Attention! You do not need antivirus!

[Fark_Maniac]

uh yea, there's actually a pretty simple solution to not getting viruses in ie/windows...

run WindowsUpdate once a week. It takes 10 seconds out of your life to fricken check if there are updates.

I got an even simpler one. Set your machine to automagically grab updates on a daily basis...you don't have to do anything! A periodic check to windows update will get the non-critical updates.

 

[t_andrews]

I run a firewall behind a dedicated linux router /w NAT and have never had a problem with nasty trojans or worms getting in. I once took it off before I formatted to see how long it took to get infected and BAM!! blaster within like 10 seconds. As for AV I have not run it at all since 98 and have never have any problems since. I never download anything that I am not 100% sure what it is and despise P2P and do not open attachments even from people I know (I even block messages that are over 88k anyways) unless they told me that they were sending (or I was expecting) an attachment even then I dont mindlessly click the lnik or download the file but "sanity check" the file name to see if it looks suspicious.

Bottom line the firewall (properly configured) is pretty much a must and AV is optional depending upon your situation/paranioa level. Be suspicious, be active, be knowedgeable...

I also run firefox in general, IE only when sites require it and Lynx over VNC when it gets really dangerous...

from your description though IMO it seems like your roomate should be running AV...

-t_andrews

 

[brom42]

I think that everyone should be behind a proper firewall and make sure that it configured properly. I don't run AV at home on any machines except for my e-mail server. That single place has saved me I don't know how many times from the messages even reaching me.

Whenever my computer leaves the house to go to a LAN party or something that it will be connected to someone elses network, I will put an AV on it before I let it connect to the network.

To use the sex analogy, you don't need to wear a condom when you're with the wife; but when you are going to the whore house, you better wear some protection.

 

[oldpablo]

MY machine...
MY money...
MY DSL connection..
MY network equipment...
MY decision.....

End of discussion.

You don't have to wear your seatbelt
You don't have to wear a condom
You don't have to wear a helmet on a motorcycle
You don't have to have a designated driver when you're under the influence
You dont have to be smart.

Life throws enough crap at you that you really don't need to increase your chances of accidents or mistakes. I mean you're gonna have 'em anyway, but to not try to minimize them kind of says "Look at me Ma, no brains!" BEWARE, you have been added to Fate's official list...

 

[Rogue4mula]

exactly... these guys that don't run AV ro firewall software think they're cool rebels that are "just too damn good" to use em.. kinda like the guy that's such a good driver that he doesn't need a seatbelt...

 

[soyodragon]

His ignorance will be the death of him. People like this vote for Bush.

 

[pigster]

uh yea, there's actually a pretty simple solution to not getting viruses in ie/windows....

Yeah, there is - don't use an admin account, login with a user account.

 

[oldpablo]

. Class, focus on your Security 101 teacher. Security comes in layers. There is no foolproof system. The more layers the better. How many layers depends on how exposed you are. For even just standard browsing, you should have at least three minimum layers:

1. User training on how not to be stupid
2. AV
3. Firewall

 

[Blue Fox]

No AV here...never had a virus either. I only run ZA...

 

[GaleForce]

Put a virus on his computer. Then when it fucks shit up tell him you told him so.

 

[Loneregister]

heh- send him a nimda or some other mail virus.

See how long his belief stands then.

No seriously - it's his problem. If you have antivirus and a firewall from him, you should be ok. If you want to be really paranoid, put yourself on a cable/dsl router and leave him naked on the other side.

 

[jimnms]

No AV here...never had a virus either. I only run ZA...

If you don't have AV, how do you know you don't have a virus?

 

[DR_K13]

If you don't have AV, how do you know you don't have a virus?

true that. I find so many at work on rigs that seem ok.

ie:

 

[Blue Fox]

If you don't have AV, how do you know you don't have a virus?

I don't download things on this pc, I also don't store email on it, and I am the only user on it. I keep the pc updated too...I don't know how a virus could get onto the pc without the user allowing it to happen. I do occasionally run the TrendMicro HouseCall though and I have never come up with anything...

 

[nicks0r]

all i run all the time is sygate, other than that random scans with adaware/spybot/a2 and a housecall here and there and im straight

haven't had a virus for years

(knock on wood)

 

[Cheech]

I don't download things on this pc, I also don't store email on it, and I am the only user on it. I keep the pc updated too...I don't know how a virus could get onto the pc without the user allowing it to happen. I do occasionally run the TrendMicro HouseCall though and I have never come up with anything...

If you don't know how you can get a virus being connected to the network, you have some serious issues.

Almost all the non mass mailing viruses are network aware. Do you seriously think that a virus is going to pop up and ask to be installed? Please.

 

[DR_K13]

the new generation of viruses do not need an exe. type of file to install. I wrote a virus and embedded it in a pictute ( bitmap ) of a kitten. dont worry Its still on a foppy disc, i just wanted to see if I could do it.

 

[Wolf-R1]

Wow, some of you guys should really just not say things like this in a security forum.

<snip>

The bottom line is, use some sort of AV and firewall. Even if the firewall is just in your DSL/Cable router or even if your AV is something small and free like Antivir. At least use something...because if you don't, you have no one to blame but yourself if something bad happens.

Fact is 90% of your security problems will come from the inside of your network by the idiots who don't run AV software on their machines. All it takes is one virus and an entire network can be brought to its knees.

Furthermore, you don't need open shares to be vulerable. All you need is a vulnerable piece of Windows listening and you can get hit. Many worm viruses these days are hybrids in which they hijack email and attempt to connect via direct connect as well.

fine by me, the more people out there NOT using virus software or firewalls will keep the script kiddies away from me, they want easy targets

oh, and to the person that said IE is better (more secure) than mozilla/firefox, your just ignorant

I agree 100%. As long as these people are out there then I won't have to worry too much. But I'll still run AV and an external firewall. I wouldn't run a software firewall to save my life...those things suck the life out of your system. Get a hardware firewall.

 

[Wolf-R1]

I don't download things on this pc, I also don't store email on it, and I am the only user on it. I keep the pc updated too...I don't know how a virus could get onto the pc without the user allowing it to happen. I do occasionally run the TrendMicro HouseCall though and I have never come up with anything...

I bet you're the type too that doesn't use jimmy hats until after it burns, right?

All you need to get infected is to be connected.
(Hey I'm a poet)

I don't know how a virus could get onto the pc without the user allowing it to happen.

This part especially cracks me up. I hope none of you are aspiring network techs or admins. I fear for the world if that were to happen.

 

[Wolf-R1]

the new generation of viruses do not need an exe. type of file to install. I wrote a virus and embedded it in a pictute ( bitmap ) of a kitten. dont worry Its still on a foppy disc, i just wanted to see if I could do it.

Oh yeah...this is possible too and what's this? Oops...M$ just announced fixes to over 20 security flaws that get fixed with 10 patches. How nice. Wonder how long they were sitting on these flaws before they decided to fix them?

 

[Direwolf20]

The ignorance dancing around in this thread is astounding.

"I don't download stuff on this computer, and theres no way a virus can get on without the user knowing." - Blaster

"I have a firewall" - Nimda, or any one of the million mass mailing worms

"I get windows updates" - You realize windows updates come AFTER the exploit is found, right? Hence, you are vulnerable to a virus until microsoft releases its patch.

As a network admin, my brain is starting to feel squishy inside. Seriously guys, just get a freaking virus scanner. I've never had a virus on my rig either (10+ years of PC stuff), but that doesn't mean I don't have a virus scanner. You can get a free one in 5 minutes of effort.

My God you people are lazy. You don't even have to waste CPU cycles if thats your issue. Just schedule a nightly, or even WEEKLY virus scan to occur at like 5am, or some time when you are almost always sleeping. Yay, no more constant scanning.

MY BRAIN HURTS!

P.S. This thread came up about a month or two ago, and it was shot down back then too. Virus scanning may not be absolutely 100% needed for basic computer use, but its very worth doing. The risk of being a zombie PC that propegates this garbage is not worth taking.

 

[MightyMightyMe]

I worked at the Fry's over in Irving during CPL, when a group of about 20 CPLs came asking for where the Antivirus software was, i told them and asked what happened. (Apparently someone at the lan had been infected with Sasser *gasp* and all the unfirewalled unprotected PCs got jacked) I gave one of them a copy of stinger and the MS patch on their thumb drive and sent them off, I tried to explain that they had to disconnect from the network, run the tool, run the MS patch, turn the firewall on and then restart and plug back in. 45 minutes later about half of them are back complaining it didnt work, I asked them if they followed all the instructions I gave them, they said "yes, we'll except for installing that Microsoft patch and the firewall . One of the guys at the lan party says the patches make it run slower, and the firewall screws up your games. So i delted the patch" Then they asked me how they could get around it without installing a firewall or installed a microsoft patch. I told them they couldn't unless they wanted to go back to Windows 98. This of course is followed by them giving the "fuck this guy. he don't know shit" and walked away. Ignorance + Virus = hosed box.

PS: Side note found out later when I went up to CPL that the guy was trying to fix it by doing fresh install of windows (while still connected to the network, he also didnt want to install SP1 as well)

 

[Jeriko_Cherry]

Shoot, I even have Virex on my work computer... and it's a mac!

Recently my roommate got a virus and it took us weeks to fix everything that it screwed up. The second he told me I installed Zonealarm and Nortons. Since then, I've uninstalled Nortons and gone with AVG (nortons was a resource hog). It's just too easy these days to get a file that might be infected. Better safe than sorry, and you can always close the anti-virus when you game... it's not hard.

 

[warhead]

The ignorance dancing around in this thread is astounding.

I'm in total agreement. The laws of the market apply here. If there wasn't a need for AV software, then how/why do we have so many hours and dollars dedicated to stopping this problem. When Melissa hit (I love you), our mail server was down for 2 days, costing our company thousands of dollars in missed business, not to mention the 30+ hours of manually removing the messages in the database that I had to do. With the prevalence of criminal organizations designing viruses to infect unknowing users, and plant a trojan program to record accounts and passwords, this type of ignorance hurts us all. Be a better citizen. Be a better netizen, do your part and secure your part of the network. Once your hooked into the internet, you affect (or infect) us all.

As far as the 'it's bloated' and 'it's hogging cpu cycles' statements - hogwash. Once a file has been flagged as scanned, if you're using a properly configured AV program, it shouldn't scan it again unless the file is being changed. In this day and age of GHZ computers, and 10,000 RPM drives, this barely touches the resources on the machine.

 

[Thumper-OLD]

i don't use a firewall or any anti-virus.. i'm on a big Wireless lan set up behind a few routers/hubs/switches so not much gets through unless it rides along with a file.. i personally don't like norton firewall.. it doesn't like networks from what i've experianced so i don't use it.. and i haven't had a virus since i built this computer 2 years ago so i see no reason to get AV software, also norton likes to increase my startup time about 30 seconds.

If you don't have any AV software installed how do you know you have no virus?

 

[Cheech]

The ignorance dancing around in this thread is astounding.

"I don't download stuff on this computer, and theres no way a virus can get on without the user knowing." - Blaster

"I have a firewall" - Nimda, or any one of the million mass mailing worms

"I get windows updates" - You realize windows updates come AFTER the exploit is found, right? Hence, you are vulnerable to a virus until microsoft releases its patch.

As a network admin, my brain is starting to feel squishy inside. Seriously guys, just get a freaking virus scanner. I've never had a virus on my rig either (10+ years of PC stuff), but that doesn't mean I don't have a virus scanner. You can get a free one in 5 minutes of effort.

My God you people are lazy. You don't even have to waste CPU cycles if thats your issue. Just schedule a nightly, or even WEEKLY virus scan to occur at like 5am, or some time when you are almost always sleeping. Yay, no more constant scanning.

MY BRAIN HURTS!

P.S. This thread came up about a month or two ago, and it was shot down back then too. Virus scanning may not be absolutely 100% needed for basic computer use, but its very worth doing. The risk of being a zombie PC that propegates this garbage is not worth taking.

quoted for motherfucking truth. I am a desktop admin, and I cringe every time I read the virus logs from Symantec AV for our network.

I have to tell you, having real-time scan takes up a HELL of a lot less CPU cycles than some asshole in Russia putting spam through your machine. Think about that for a second.

 

[Zick]

As far as the 'it's bloated' and 'it's hogging cpu cycles' statements - hogwash. Once a file has been flagged as scanned, if you're using a properly configured AV program, it shouldn't scan it again unless the file is being changed. In this day and age of GHZ computers, and 10,000 RPM drives, this barely touches the resources on the machine.

I didn't read throught this entire thing so this could be a repost but this was listed a few threads down.

Shows a comparison of different AV and how they compare in performance.
http://hardforum.com/showthread.php?t=816969&highlight=antivirus+roundup

 

[chrisf6969]

In 12 years, I havent used virus scanners most of the time. Though I have ALWAYS used a firewall ever since I first got high speed internet.

In my early years I got several viri. (from not being careful) WordWazzu, and a few others... mostly from the damn PC lab at my college.

Then I went a very long time with no virus scanner. Besides free online virus scanner. However, I have manually caught a few things on my computer than installed themselves through IE exploit. etuna.exe, and a few others. BTW, FIREWALLS are what have helped me catch viri manually, and probably prevented me from getting infected worse. They try to access the internet, and the firewall will ask for permission, HERE'S THE IMPORTANT part. If its something new, search for the name ______.exe, (yahoo/google or norton's website). Dont just click Yes (or No) to everything!!! It will screw you eventually!

After that I realized I better get a virus scanner, b/c even being perfectly careful and not downloading/opening questionable attachments, etc... there are just too many exploits which require you to do absolutely nothing. I always keep my box up to date with patches, etc... but there have been vunerabilities left open with out patches for months at a time.

 

[Token User]

I travel a lot with my laptop.
At home, I have a nice secure, locked down hardware firewall, but STILL run McAfee on my laptop. I exchange files with clients frequently (large banking/financial institutions), and risking infecting them is not worth my job. I am yet to be infected.
My wife (a professor at a large public university) also runs McAfee, and is yet to be infected DESPITE being on a public university network for 14 hours a day.
We both have a soft firewall installed - hers is active all the time, mine is active when I travel, and attached to hotel networks, or client sites.
We also run AdAware and SpyBot on a weekly basis.

For anyone not taking precautions, dont bitch to anyone when you lose your pr0n collections, your downloaded MP3s, or Warez.

I work hard to keep my machine clean - if you (generic zombie PC owner) kept yours clean as well, half the battle would be over. We could then just go after the pricks that distribute this stuff maliciously.

 

[warhead]

Eductation is the first step.
http://www.icsalabs.com/html/communities/antivirus/index.shtml

Involvement and action in the process of building a safe and free internet follows.
http://www.cdt.org/privacy/

Be a better netizen.

 

[Seven]

To me, virus scanners are mostly for the incompetant and the paranoid. I won't say they are useless though, because most people should probably run them, and if it makes you feel more comfortable running one, go for it. However, I don't like them and I don't need them. If people would watch what the hell they download and where they download it from, there wouldn't be such a problem. I've only ever gotten one little half-assed virus, and that was courtesy of that piece of shit Internet Explorer. Remember the JPEG exploit thing? I got a virus from that a couple years ago, and they didn't fix it until a few months ago. I knew I got the virus immediately, so it was disposed of and I was due for a reformat anyway, so I did that as well. I use Firefox now, and even though I know it isn't without a few kinks and bugs itself, it certainly doesn't appear to have the major ones present in IE. All I do to stay clean of viruses is 1) be careful what I download, 2) be careful where I download things from, 3) use a more secure browser - Firefox, and 4) keep an eye on running processes. I run *zero* background processes, and only one process constantly in the tray (Asus utility for monitoring temps), so if noticed anything extra, I would know it didn't belong. Keeping up with Windows updates is also helpful.

As for firewalls, I think *everyone* needs one. I tend to think software firewalls suck, but if thats all one can get, its better than nothing. I sit behind a router with a hardware firewall, so I get no unwanted traffic. Even if you only have one PC, I think its better to buy a router than a software firewall.

 

[Xneff]

Well, here is my setup. I do not keep a virus scanner on my main PC. However, my bastion server, the DMZ on my network, does. I also use it to occasionaly scan the other systems in the house. I also, at least once a month download a trial version of norton and use it on my computer for a couple of days and then axe it.

 

[MrWoot]

It is better then that nutscrap/firefox crap, and there is nothing wrong with it, I have never had a problem with it, so, why would I change it out? Can you tell me it has cause you problems? Firefox is not as secure as most seem to think, either. As it gains popularity, there will be more probs with it. My friend is a linux/opensource guru, and he does not use it, tells me something...

and i bet you have never done a spyware check in your life

 

[Ice Czar]

and he is on my lan.

the operative word being my LAN
and since its your LAN and your administration responsibility
hack this jokers box and do it for him, allowing infection vectors inside your parameter isnt wise, an object lesson seems to be required

of course if its not your LAN, then legalities enter into it, or if its just a temporary LAN
http://hardforum.com/showthread.php?t=768776 < Lance Spitzner Interview (scroll down)
http://hardforum.com/showthread.php?t=815882&page=1&pp=20&highlight=rootkit < M11's post regarding a rootkit he found
http://www.knoppix-std.org/ < my latest security tools find

I agree he needs a good whompin with a clue by four and basic education might be more politic
to wit the above and a suprisingly comprehensive primer from Microsoft
The Antivirus Defense-in-Depth Guide

 

[Dr.Khron]

"I get windows updates" - You realize windows updates come AFTER the exploit is found, right? Hence, you are vulnerable to a virus until microsoft releases its patch.

True, but the vast majority of virus infections occur AFTER an MS patch has already been released. People don't even bother to update. I recently cleaned a neighbors computer, and they had a recent infection of the LoveSAN. Besides, the virus updates themselves are always 1-2 days behind... granted, thats much faster then MS patches the OS, but the fact remains that NOTHING can protect you from a brand new virus based on an unpublished exploit.

I'm not going to touch the topic of wether or not to install AV software on your game rig, becuase thats a highly personal choice. AV software is really only mandatory for the average user, and all users on group administered PCs (corporate or otherwise).

Lets face it, as important as AV software is, its the least important preventative availible. In my opinion, the most important to the least important:
1. Patch your OS. (windowsupdate)
2. Run anti-spyware (Spybot and/or AdAware).
3. Use a firewall. (perferably in your router/LAN server, use the MS software wall only if you've got nothing else)
4. Run AV software.

.

Full disclosure:
I use AV software on all of my PCs EXCEPT FOR my game rig. (but I do run Spybot, and my router has a firewall)
Than again, I also have a multi-drive set up with recent Ghosts, so in case of viral/spyware disaster I can blow out my system and replace it in less then ten minutes. The average user doesn't have this option.

 

[swatbat]

I can understand how some people say that they don't run av/firewalls and say they have never been hit but why take the chance. I work as a tech when I'm not in school and see people get nailed all the time for not having av. It's always funny seeing computers with 20 or 30 thousand virus on them. If you don't want to run firewall thats fine but I must say that av is something eveyone should run.

 

[aldamon]

I haven't run a resident AV for around 9 years, but use a hardware firewall, Web-based Email instead of Outlook, Spybot and Ad-aware, and I keep XP updated. I think I'll take a look at Antivir and Kapersky tonight just to see if something has latched on to my box. According to the review above, those two are the free and paid software leaders in detection rate. If they find nothing then off they go

 

[Ice Czar]

Lets face it, as important as AV software is, its the least important preventative availible. In my opinion, the most important to the least important:
1. Patch your OS. (windowsupdate)
2. Run anti-spyware (Spybot and/or AdAware).
3. Use a firewall. (Hardware NAT <build a Linux> and a rule Based firewall like Kerio)
4. Run AV software.
.

1. Properly Configure your computer (Scroll down to Rampant Paranoia 101)
2. Patch your OS. (windowsupdate) and Applications
3. Run anti-spyware (Spybot, AdAware, HijackThis, CWShredder SpywareGuard, BHODemon)
4. Use a firewall. (a Hardware NAT Firewall <Build a Linux> and a rule based software firewall like Kerio)
5. Run AV software, a Registry Monitor and a Filechecker (set it to watch changes to the security aps and critical systemfiles), consider a dual boot so you can conduct scans from a seperate clean OS, the first thing a successful infection will do is defeat the firewall and AV scanners, there is now a proof of concept worm that sleeps to avoid detection

and if you engage in risky behavior a dedicated Trojan Scanner and what Ive found to be of great use ProcessGuard its like a firewall for your kernel

excerpts from link in previous post

if you are ever the victim of a real brain behind the malware, its damn near impossible to detect a rootkit without matching up traffic patterns to activity
(read snort ect)
most anything signiture based or heuristic that would tip the hand is removed (if it was the original vector)

something to give us all pause

No kidding. I nearly lost my job over a rootkit. Heres the story:

I basically assume sysadminship at a technology consulting firm, and one of my first tasks was to renovate the stale and depriciated network of the company's #3 client. Well, I can't wipe the server and go from 2000>2003 yet, so I find myself getting the PCs on XP, redoing group policy, etc. Well, they continued having break-ins including loss of data, spam being relayed through their mailserver(checked the SMTP logs and found "Administrator" was sending it ). All sorts of general mayhem ensued there, and no one could figure out why. I was almost fired because I could not get the breaches under control.

It turns out that the previous tech guy had been running keygens from the server, and thats how a rootkit got installed. Had I not found the keygens in an obscure folder, it would have taken me even longer to figure it out. This was enough to warrant moving to 2003 immediately, as neither of the 2000 servers could be trusted (both tested positive for the rootkit).

So please folks, remember that rootkits remain one of the greatest evils of the networked age. You don't know the computing practices of everyone on the machine, and thus assumptions anymore are hard to make.

for advanced Brownie Points employ SNORT as an IDS (Intrusion Detection System) on your antique Linux Firewall\router box
(my current project)

 

[xtop]

wow, this thread makes my head hurt. so many dumb naive people its amazing.

and for those of you who only use adaware and spybot, try spysweeper, it finds more than either of those programs can.

 

[lopoetve]

wow, this thread makes my head hurt. so many dumb naive people its amazing.

and for those of you who only use adaware and spybot, try spysweeper, it finds more than either of those programs can.

In my experience, spysweeper misses more things than adaware or spybot do individually. Run adaware and spybot, and you catch a LOT more than spysweeper.