Bad Mirror

[MichaelW]

If you took an unpatched Windows 2000/XP system (without any service packs / updates installed and without a working firewall) and attached it directly to the Internet, you just had to wait a few seconds or at most a few minutes to have it infected by several worms...

I had this happen with an unpatched Windows 2000, over a dialup connection, and IIRC my examination of the log files showed that it took less than 10 minutes.

[albert]

At my apartment complex thay have hardwired ethernet, Cox Business Cable.

Maybe the Cox Cable company is infected and spreading it?
I can't click a link without getting yeildmanager , pointroll , servingsys , ru4 , advertising , tracking cookies.

So the FBIDE and FB downloads might have just been coincidental with a virus gotten somewhere else??

[Sebastian]

At my apartment complex thay have hardwired ethernet, Cox Business Cable.

Maybe the Cox Cable company is infected and spreading it?

Please be sure to read and understand the postings by me and MichaelW. Maybe this is a misunderstanding.

Internet Service Providers (ISP), as for example Verizon, Cox Business Cable etc., do not infect their customers' computers with malware. They provide their customers access to the Internet. The Internet is a global network of networks. That means you can reach computers and servers located in China, Russia or whereever easily straight from your appartment complex. ;) But it works also the other way round. If you don't have a working firewall installed, attackers from China, Russia or whereever (anywhere on earth) can reach your computer and can try to infect it (mostly done using automated spreading routines implemented in malware). But it's not only foreign computers. Also any infected computer in the US means such a threat.

Because of the Internet your computer is indirectly connected to hundreds of millions of malware-infected computers all over the world. These are the problem and not your ISP.

[MichaelW]

I was installing a pre-SP Windows 2000, the vulnerability that they exploited was fixed by SP2, and this all happened ~2 years after SP4 had been released so the vulnerability was well known. My solution, after I formatted the drive and reinstalled Windows, was to install a software firewall (ZoneAlarm).

For years (~~5 IIRC) after ADSL became available in my area one of the big providers (SBC) was providing modems that did not include an NAT firewall, and at least initially the information that they provided didn’t mention this, or the need for a firewall. If Albert's ISP is providing modems without an NAT firewall, then they could be partially responsible for the problem.

[Gonzo]

you could call nat a firewall, but its really just address translation.. basically dhcp server that gives you routes internally and a gateway to route anything not lan to
you can check this by just checking the arp list (arp -a)

disable dhcp server and your router is no longer a router, just a switch =)
you could also just route everything to your computer, and yes zonealarm and comodo firewall are the only good ones unless you are expert (there are some fairly complicated ones out there, but i doubt they have sandbox)

quick guide to not being grandmother using facebook and looking at weather:
1. uninstall AV
2. install comodo firewall
3. install process explorer @ http://technet.microsoft.com/en-us/sysi ... s/bb896653
and from the menubar, replace the old taskmanager with process explorer
close it and confirm with ctrl+shift escape

thank me later

[Sebastian]

you could call nat a firewall, but its really just address translation..

I'm conscious of that but for most end-users a consumer class DSL router with NAT fulfills the primary goal of a firewall: Protect your personal network from threats originating from other/outer networks. Of course it doesn't filter the traffic coming from inside of your LAN and going to the Internet. But it ensures that your PCs aren't reachable and attackable from outside. So I think it's justified to call this feature a "firewall". But of course it's no professional or semiprofessional solution.

I have a small "communcation server" running Linux: It works as a router (Internet via DSL or dial-up backup + a few separated LANs), firewall (iptables), DNS cache (pdnsd), DHCP server (but not for all LANs) and HTTP cache (squid + http traffic scanning via ClamAV). It has multiple NICs for different LANs and one for the Internet side. For example, smartphones and computers brought here by guests (-> WLAN access point) are connected to a dedicated LAN so that they can't access or harm the servers or PCs.

[Gonzo]

seems abit overdone to me :) i prefer people learned the hard way the consequences of their actions :D
i probably would go insane if i had to wait for a file being scanned by icap service... we live after all in the age of hyper-instant gratification :S