases security patches all the time(patch Tuesday for non critical, and a critical patch if required), why would this be a PR nightmare over other IE flaws that have been patched?
quote: The vulnerability used in the attacks (CVE-2010-0249) was privately reported to Microsoft last August by Meron Sellen, a white-hat hacker at BugSec, an Israeli security research company. Microsoft program manager Jerry Bryant said the company confirmed the severity of the flaw in September and planned to ship a fix in a cumulative IE update next month.
quote: Oh, and btw, this is what hacked Google in China. Microsoft knew of the vulnerability months earlier but did not release the patch until Google went public with the attack.
quote: Maybe Microsucks should actually build a secure, bug free O/S before they sell it to consumers for billions of dollars per year? Then they would have time to address any new security vulnerabilities instead of investing most of their time creating patches for a defective O/S. What a concept that will never happen as long as Microsucks can sell defective goods for BILLIONS annually.
quote: ever replaced your kernel and not installed/reompiled with new headers?
quote: ohhh ever load debian, etc on a machine that needs special drivers??
quote: it's still to cryptic and relying on repositories for all your installs kind of sucks.
quote: make is no competitor to the windows installer.
quote: there is no real alternative to office (there are some minor solutions, open office, etc., but they aren't nearly as good).
quote: it comes precompiled
quote: latest version of SuSE</quotethe last version of suse i tried was a long time ago and then it was pretty darn unstable though my laptop crapped out about two years later so... quote: So having a central and easy way to install software is harder it's not harder i just wish there were an easier way to install software that wasn't in the repositories. quote: there is no real alternative to office I'm glad you agree with this, i can see you obviously know what you're talking about and a appreciate your sensibility. I hate when people tell me open office is just as good as ms office.Don't get me wrong, i'm a huge fan of linux, specifically debain and lately mint (debian + newer packages and no limitations regarding truely free software, ie. they are afraid of trademarks the way debain seems to be)
quote: So having a central and easy way to install software is harder
quote: there is no real alternative to office
quote: I'm glad you agree with this, i can see you obviously know what you're talking about and a appreciate your sensibility. I hate when people tell me open office is just as good as ms office. Don't get me wrong, i'm a huge fan of linux, specifically debain and lately mint (debian + newer packages and no limitations regarding truely free software, ie. they are afraid of trademarks the way debain seems to be)
quote: Well to be fair, having a home partition is no different that partitioning your drive. Is it transparent to the user in Windows? No.. but the effect is the same.
quote: your user folder ALWAYS is on the same drive as the OS with Windows
quote: Don't use it so can't say. But I'll bet you that the latest version of SuSE has more drivers than Win7 ever has or will.
quote: So having a central and easy way to install software is harder than going to each web site and downloading each piece manually?
quote: Sorry, but you are wrong. It probably supports more hardware out of the box, and certainly supports more hardware via windows update which only requires a network card to access. It is by far the best OS driver wise ever released, much better than its predecessors that is for sure. Suse and Ubuntu have certainly made great strides in the driver department, but they are nowhere close to Windows 7.
quote: Ya, if only that were true. What happens if there is not an app on the pre chosen list of repositories? Manual installation of anything can be a pain in the butt with nix, and adding extra repositories for the average user is not exactly fool proof either. Furthermore there is no guarantee the files in the repo will stay up to day. There have been plenty of times where I have had to add an extra repo because the files on the main repository have not been kept up and I needed the new version. And lets not get started about dependencies.. Even with a repository manager, you will run into issues eventually =P..
quote: Same with SuSE, you can add more repos to support more hardware like webcams. And SuSE has built in 3D support for most Intel and AMD graphics cards.
quote: And SuSE has built in 3D support for most Intel and AMD graphics cards.
quote: Unfortunately with Linux you have an outhouse nobody tries to break into
quote: Linux is better because it is not targeted as much
quote: open source that allows people to openly discuss and fix flaws