Jump to content


Photo

general security concern


  • Please log in to reply
3 replies to this topic

#1 moe_08

moe_08

    Member

  • Full Member
  • Pip
  • 2 posts

Posted 25 November 2007 - 02:51 PM

hi

let me start off by admitting that i am completely and utterly ignorant when it comes to computer tech (i only use it for minimal purposes).. that being said, i have a couple of security concerns i would appreciate if any one give me some feedback on them...

i ve just bought a new computer.. after i installed the OS (win xp home sp2) i immediately installed kaspersky internet security 7.0... and then i had to update it so i connected to the Internet and KIS updates takes foreverand my connection was slow also.. so the computer was connected to the Internet for a very long time was no protection (or obsolete protection as KIS was updating)....

1- what are the security risks of connecting to the Internet BUT not doing any browsing or downloading except the KIS update definition files downloads...?

2- what are the security risks if i connect to the Internet (ie hook the ethernet ADSL cable coming from a router and have no antivirus suite installed.. but DONT DO ANY BROWSING or DOWNLOADING..... i had to connect to the Internet before i installed KIS so as to activate my OS from Microsoft?


also windows not updated until KIS finished (after a long time) then i ran windows update which took even LONGER time


N.B. i have been attacked before on a different computer but on the same network by an ip from china (i dont know the type but i think its the one that over traffic the Internet?!?)but KIS blocked it.. so i am concerned that this guy who might know my ip address, attack the new computer during the time where KIS was updating.. esp when the attack hit when i opened an email (spam) that had the subject of my financial advisor company name..


i will be using this computer to access sensitive financial online data.. and i am PARANOID about my safety and security online esp of the issues mentioned above.....
currently
i have windows updated ........KIS 7 running and updated with firewall to max... and that’s it…
before i start using it for sensitive online action.. i need to feel more protected.. i am still concerned about keyloggers, rootkit virus, trojans,...etc...


3-how to 100 % check that the computer was not infected by anything of anytype during the updates download?

4-how to add more protection for the future?

i am actually considering to write zeros to the WD 160 hard drive.. is that reasonable

please any feedback is immensely appreciated
thanks

#2 Budfred

Budfred

    Malware Hound

  • Administrators
  • PipPipPipPipPip
  • 21,537 posts

Posted 25 November 2007 - 06:01 PM

Chances of getting infected while updating KIS and activating Windows is quite small... Especially if you had the KIS firewall running while updating... Firewalls don't really get outdated like antiviruses do...

I don't know what the WD160 is, so I don't know if there is a good reason to wipe it...

The IP that attacked you previously was probably searching for vulnerable computers all over the web and there are always criminals out there doing that all of the time... They usually have botnets of hundreds or thousands of computers, so they don't really keep track of any one computer... That makes it very unlikely that you will be attacked by that precise criminal in a moment of vulnerability, but it is quite possible that it will try again and again as it searches for vulnerabilities everywhere...

If you limit your exposure with this computer to known safe sites and keep a suite of protection programs running, it is fairly likely you will be safe... However, the only way to make sure a computer never gets infected is to wipe the drive(s) clean to DoD standards, never connect it to the web, never plug it in and bury it in several tons of concrete, preferably along with a pile of radioactive material... Since that would be impractical on a number of levels, the main thing is to follow the advice in the "So how did I get infected in the first place?" article and keep protection programs up to date... That includes Windows, so if you haven't already installed all of the Windows security updates, that would be the next important thing to do...
Budfred

Helpful link: SpywareBlaster...

MS MVP 2006 and ASAP Member since 2004

Please read the Instructions for posting requested logs and the article "So how did I get infected in the first place?"

#3 moe_08

moe_08

    Member

  • Full Member
  • Pip
  • 2 posts

Posted 26 November 2007 - 03:58 AM

thanks for your reply

i just realized that during the time i was updating kasper and windows (again it took a long time to update mean while the system was with no/obsolete protection)... another computer on the lan had a trojan virus in it.... what are the risks on my computer...

please note that i dont understand the mechanics of LAN,..etc.. all i know is that this other computer (the infected one) has an ethernet cable from the cpu to a d-link device that has multipe sockets for ethernet cable (where i plug my ethernet cable from new computer to it) and then there is another cable that goes from the d-link device to the router which is connected to my regular phone line....

and when i first ran KIS it said it detected a network connection and asked what to do i choose "internet in stealth mode"


i think it look like this

infected pc ---> d link switcher -----> router ---> splitter---> my regular phone line
my pc ---------> d link switcher -----> router ---> splitter---> my regular phone line

WHAT TO DO NOW?????????

i did a full scan ny KIS and it was clean



2- i meant to make sure 100 % that nothing got in during the updates, esp when i connected to activate windows before downloading kasper..

3- if you were in my shoes...
ie
-connected to the internet to activate windows and there was nothing running but windows firewall and other pc on the network had a trojan in it
- spent a LONG time updating KIS 7 before windows updates
- have a win xp sp2 home edition, KIS 7 ONLY

what would you do to use this system for online sensitive financial data access with a peacful mind? apart from things concerning browsing and downloading behaviour..

thanks

#4 Budfred

Budfred

    Malware Hound

  • Administrators
  • PipPipPipPipPip
  • 21,537 posts

Posted 26 November 2007 - 06:36 AM

Unless you had enabled file sharing between the computers, I don't believe an infected computer would be able to infect another in your LAN... That said, it is a good idea to disconnect other computer in a small home network as you set up the one you are focused on... If you had already installed KIS and it has a firewall, you probably had the KIS firewall active while you were doing all of this... Even if you didn't, it is unlikely that anything got through the Windows firewall since it does protect against incoming attacks... I would probably feel safe to proceed, but if I wasn't sure, I would probably run some of the tools in our FAQ and confirm... You have run an antivirus, so it would be a matter of running an antispyware program like Windows Defender or AVG Anti-Spyware to check for other types of malware...

Ultimately, it is up to you... If you don't feel secure, you could certainly wipe and reload... If you do, isolate this computer from your network and set it up in isolation... Make sure you have at least firewall protection before going online and see if you can download the updates for KIS and Windows before you install so that you can add them offline... I know you can get the Windows Updates that way, but I don't use KIS so I can't tell you if they are also available... I probably wouldn't bother with it at this point, but you need to feel reasonably safe, so you decide...
Budfred

Helpful link: SpywareBlaster...

MS MVP 2006 and ASAP Member since 2004

Please read the Instructions for posting requested logs and the article "So how did I get infected in the first place?"




Member of UNITE
Support SpywareInfo Forum - click the button