good luck playing any multiplayer. that ping must be sweet
Comment has been collapsed.
you really didnt think this through, did you? you know what it means when your pc is being used as botnet, right? please dont be stupid. LEARN YOUR SHIT! if your ISP see what an awesome stream of data is comming from you, he will be very happy. you might right now say bye bye to your internet. and by the looks of it, you dont mind your pc being infected by mining virus too
Comment has been collapsed.
If your ISP sees what an awesome stream of data is coming from you, he will be very happy.
You might right now proceed to do nothing because you've fucking paid for internet access and the ISP can't randomly cut you off because reasons.
Comment has been collapsed.
.. Get informed before you spout off about something you clearly have precisely 0 knowledge about.
I've worked for multiple ISPs and they all had "abuse" departments. I did some forensic work for them analysing packets and checking data sometimes, in between my regular support work, to see if clients were transmitting any kind of "bad data" - illegal stuff like child porn, malware, ping bombs, or other virus-like activity. When customers either are thought to be part of a botnet, or have any kind of malware such as a worm, or other malware that spreads itself, ISPs block peoples' internet access outright, blocking anything not http (including ICMP for obvious reasons), not port 80, and forwarding any http request to a bumper page, usually mentioning to contact the ISP's abuse department to help resolve the issue. And only once a customer has confirmed they've walked through a troubleshoot, often with much back-and-forth in emails and / or phone calls between abuse and the customer, does a customers' line get unblocked and the redirect to the bumper page removed. And even then, abuse often will monitor the line for several weeks (with a program that checks for typical "bad data" as well as often manually by an abuse rep.), often resulting in yet another block being placed because much malware is close to or basically impossible to remove without a nuke and pave, and even then, some rootkits / trojans might install themselves to the MBR, forcing some more thorough removal procedures that many customers would be uncomfortable doing or unable to do.
Anyway, the way it usually works is that only once the abuse issue is fully resolved to the satisfaction of the abuse department (and depending on the ISP, this might mean a ticket in some ticket management system being resolved and closed), the customer is forwarded to the billing department for a refund (if they ask about it) for their (exact) downtime, as obviously you cannot know precisely how much downtime they'll have due to abuse blocking them until after the issue's fully resolved.
All this is a description of default abuse procedures for ISPs worldwide - if you don't believe me, check out any ISPs' website, and you should be able to find an e-mail address for their abuse department, usually simply "abuse@isp.com", though if their site design sucks, you might have to dig a little to find it.
This isn't just to protect their own network, but to help slow the spread of malware worldwide.
Comment has been collapsed.
@Ansatsunin: Comcast; the software they bundle with the customer comes with some bot detecting software. If the customer is running it, it usually detects it and you will be reported. You will have limited access to the internet and you'll get some nagging screens that will tell you to call 1800comcast. Doubt it does anything if the customer isnt running the software tho.
Comment has been collapsed.
I don't. This is either just a way to offload some of the processing power used for detection to clients / save bandwidth, or help earlier detection / blocking of bad clients. Let them run a certain program that does a chunk of the simpler behaviour detection / detection of more prevalent, everyday malware / botnets on clients' PCs, and save the bandwidth they'd otherwise be sending out if they were infected, before the detection systems they use over on the ISP's side flag them for a block, thus saving some bandwidth and processing power, and blocking more bad data, faster. On top of that, if the block can be in some part regulated client-side - so the software sends a flag out to the ISP saying "yup bad data, block this guy" - you're circumventing the whole internal process flow / database communication that would otherwise be triggered by the ISP's own internal detection system(s), thus freeing up your own infrastructure / middleware a little, and again making blocks occur faster.
I guarantee though, that the ISP has their own systems in place also, and will block you if you put out a lot of bad data fast / have errant usage patterns.
Comment has been collapsed.
That post is presumptuous and condescending in a way. I understand that it has good intentions, like your post does, but to assume that there aren't people out there that know how to keep their computers free of viruses without the need for such resource-hogging tools is a major pet peeve of mine.
I don't need an antivirus, nor do I want one slowing my computer down. I monitor my connections on a regular basis using multiple software and hardware methods as well, and I think I'd notice if my computer was actively participating in a DDoS even if I didn't keep such a close eye on things.
And, to suggest that we can't even complain about the site being down if we don't have one of these enabling* tools is not only wrong, it's very condescending. "Part of the problem" indeed...
I realize that complaining to the site owner won't accomplish anything, but I see his post as justifying his desire to simply ignore any and all support requests, solely on the basis of "herp derp part of the problem noob!"
*What I mean by enabling is that it enables the typical user to be lazy by telling them "everything is okay, your PC is protected".
Comment has been collapsed.
The way I see it, if you're the type of user that bothers monitoring every single thing that is going on in their computer then you're most probably better off security-wise than those that just slaps on an anti-virus and think they're safe.
edit for the dull: It means that said users are more cautious than retards that just installs an antivirus and then proceeds to download every single thing they step on thinking they're safe like the guy below me.
Comment has been collapsed.
You people crack me up. You haven't run a virus scan in years, but you know you've never had any malware. You're like the idiots who think that just because you eat right and excercise you can skip your annual physical. And then are shocked when they have a heart attack at 45.
Comment has been collapsed.
Re-read my post, please. I never said that I don't run virus scans. I said I don't have an antivirus, which in most cases means I don't have real-time protection. I run a weekly quick scan and a monthly full system scan, but I don't install real-time protection because of the negative impact it has on my system's resources.
And, please, don't insult my intelligence. Even without a virus scan there are many other ways to tell if you're infected.
Comment has been collapsed.
Just out of curiosity, name some. And what kind of software / hardware solution(s) do you employ to achieve this detection?
Comment has been collapsed.
Only a full retard can +1 this.
I can easily tell if you're infected by any average type of malware within minutes. If it's atypical, it's not gonna be stopped by some shitty windoze firewall or "free antivirus". You better learn how shit works or keep your hole shut 24/7.
Comment has been collapsed.
You're most probably an idiot for misunderstanding my post, and probably autistic for assuming I haven't run a virus scan in years considering I probably have invested in an antivirus that is better than anything you'll ever have.
Just for your sake though, I'll say that it is very possible to not run a virus scan in years, know that you've never had any malware and expect to remain clean for a long time. Provided you have a brain of course, which you don't since you doubt that very possibility.
Comment has been collapsed.
If you keep an eye on your connections, open ports etc its easy to see if there is something wrong.
On linux i can see them directly on my desktop via conky.
Comment has been collapsed.
+1
Thank the heavens for this post, I was waiting to see it. People are so fucking clueless, even people with supposed knowledge of PCs / networking / malware. Like they've never heard of "idle detection" or idle cycle Bitcoin mining trojans.
Comment has been collapsed.
I am guilty.
But ignorance is bliss.
And unfortunately, we can't all be well-educated and well-prepared at everything in life.
There are habits and techniques used in everyday driving that could save lives and prevent all kinds of monetary losses, but the vast majority of people don't do them. Same deal there. Mainly ignorance. Saw it all the time as an instructor. And that was instructing in quite a niche, too. Can't imagine how bad the great unwashed masses are in the car.
But...you deal with it, and be as preventative as you can yourself.
I'm going to go self-flagellate now.
Comment has been collapsed.
Except that, I'm not stupid. I know enough about the technology I use to know its limitations and how to determine if my system is compromised. I don't need Anti-Virus/Firewall because I know how to use the internet with doing something completely moronic and getting my system infected, and I know how to determine what files to trust and what to dispose of.
Comment has been collapsed.
So I suppose you have JS disabled, or at least NoScript and only allow (and trust) certain sites? What if they get hacked and serve malware? Oh and obviously you know the sourcecode of every binary on your system. What if someone boots you computer and installs malware manually?
Stop beeing such an elitist.
Comment has been collapsed.
How does one get the malware? Websites can't just automatically enable it. Some stupid fool would have to actually download and run it. Exception is Java and Flash, but I've set both up to require permissions before usage and I blacklist anything I don't know.
How the fuck is someone going to boot into my computer? Aside from the obvious fact it has a password (a nice secure one that's hidden), I don't let this laptop out of my sight, and hackers would need me to enable some software for them to gain access to my system, and as I said, I'm not stupid enough to run anything I don't trust.
You're paranoid and you think you know better because you can shell out the cash for some over-priced bloated software that "claims" to protect your system, when the only thing you really need is common sense.
Comment has been collapsed.
So because your Windows requires a password nobody can boot your computer? It doesn't work that way.
There's dozens of security holes in JS and even sites you do trust can get hacked.
I'm not paranoid, I just claim that you can't know for sure that you're not part of the problem. Hell, even a Windows update could ship you malware and you wouldn't know.
Also I'm not using any antivirus of any kind, they're barely of any use and slow your system down.
Comment has been collapsed.
I highly doubt I'll come into contact with anybody who knows any other way, and as I've said, remote-booting the computer would require a hacker to compromise the system, and to do that, they require permission (aka allow their application to run or something similar), which I'm not going to do.
What a great thing there's only one website I visit that uses JS, then.
"Hell, even a Windows update could ship you malware and you wouldn't know."
Dafaq is this? The only way that would happen is if Microsoft became incompetent (which is happening...), hackers compromised the Update database and I didn't read the patch notes/forums about the latest update first. Seems to me like a lot of things would need to fail before such a situation would occur.
" I just claim that you can't know for sure that you're not part of the problem."
I can with a simple check of my network usage, looking at several known directories in explorer and a quick browse through the registry. Virus-makers always leave some stupid clue lying around because the majority of them don't care.
Comment has been collapsed.
Booting a computer without having to enter the windows password is as simple as putting an USB stick into it, not that hard, really.
If someone hacks the Windows update servers they probably won't write it in the release notes, also several (big) companies have had their certificates hacked in the past, it doesn't even have to be Microsoft that gets hacked!
There's malware around that doesn't use much network, even some DDOS tools use it it only sometimes, or only when the screensaver is on, or only if you haven't done anything in the past 5 minutes. Also hiding packages from software if you've got admin access isn't that hard. Checking the registry and some directories only gets you so far, I'm pretty sure malware developers can work around that if they want to.
Comment has been collapsed.
Websites can't just automatically enable it.
Look up, Drive by downloads.
All it takes is a compromised server or search provider to send you a few hidden little gems that run under svhost's name, and they can slowly sip away information, or download more files to cripple your system. People that claim "common sense so dur no virus for me" are clueless. Ya, it helps with 70% of prevention if you dont go around downloading every bloody addon and free game toss at you, but it only takes 1 virus or worm to fuck you over.
Comment has been collapsed.
So you know all the latest exploits with other files?
Did you know that .docx can be viruses? How about .pdf? How about a .jpg?
Also, did you know there is something called silent Java Drive-Bys? Aka, it downloads into your computer as soon as you run the site. Exploit works by running a 1 pixel big window on your browser and downloading the .jar which runs and downloads the virus.
There is also files that can infect legitimate files, like your Window files.
And many more exploits that I don't have time to explain/don't know in general.
But keep going without any antivirus software of any sort. You don't even need to pay for a good one these days.
I'm studying into Network Security and I still have anti-virus and firewall protection.
Comment has been collapsed.
Altought i am pretty sure than my OpenBSD doesn't really need an anti virus.
Comment has been collapsed.
That would be equivalent to banning everyone from the road unless they can build and maintain the entire car from bare parts. You really cant expect tweens all the way to grandmas to know everything about their computer just so they can right to John Smith about their cat once a month. A better practice would be for ISPs to offer better AV+firewall bundles instead of trash like macafe or nortan 2011.
Comment has been collapsed.
Then you must be epicly disappointed in drivers as well.
This whole driver analogy is a terrible one. It's just like computer users.
Comment has been collapsed.
Exactly.
Just like dynamic stability control is now required in most vehicles.
You can turn if off, but you damn well better know what you're doing if you aren't going to use it.
Comment has been collapsed.
People that can't handle cars are ALL OVER the road.
I can't handle my computer, but I CAN handle a car. At least 85% of folks on the road have no idea how to drive their way out of a paper bag.
Comment has been collapsed.
Fair enough. That's normative, but logical.
However, are you sure that you would be allowed on the road? ;)
Your standard of computer usage is probably well above mine. I'm probably an ignoramous sometimes by your standards.
I almost guarantee you'd fall short of my driving standards as well. ;)
It's hard to know everything about everything. Therefore, people are ignorant.
edit: I now see where you live. Credit where it's due. You guys are some of the best in the world when it comes to vetting your drivers. You and all of Scandinavia. Nice work on that. You could easily outdrive 85% of us here...at least. :)
Comment has been collapsed.
Oops. Just edited my above post to reflect your nationality. :)
And yeah. I think you have very reasonable expectations. As in, "Just don't be a completely oblivious idiot."
I agree.
Comment has been collapsed.
They must have huge paper bags where you come from.
Comment has been collapsed.
I get what you are saying and i agree. like the people that go online and cant tell the difference between an ad and a real search result or ads and real content on the site. to me its obvious what is what but i have seen some people that just click away at everything they see and they get viruses as often as everyday/week. this would be equivalent of someone driving and not understanding why they need to turn their headlights on when driving in the city where there are streetlights, or someone that never uses the turning lane or uses it as a normal traffic lane etc etc
Comment has been collapsed.
Except, you know, people that should not be allowed to drive a car do so.
Comment has been collapsed.
In this country, we let folks drive with too little training too young (those things go together as young /= bad driver if they are trained properly/have experience - they are actually better with r/t, learning speed, etc.) and let them keep their licenses WAY too long without mandatory testing, usually in the name of mobility or with pressure from the AARP in the name of age discrimination (I'm totally cool with a 97-year-old driving if they have the skills to do it, FWIW).
Comment has been collapsed.
They are dumb to shut down several games community, which we don't affect to our society but NSA, and other are serious affect to us. They should go after them not us. I think it's not very smart. Or they use us as test to see if they can take down several site before it hit BIG? ... Interesting theory ....
Comment has been collapsed.
If you didn't know already, free anti-virus is available from the internet.
Also, there are anti-virus suites that are equipped with a firewall from the ready (Avast, Zonealarm).
Please, please use an antivirus with your PC, to keep your PC fast and safe. Thanks
Comment has been collapsed.
Why are some people here feeling so hurt by this post? It is obviously aimed at people whose computer knowledge extends to pushing that button that turns it on, so why are you guys who claim to know your way around internet feeling offended? Insecurity?
Comment has been collapsed.
I'm asking a different question for those refusing to use any antivirus; what are you running that an antivirus is actually slowing your rig down that much? Or which antivirus are you running - because there are a lot that will go silent mode while you're gaming, or when you tell them to but still be effective. The firewalls should not be slowing you down that much.
Setting it so the scans don't run while you're gaming, but run when you're browsing the web just makes sense to me. You can practice being safe on the net. Shit happens. Big sites get infected, bad things follow.
Also, slapping an antivirus/firewall on and calling it good is ignorant. You should still be watching out for sus links, emails and well.. general issues with any file sharing you may do.
That said, the OP's post came across more than a little condescending. Say what you want, but try not to say it in such a way that you piss off the audience you're trying to reach.
Comment has been collapsed.
Please, try to find a free antivirus that doesn't noticeably slow down your computer. Maybe it's just because mine's a bit older than most, and because I'm still using mechanical hard drive as opposed to the insanely fast SSDs, but I do notice the slowdown and it irks me. It's also completely unnecessary.
Also, silent mode in most of the products I've used just stops the automated popups, instead of actually stopping any resource-hogging activity.
But, for websites, I do use Noscript on my browser and I'm very cautious about allowing any scripts at all, even if the website is trusted.
I've stuck with my method of not having any real-time protection and running scans every so often with other antiviruses for years now and it's served me quite well.
Comment has been collapsed.
If you get simple antivirus that just offers basic protection and not a full suite of crap then it shouldnt slow you down at all. the full suites with all the email scanner ident theft and on and on i find them to be overkill.
a simple AV shouldnt slow you down unless you are not scheduling scans. if you dont tell it to do its scans at a time you arent active then it will start a scan anytime and you may be doing something at that time. so either set a scan time that works for you or just set it to only do manual scans but still have active protection enabled to catch the ones that come in and start doing damage right away.
Comment has been collapsed.
Running scans on an infected PC won't do diddly squat. It will never give you full guarantee that you don't have any malicious software running.
As for slowing down your PC, unless you are om Commodore 64 it's just your imagination.
Comment has been collapsed.
You gotta be new. Before Heptamegacore everywhere CPU, AV software used to hog 1-5% of your total CPU performance and if you were crazy enough to run Norton, also 50% of your HDD throughput. As of today, it still slows down your computer. Otherwise it would not work at all. A process has to be slowed down to check it.
Or do you think a customs office can check your car drive-thru?
Comment has been collapsed.
5% of CPU performance is not hogging by any stretch of the imagination. Especially for something needed.
Comment has been collapsed.
All my games run just fine with antivirus and firewall.
Comment has been collapsed.
How many yoctoseconds have you saved by not running antivirus?
Comment has been collapsed.
I actually once set up a proper firewall using iptables (not one of those ready to go windows firewalls that barely do anything) and came to the conclusion that the only way to go there is a dedicated server (or router) since CPU usage is insane if done properly (i.e. doing more than just blocking a couple of ports)
Comment has been collapsed.
I used to run webservers, FTP servers, IRC, mail, etc. from my home connection, all of which were used by thousands of people per day. In all that time, I never had a security breach.
Maybe my lack of problems has led to complacency... but so far I've not had any reason to believe I'm in any real danger.
Comment has been collapsed.
2 words. Comodo. Whitelist.
Problem?
I use Malwarebytes Pro, which has a simple on-access filesystem protection module that works quite unobtrusively and a blocking of any request sent to my network card for an IP on Malwarebytes' blacklist - they have their own server farm of crawlers that present known vulnerabilities to exploits and malware to the 'net, and harvest IP's off machines hosting malware, or attempting to use an exploit on their machines. During web browsing this also will block basically any malware hosting IP, so weird RU image hosts or 1 pixel drive-by download malware also. Of course I also run No-Script on my browser, so I'm protected against XSS attacks, and never whitelist a domain without checking it out first.
Then there's Comodo anti-virus / HIPS / firewall / sandbox for unknown processes, all set to their most paranoid setting, dis-allowing any network usage I don't explicitly condone, and any form of tinkering with my OS files / reg keys / startup items / regserv and the like.
No noticeable slowdown during average PC usage. Note, I said noticeable, not measurable by some hour long bench to see if it causes a few seconds' slowdown of my PC over that time if I'm running a linpack or Prime95 test. Average PC usage does not equate to fully straining your PC, so the performance hit (to I/O, disk usage, or CPU cycles) caused by any decent modern anti-virus is unnoticeable, unless you're running a 10 year old HDD on a Pentium II off a similarly old mobo.
I quit everything else I'm doing and set Comodo to "game mode" (turns every part of the program off) before launching a game / something resource intensive, then only do that, then turn back on when done gaming. Done, secure, and no noticeable usage impact. And I too have checked the difference between it being on, and off. It's infinitesimal. And what's next is probably me taking my old build (recently built a new rig) and chucking a linux distro on it with IPCop and making it a hardware firewall after my router.
Years ago maybe only using "smarts" to avoid malware and threats was enough - it isn't nowadays. Not even close. And as for you saying / thinking you're able to detect malware due to simple behavioural analysis, maybe a netstat here or there; wow. The fact that you even think that says enough about how up to date you are as to modern malware behaviour, and levels of exploits. Ever heard of Bitcoin miners that only run during idle times on your PC? What about MBR rootkits that you'll never detect until they're used at night while you're sleeping to compromise your PC / make you a zombie in a botnet? You'd never detect them.
Comment has been collapsed.
Comodo with full paranoid settings?
I have to ask: Doesn't it get just a wee bit annoying when Comodo asks you to allow every single action an installer or new game or new program tries to do when it's first detected? Especially when it sometimes freezes said game, showing just a black screen while waiting for you to somehow alt+tab and allow whatever action it wants to take, but you can't? And don't tell me you haven't noticed just how slow things run when Comodo is detecting a new program for the first time. Every single step the program wishes to take is scrutinized painstakingly, especially with full paranoid settings.
I've also had HIPS freak out on me and freeze my entire system when it scans certain programs, leaving me unable to do little more than move my mouse around, watching every program I've got running, even new ones, just suddenly refuse to do anything anymore. And then there's the times when the automatic sandbox feature has caused an installer to not finish completely, leaving any newly installed games or programs crippled.
It's also incredibly annoying to manually tell Comodo before running these programs not to check them, if they are indeed trustworthy, every single time.
I don't know about you, but I do often install new programs and new games, and the annoyance of Comodo finally got to me after having to deal with it for so long. During the entire time I had it, it never once detected anything that was ever any real threat to me. I had it for the same reason I suspect you have all those tons of layers of security: Unhealthy paranoia.
I understand there is a difference between healthy and unhealthy paranoia, and that a little healthy paranoia is in fact a good thing, as it will protect you from all of the threats you speak of, however, I assure you that my computer is in fact clean. Don't you dare presume to tell me how to use my computer, or assume that I may be infected because I am not as astoundingly and amazingly paranoid as you are. You may have been trying to help, but all I could detect from your post was sarcasm and snarkiness, and I do not appreciate it one bit.
Comment has been collapsed.
I didn't hint at or say anywhere that you are infected, or that I think you are. I was suggesting that (as anyone working in anti-virus research, higher level network stuff or anything remotely related to network security would) the old ways of "internet smarts" and "behavioural analysis" are hopelessly outdated and redundant. Indeed there was a level of snarkyness, because of your own tone against others in the thread, particularly your general tone of authoritativeness, when again - everyone I know who works in any higher level IT-related function would call you careless and naive to even be connected to the 'net with no form of protection other than your modems' built in firewall, nowadays. And then there is, of course, the whole point made in the OP, about encouraging the spread of malware - thus lowering the security of this global WAN called the internet that we all use - by your stubborn refusal to use protection, even when you're shown examples of lots of stuff that can (and does) go wrong even with the utmost care in usage habits and monitoring, without your awareness. I wasn't trying to help you, I was critiquing your stance and challenging it (not trying to put you down) by asking just exactly how you were monitoring and protecting your network. You're indeed in some part a potential part of the problem, albeit of course with a far lower potentiality than some absolutely clueless "oh what's this? A BIGGER PENIS?! CLICK!" user - but still a big enough potential part of the problem for me to be critical of, especially if you're someone who from all posts on the thread seems to be someone with a bit more IT related knowledge than your average shmoe - you even directly hint at it in some posts.
Like I said to someone else in the thread - "guess you've never heard of SQL injection, XSS attacks / exploits, drive-by downloads, 1-pixel malware, DNS spoofing attacks, DNS amplification, ARP poisoning, man-in-the-middle attacks, or idle-detection trojans"? Do those terms mean anything to you? The point I'm making is that 90% of modern malware / exploits are entirely silent, background processes that show nary a hint of processor usage, open ports, or anything else you could easily detect with some basic sleuthing. Malware makers / exploit discoverers aren't stupid - particularly modern ones; they're people more knowledgeable than you and me combined. They know very well how people like you and me detect stuff amiss with their rig / home network. They code them to do nothing of note until your PC's been idle for an hour, or in sleep mode, or even hibernating. They code them to terminate all their activity before anything else is done on the PC when it leaves an idle state. They find ways to infect known websites, or redirect traffic from your PC to somewhere entirely different than where you intend to be. All it takes is editing a little C-record here, doing some DNS spoofing there, and you're whisked off to their own server hosting silently installing and performing malware, when you try to visit "cnn.com" or "steamcommunity.com". Or maybe that's not even necessary because a "known good" site is already distributing malware for the bad guys, who did some SQL injection the night before. How do you know, by the way, that your PC isn't aiding in a DNS amplification attack on someone staight from your own Windows DNS caching server? No, checking out your open ports wouldn't help you with that.
Here's some light reading for you:
http://gcn.com/Articles/2013/05/13/Universities-get-schooled-DNS-amplification-attacks.aspx?Page=2
http://www.ren-isac.net/alerts/dns_amp_ddos_tech_201305.html
http://en.wikipedia.org/wiki/DNS_spoofing
http://en.wikipedia.org/wiki/DNSSEC#Overview
And these links only concern DNS-related stuff. There's oodles more about exploits and vulnerabilities concerning other security vectors you seem to not be aware of that you can Google at your leisure. You been keeping up to date on what BHO's you have installed? What about your LSO's?
I find it a little demeaning and ridiculously naive to be calling someone like me "unhealthily paranoid" when it appears you're just not as informed as I am about current threats out there. It's not paranoia - it's being cautious, aware, up-to-date and responsible. I'm responsible for what my PC puts out there on the 'net, something you cannot say, no matter how hard you monitor your stuff or use it intelligently.
As for your gripes concerning Comodo - firstly, when I install any new game or program I have acquired from a known good source (which as I explained above might not always be good), I run it through Malwarebytes and Comodo AV first to do some signature-based and stringent heuristic checks on the files, then set Comodo to "game mode" and turn off filesystem protection on Mbam before I run the installer. Easy peasy, no harm done, installer completes just fine. I turn it back on once it's done. And yes, the first time I run a game or program I might get a few popups come up asking permission for this or that, but once I allow it once, I'm done from then on. After any new OS install, indeed, the first few weeks might be a bit full of popups, but it's nothing more inconvenient than 2 or 3 mouse clicks and a few seconds' of my time, and only needed once. Once I have a good whitelist set up, I'm basically done. I too often run new software, do all kinds of "power user-y" things on my PC, and if I get 1 popup a day, it's a lot.
The balance between "unhealthy paranoia" and "sane caution" isn't "yes/no to something like Comodo in its' entirety" (as it used to be maybe 10 years ago when threats were simpler in their make-up and behaviour, and running an antivirus program really taxed the then-current hardware enough to slow down overall PC operation very significantly), it's "should I keep it turned on when installing known good software, even after virus checks, and manually allow any and all reg keys it tries to make, any and all file system changes, etc?" Yes, I turn Comodo off when installing new stuff I know to be good, because not doing so would indeed feel too paranoid. Same for not forming a whitelist and letting programs do the same stuff twice without consent - that'd definitely be a little too paranoid for my liking and would hamper my usage too much. But not having some form of decent protection installed and running during normal usage? That's irresponsible, lazy and extremely naive (nowadays), and frankly surprises me as a stance coming from someone who purports to be "IT informed". If you're truly oldskool (as I think you are), tell me what was the holy exclamation from early hackers / related types? RTFM. It was more than an acronym to be taken literally. I was a whole mentality that was being espoused. Take your time, actually read and learn something, set settings right, know what you're working with. All it takes is reading through some settings, taking maybe an hour of your time the first time you install something, perhaps teaching you new stuff in the process, then a few seconds the first time you run something - a small price to pay to know you're as secure as you can get without going to lengths such as chucking a network analyser and packet filter on a hardware firewall setup like ISPs and corporations do.
"..showing just a black screen while waiting for you to somehow alt+tab and allow whatever action it wants to take, but you can't?" - umm, you know you can smack Ctrl-Alt-Del a few times then and get a Task Manager open so you can see behind the blackness and allow whatever you need to if a simple Alt-Tab won't do it, right?
"And don't tell me you haven't noticed just how slow things run when Comodo is detecting a new program for the first time." Yep, the first time. So? Boo fucking hoo dudeguy, so I lost a couple of precious seconds to allowing something once, as part of behaviour meant to keep me secure. Those aren't seconds I have to worry about many times a day, thus making them significant. They only are used up once, to allow something. If I had to do this many times a day then sure, I'd agree that it matters (because I know how seconds here or there in usage can add up to lots of lost productivity and usage time - I even modelled my browser install after that very concept, installing addons and tweaking the UI layout to aid in doing stuff as fast and with as little interaction[s] needed as possible)!
Please bear in mind that any snarkyness I display isn't meant to piss you off / provoke you or even be disrespectful towards you, but even among friends or compatriots, disagreeing often happens with a slight snarky tone. I respect the fact that you at least give a damn about this stuff, and aren't totally oblivious / unconcerned, as unfortunately a shit tonne of people - we both can agree - are. And I am genuinely still interested in what form of hardware / software you have running as part of your protection / monitoring, as you hinted at some stuff in other posts on the thread.
Comment has been collapsed.
I still say that having Comodo at its most paranoid is completely unnecessary. And, for the average user, damn near impossible to use. How is the average user supposed to know that processes like taskeng.exe and csrss.exe are trustworthy?
If one must use Comodo, I'd think the "safe" options would be best. It's the perfect balance, allowing programs that Comodo deems safe and not allowing ones that it doesn't recognize. Let Comodo create the whitelist based on what their servers say is safe. After all... if you trust Malwarebytes to do that, why not trust Comodo? You're using their product, are you not?
That aside, I do run antivirus scans, rootkit scans, MBR scans, etc., every few weeks. I also leave system monitoring software running (with logging enabled) when I go idle sometimes to see if I can catch anything suspicious. And besides that I shut my computer down at night most of the time anyway. My router also has the option for verbose connection logging, which I turn on from time to time to see what's going on. So far, everything has checked out.
Having said all of that, I might give Comodo one more shot. After all, it's the internet security suite I recommend most to anyone that needs one. I will not, however, run it on paranoid settings. I don't claim to know everything and I'm willing to admit that there are a lot of Windows components I'm not aware of, and I do not want to break anything by disallowing a legit system process because it looked suspicious. I also don't have the time to Google each process that comes up, and what it's trying to do, in order to determine whether or not I should allow it.
Comment has been collapsed.
My entire operating system uses somewhere between 0% and 1%. That's a complete freaking operating system. I fail to see how it's justified that any program that's neither a game nor some scientific simulation uses any more than a complete operating system.
Comment has been collapsed.
What do you need you precious CPU performance for? Do you even use your PC? You know, if you turn it off and lock it in a safe, it won't use CPU at all.
Comment has been collapsed.
As I said just because there's CPU power that can be used doesn't mean it has to be. Sometimes I do difficult computations, or compile stuff, all those things are considerably faster with more CPU. Also if there's any Linux antivir that does anything besides filtering Windows viruses, please tell me.
Comment has been collapsed.
There can't be noticeable difference between performance at 99.9% and 94.9%.
Comment has been collapsed.
Actually yes, there is. UI responsibility suffers. But again it's not necessarily about needing those resources or not but about the fact that a freaking antivirus software uses more than five times as much CPU than a complete operating system. I have a pretty good insight in what an OS actually does, and let me tell you; it's an awful lot.
Comment has been collapsed.
So, you're running difficult calculations and want as much CPU power for it as possible, yet you're meddling with UI at the same moment...
If it's not about needing those resources then you're just complaining for the sake of complaining? If one antivirus is poorly coded try another one, otherwise you're just asking to get into crazyese's flock.
Comment has been collapsed.
The necessity is debatable, as we can all see here.
And 5% is 5%, no matter how much you try to turn it around. There's no reason to use 5% on a background agent, and yes, 5% can also mean the system gets sluggish.
You know, you might also be running around in bulletproof clothing all day, or a hazmat. But you won't, because it's inconventient.
Comment has been collapsed.
I use to get viruses a lot, i also use to never have a virus scanner on my computer. I also use to run a firewall, firewalls are overrated and only help protect against things going out, not things going in or at least in my experince. The best way to avoid getting a virus is knowing where you download/ what you download and using adblock. Problem solved
Comment has been collapsed.
Firewalls block incoming attacks but not specific files. it is for incoming connections and such. antivirus blocks specific files and such, they work together better than apart.
Comment has been collapsed.
Umm.. Most software firewalls block incoming traffic, bud. Comodo was one of the first ones to block outgoing data as well, which is why it has enjoyed mass popularity among power users / network savvy people for ages, since it came out. And firewalls have nothing to do with defense against viruses or malware.
And AdBlock has nothing whatsoever to do with malware protection. It blocks ads, and maybe some tracking. Nothing to do with viruses or other malware. Also, please google "1 pixel malware" and "drive-by downloads". And while you're at it, try "XSS exploit" or "attack". You're not even close to secure.
If you're not informed about these things, don't act authoritative.
Comment has been collapsed.
My aunt's computer was infected though, about 9 years ago. Nimda, I believe it was. Nasty little worm. Its effects were obvious... huge system slowdown, random .eml files popping up everywhere, etc. At the time, I also had some netbios shares open on her computer, and a lot of my own personal files (only on her computer though) were infected, so I had to copy them over to my computer, disinfect them all, and close the netbios share.
In the end, my computer was never infected and I had to reformat her hard drive and reinstall her operating system from scratch.
I even store some viruses for research purposes, out in the open, without any protection on them. Still haven't been infected by any of them.
Gotta love it when people think they know better than you, eh?
Comment has been collapsed.
For me it's not about being lucky. I've been working in IT for over 15 years, and have been wearing various colored hats for even longer. It's pretty damn easy to not get infected if you have even the most basic clue how to avoid it. The problem is, the vast majority of people out there are drooling morons.
Don't equate using a computer without AV/firewall to smoking. That's a completely inaccurate analogy. Smoking is like clicking on every single link in every single email you get after signing up for every single mailing list on every single website. They're both such high risk choices that you're almost begging for it.
Comment has been collapsed.
Your employers should check your qualifications. No self-respecting IT professional would work without any kind of protection. And unless you use SRP or AppLocker, you are being lucky.
Comment has been collapsed.
Guess you've never heard of SQL injection, XSS attacks / exploits, drive-by downloads, 1-pixel malware, DNS spoofing attacks, DNS amplification, ARP poisoning, man-in-the-middle attacks, or idle-detection trojans. Such great IT knowledge. Yeah, you're naive, uninformed, and insecure as fuck, and I wouldn't hire you to support my office workers with their spreadsheet apps.
All real nerds I've worked with over the years in the network management departements of ISPs, for example, use an in/outbound software firewall such as Comodo and a decent anti-virus program like AVG, Comodo, or Bitdefender aa a bare minimum for their home PCs;- usually they'll even have far more complex and nerdy stuff like a dedicated hardware firewall running right behind their routers, or in some cases even running without a router functioning as a modem, using the firewall with a PCI modem card dealing with setting up their PPPoA for their DSL line as a modem, and chucking their router behind that.
Comment has been collapsed.
Nonsense. All this relies on two things: first, someone to open up a security hole for you to exploit (as you say - "you just have to do one wrong move"; which would already mean they're mindless fodder anyway), then them to not configure their firewall correctly. You don't have to allow all behaviour of your browser in your firewall, you know? Set up right, your precious script kiddie tools wouldn't allow you to run anything malicious through my browser, at all, not even some typical DNS amplification attack. Especially if I'm running it through a sandbox (of which you'd need to know what sandbox I am running to try and exploit your way out of that), and run my traffic through a packet filter / traffic analyser before it comes in or goes out.
Also, it seems you've never heard of "DDoS mitigation". There's more you can do against being DDoSed than having more bandwidth than the attack is using available on your pipe.
And out of pure curiosity - "0-day exploits from over 2 years are still working today"? Name me one or two, please. And tell me how the behaviour of these exploits would fly by a good antivirus program that has heuristic detection set up high, as usually these types of exploit rely on a DLL hook, injection or some such coming off a separate process / an outright malicious file.
The problem isn't the software - it's the users.. But you already know that ;)
Comment has been collapsed.
1,090 Comments - Last post 19 minutes ago by Gamy7
18 Comments - Last post 1 hour ago by Nocolicious
251 Comments - Last post 1 hour ago by pb1
21 Comments - Last post 3 hours ago by andreeeeeww
23 Comments - Last post 4 hours ago by Julia92
41 Comments - Last post 8 hours ago by bat0
15,452 Comments - Last post 10 hours ago by fejj122
0 Comments - Created 5 minutes ago by Lugum
10,397 Comments - Last post 5 minutes ago by JMM72
69 Comments - Last post 14 minutes ago by JMM72
71 Comments - Last post 15 minutes ago by JMM72
2,403 Comments - Last post 16 minutes ago by JMM72
911 Comments - Last post 29 minutes ago by philipdick
97 Comments - Last post 46 minutes ago by Gawrazan
I remember back in July when Nexus (Skyrim, Fallout and other games Mods website) went down because of DDoS attacks. Then the admin made this post and wrote some interesting things that I want to share with you guys.
This is the original post: http://www.nexusmods.com/skyrim/news/12099/
TL;DR - install a firewall and anti-virus in your PC. Spread the word.
[quote]
There's not much you can do on your end to fix this exact problem. There is, however, something you can do to help the general DDoS plague and that's to not be one of the millions of dolts out there browsing the internet without an anti-virus and firewall running as a bare minimum. Botnets form because "hackers" have gained access to insecure systems. The more insecure systems they control, the more powerful their botnet becomes. Typically gamers are more clued in than most in this regard, but still, I know some of you will be reading this without any anti-virus installed on your PC and to you I'll simply say this; you are a part of the problem. You're not the problem, but you're a part of it in the same way you're a part of the problem during an epidemic if you sneeze without covering your mouth with your hand or don't wash your hands after going to the toilet. You're in that group of people. You aren't the virus but you help to spread it through your lack of action. So get on to fixing it if you haven't already, or at least please don't complain to me about the sites being down if you're in that group.
[/quote]
Comment has been collapsed.