win32.pinfi`
in [Anti-Virus]
|
From: Leythos on 30 Nov 2009 13:49 In article <S4udnVqQsprIQo7WnZ2dnUVZ8tSdnZ2d(a)brightview.co.uk>, not(a)home.today says... > I think that just about covers the current range of possibilities for > browsers. Other than that, the user would have to deliberately run an > executable. > Yep, but as I mentioned, I didn't click on anything, it was a browser redirect and nothing was downloaded/clicked. -- You can't trust your best friends, your five senses, only the little voice inside you that most civilians don't even hear -- Listen to that. Trust yourself. spam999free(a)rrohio.com (remove 999 for proper email address)
From: FromTheRafters on 30 Nov 2009 14:02 "Leythos" <spam999free(a)rrohio.com> wrote in message news:MPG.257ddd32a84dfb6b989fe6(a)us.news.astraweb.com... > In article <hf0j4h$pt5$1(a)news.eternal-september.org>, > erratic(a)nomail.afraid.org says... >> > In this case there was no manual anything, as soon as the page >> > started >> > to load the tattle-tale DOS box appeared and then closed, doing >> > this >> > several times in a few seconds - as each new malware was loaded. >> >> Why do you run this special isolated machine as admin? >> > > Because it's used for specific functions and the machine is setup for > access to sites that MIGHT compromise it. > > You guys seem to miss that this is a sacrificial machine, just for > downloads on the net. No, I got that part. What you seem to miss is that offering up your sacrifice of computing power to possible nefarious activities affects us and not just you.
From: FromTheRafters on 30 Nov 2009 14:35 "ASCII" <me(a)privacy.net> wrote in message news:4b1608d8.1655765(a)EBCDIC... > FromTheRafters wrote: >>"tommy" <tommylee9_2000(a)removeyahoo.dropcom> wrote in message >>news:hf0pff$42s$1(a)news.eternal-september.org... >> >>>> Sometimes the user's choice of client only changes the website's >>>> choice of exploit(s). >>> >>> So scripts aren't the only way to infect somebody's pc from a >>> website. >>> Got any cool links for that type of thing? >> >>http://eval.symantec.com/mktginfo/enterprise/white_papers/b-whitepaper_web_based_attacks_03-2009.en-us.pdf >> > > That link merely describes the theoretical nature of browsing dangers. > affecting grossly under-protected systems or extremely careless users. I assumed the poster only wanted information. The fact is that the browser itself acts as a window for other programs that also consume data from a webpage, so even if the browser itself isn't attacked (or abused in the case of scripting or media extensions) it still participates in the attack vector. Exploits on webpages aren't entirely limited to scripting exploits - although that is probably the lion's share. > I wonder if there's any real danger out there to a hardened system? > I'm still waiting on someone to put up a link that my system can't > handle. Probably not, but there's always new stuff coming all the time. I used to be able to send a metarefresh to the con/con bug in an e-mail, just because that is no longer possible does not mean something else like it won't be possible in the future. Even security programs (parsing the HTML prior to the browser getting it) could conceivably be attacked if they mishandle the data. I always had scripting disabled in earlier Windows versions (I considered scripting to be extending programming rights on my machine to unknown parties), now I just take my chances with the timeliness of patches for zero-day exploits.
From: Leythos on 30 Nov 2009 14:49 In article <hf14rt$ta4$1(a)news.eternal-september.org>, erratic(a)nomail.afraid.org says... > > "Leythos" <spam999free(a)rrohio.com> wrote in message > news:MPG.257ddd32a84dfb6b989fe6(a)us.news.astraweb.com... > > In article <hf0j4h$pt5$1(a)news.eternal-september.org>, > > erratic(a)nomail.afraid.org says... > >> > In this case there was no manual anything, as soon as the page > >> > started > >> > to load the tattle-tale DOS box appeared and then closed, doing > >> > this > >> > several times in a few seconds - as each new malware was loaded. > >> > >> Why do you run this special isolated machine as admin? > >> > > > > Because it's used for specific functions and the machine is setup for > > access to sites that MIGHT compromise it. > > > > You guys seem to miss that this is a sacrificial machine, just for > > downloads on the net. > > No, I got that part. > > What you seem to miss is that offering up your sacrifice of computing > power to possible nefarious activities affects us and not just you. Then you did miss the information in the description - there was NO OFFERING and it WASN'T ONLINE FOR MORE THAN 10 SECONDS once compromised. Sheesh, are you trying to be confrontational or what? -- You can't trust your best friends, your five senses, only the little voice inside you that most civilians don't even hear -- Listen to that. Trust yourself. spam999free(a)rrohio.com (remove 999 for proper email address)
From: FromTheRafters on 30 Nov 2009 15:01
"Leythos" <spam999free(a)rrohio.com> wrote in message news:MPG.257debc8ac9b425989fe9(a)us.news.astraweb.com... > In article <hf14rt$ta4$1(a)news.eternal-september.org>, > erratic(a)nomail.afraid.org says... >> >> "Leythos" <spam999free(a)rrohio.com> wrote in message >> news:MPG.257ddd32a84dfb6b989fe6(a)us.news.astraweb.com... >> > In article <hf0j4h$pt5$1(a)news.eternal-september.org>, >> > erratic(a)nomail.afraid.org says... >> >> > In this case there was no manual anything, as soon as the page >> >> > started >> >> > to load the tattle-tale DOS box appeared and then closed, doing >> >> > this >> >> > several times in a few seconds - as each new malware was loaded. >> >> >> >> Why do you run this special isolated machine as admin? >> >> >> > >> > Because it's used for specific functions and the machine is setup >> > for >> > access to sites that MIGHT compromise it. >> > >> > You guys seem to miss that this is a sacrificial machine, just for >> > downloads on the net. >> >> No, I got that part. >> >> What you seem to miss is that offering up your sacrifice of computing >> power to possible nefarious activities affects us and not just you. > > Then you did miss the information in the description - there was NO > OFFERING and it WASN'T ONLINE FOR MORE THAN 10 SECONDS once > compromised. > > Sheesh, are you trying to be confrontational or what? Sorry, I must have misunderstood your reasoning for running the subject computer in such a pants down bent over state on the internet. |