Zonealarm

[joe]

From home I go online with China Telecom ADSL. I've had it for about a month. In that time Zone Alarm has recorded thirty-five thousand instrusion attempts! It says 1456 of those attempts have been "high-rated". In the first two days it was recording one to three intrusion attempts every minute and a high-rated intrusion every five minutes. Anyone else get this kind of activity?

For those interested I use AVG, Avast, SpyBot, Ad-Aware, ewido and HijackThis. And Zone Alarm.

[George61]

Yeah, I've got 780 highly rateds out of 2750 intrusions

[Raoul Duke]

I use Ad-Aware and tend to get vast numbers of adware and other intrusions. I'm also on China m'kayin' Telecom ADSL.

Links to some of the packages Joe refers to are in our Links page and aer highly recommended!

[Non-Dave]

I've got yhe same kind of figures as you Joe. Similar contraceptive programs too. I still worry though...

[Raoul Duke]

Thanks, Joe. ZoneAlarm is excellent and doesn't seem to interfere with using the forum.

I've revamped the Links to take y'all to a site that his ALL the good protection utilities, including ZoneAlarm and much more...

[George61]

Since I've switched to Firefox, and threatened Babe with death if she uses IE, I have had less attempts to infiltrate. I have Adaware on the other computer but don't seem to need it with Firefox.

[joe]

Zone Alarm is Zone Alarm. Like ND I still worry.

Originally it was because the IT punks were too curious. When my Fastmail recorded three failed login attempts after business hours, after I had left the office, I figured I'd better make some kind of stand. ZA recorded three serious intrusions after that, and then nothing for five months. Working! Plus the IT staff has changed at least two times since then.

Online it's different. The sheer number of intrusion attempts means it must be automated worms, and the fall off in serious attempts means worms work for people with short enough attention spans.

I genuinely hate this crap. I really want my computer to be lean. I worked late into each night for a week to rid my computer of YOK, a Chinese asshole ad service, and two trojans that came down with the latest English language QQ. The only tools to my rescue were Hijack This and babelfish.altavista.com translations of Chinese language bulletin boards much like this one.

[LJ]

That's nothing I've got 38,000 high rated , Over last time zone was installed but my PC is on 24/7. I'm on China Netcom. I use firefox.

[Non-Dave]

Is it possible to get QQ in English without an army of nasties attached (and I don't mean the users)?

[joe]

This installation of QQ is the only one that's brought any trouble. That friggen YOK was starting up IE every five minutes to deliver some dumbass advertisement for something that I shut down as soon as I saw it. After this happening three times I instructed Zone Alarm to refuse IE internet access (I use Firefox). The sticky thing about YOK is it is Chinese -- it doesn't show up on the English language radar, and doesn't have a response in the usual malware programs.

Instructive lesson ahead: there's this dvd player called Cliprex. It comes bundled with three very well known adware programs, but it's free and it does something to the, I guess, codec set on a windows computer that allows Windows media player to play dvds through a dvd drive. Normally, as far as I know, you pay money to get a software dvd player. So I install a lot of anti-malware programs, install cliprex, chop out all the adware, leave the whatever Cliprex leaves, and have an easy to use software dvd player -- and at all friggen times make sure the computer is not connected to the internet!

You can get the latest English language QQ, but you also need to start messing around with anti-malware programs, like ewido, SpyBot and Ad-Aware, and... and this is the important thing..., get ready to look for clues coming out of the anti-malware programs that you can search through google AND translate through babelfish. YOK has this little bastard thing that bypasses HiJackThis and it was only some Chinese language board that showed the answer.

For your information, coming out of a babelfish translation, "hobby horse" is a bad thing.

[con's fly is open]

LJ! What up?

[Kurochan]

Yikes! I don't get many messages like that! I use Kaspersky, and like once a week I get something, especially when I'm on a MSN-affiliated site. Does that mean maybe a lot of stuff is getting to my computer? To be honest, I'm piggybacking on an unsecured wireless network called Linksys.

[motis]

You can improve your machine's security quite a bit by customizing the HOSTS file. In Windows 2000, this file can be found in C:\WINNT\System32\drivers\etc. Open it in a text editor (like Notepad or Wordpad) and add lines like this one:

127.0.0.1 ads.nytimes.com

What this does is to tell your computer that the domain "ads.nytimes.com" (which in this case is where advertisements for the New York Times online are served from) resides at the IP address 127.0.0.1. It will block these ads completely, because 127.0.0.1 is the IP address that every computer uses to refer to itself. When ads.nytimes.com tries to pop an ad up on your screen, your computer will not only block the ad from being shown, it will prevent it from ever entering your computer in the first place, because the domain it is coming from has been explicitly defined as being hosted on your local machine. This is useful for not just blocking ads, but blocking content from any known harmful source.

Linux users also have a hosts file which they can use in this manner, located in the /etc directory.

It's also good to lock your HOSTS file once you've modified it. You can do this by hand if you're an old DOSasaur who likes to type in commands, but it isn't hard to make a script to lock and unlock the HOSTS file with a simple double-click of the mouse. You can find some ready-made customized HOSTS files, with locker/unlocker scripts, by searching Google. Please be advised, however, that some of your favorite sites on the Internet rely on advertising to pay their hosting bills, and that the popularity of ad blocking is killing a lot of very good sites whose ads are only annoying because, well, they're ADVERTISEMENTS (and let us take note of the fact that this very site has Google AdSense ads at the top of every page... I want Raoul to get paid for those, don't you?). I suggest that you allow innocuous ads to be displayed, and only block stuff like popups, popunders, and code that is nasty and tries to install adware/spyware on your computer, or otherwise tries to get into things it shouldn't be messing with.

You can also install a plugin to Firefox called Adblock, which will allow you to block ads directly in the browser. This isn't nearly as effective as a modified HOSTS file, because the ad code is still downloaded, it just isn't displayed in the browser. Adblock, however, does have the advantage of allowing you to "whitelist" pages and sites... in other words, you can explicitly allow the ads here in the ESL Saloon to be displayed while blocking the same ads if they are displayed on some other non-groovy site elsewhere. Check addons.mozilla.org/extensions/moreinfo.php?id=10 for more information on the Adblock plugin for Firefox/Mozilla browsers.

There are also some similar options for Internet Explorer, but if you're using Internet Explorer instead of Firefox or Mozilla or Opera or some other more secure browser that is compliant with the standards set by the Internet community, then you're stupid and your IT department dresses you funny and I don't want to help you.

www.getfirefox.com

[Loops]

I am very satisfied with aShampoo Antispyware and CCleaner.

Here are the links:

www.ccleaner.com/

www.ashampoo.com/frontend/products/php/product.php?session_langid=2&idstring=0049

I used to have Panda for my anti virus...but it expired...I have to renew my subscription...

www.pandasecurity.com

[Mr Nobody]

I have no problems, but I just use nortons. Downloaded 2006 version the other day, now have about 5 years of subscription for free. tra la la.

[Loops]

Hey Nobby,

I just wanted to let you know that Symantec/Norton utilities are POOOOO!

They screw up your file system, and are generally not good at blocking/cleaning everything, plus I don't like stuff that's bundled with your computer when you buy it.

My verdict: Norton/Symantec products---> El Crapola.

[Mr Nobody]

Loopy:

Other stuff seems to suck too. I use 3 'antivirii' programs, and multiple firewalls. Most of this seems unneccessary or useless. I have had no problems with symantic stuff. I have been using it for a very long time, at least ten years, although some years are better than others. Free stuff, on the other hand, is usually worth every penny you pay for it, and no more. I tend to try stuff, see what happens, ditch it.

I don't have any problems. Almost no adware, spyware or malware, no trojan attacks, and no real viruses for a long long time. And I download stuff every day. If I get one, I get rid of it as I go.

I have had no problems with my file systems, either.

[Loops]

You're one of the lucky ones...my buddy's comp kicked the bucket because of Norton...

Try those I listed a couple of posts ago...those are great
especially CCleaner<----very useful...

[Mr Nobody]

If you don't know how to use Ghost, it can be a nightmare. I didn't/don't, stuffed up bigtime, and I had a hard time rescuing my computer. Luckily, I know how to do that. In fact, I built the damn thing myself.

I dropped Ghost like a hot potato until i learn how to use it, if I ever bother.

I'll try the ones you mentioned. I got rid of everything of the computer, lets see if they find more.

[George61]

What is Ghost?/ I know I'm dumb.

[Mr Nobody]

Norton's Ghost. It is sort of a backup program but it did weird things when I tried to use it, no doubt due to my ignorance. It was hard to get the computer to work again after I stuffed up. Supposed to be very good, but I didn't like the extra work when I stuffed up. I tend to like Fule-prufe ^(tm) programs. For a better rundown, get someone who uses it to tell you.

I tried the CCleaner or whatever the name is, it seems good. Didn't find any new malware, but cleaned up a lot of registry junk, and a lot of cookies - unfortunately, I didn't check them all out, and now I had to sign in again on this thing.

It also said some things were not valid extensions such as .PART files used by some programs to download. I let it take them out, see what happens. I am a bit concerned about that. Doesn't matter, can reinstall.

Also, it was able to take out a bit of software that has been bothering me for some time, a chinese language thingy for nero, that has been a pain in the butt and un-uninstallable. I hope that didnt' stuff up nero for me, but I can just reinstall nero.