You must be right Wayne.
But I don't know where I should feel concerned as I don't own a
computer ...
Back to photography?
Amities
Philippe
Le 25 févr. 14 à 15:48, WayneS a écrit :
> 3 cents of a geek along the road of OSes.... and viruses, long time
> since last post
>
> Win 7 (64-bit) is the new XP and pretty good. 64-bit with 16G+ of
> ram makes for happy photoshop. With that amount of ram and VMs, you
> can set up multiple systems on one box. If it gets messed up, just
> restore a snapshot. Of course for windoes VM OS you need licenses.
>
> Win8: I installed Win 8 on a machine in order to build some hyper-V
> linux machines for hosting on our server at work. Other than Hyper
> V, I hate windows 8 for desktop. Too bad hyper-V is not on windows
> 7. You could still run an older XP vm in a Hyper-V, I believe.
>
> VM: VMware was on sale last year so I purchased that. They have a
> tool that can take a live XP machine and convert it into a VM. Of
> course the windows activation will get tripped, but mine reactivated
> fine. I have some compiler tools for older embedded devices I wanted
> to still run. I have not fully tested it, but in theory it should
> work for my needs. I tried to do the same with virtual box but was
> not successful.
>
> Trojans: I downloaded the leaked virus source code, Zeus and
> Calbert, in order to analyze them. Interestingly they are more
> targeted at Win 7 than XP. So the virus writers are moving away from
> XP also. Exception being that many point of sale machines are still
> XP based, and will be for some time. Perhaps how Target got hit.
> There are a lot of XP machines still in service that will take a
> long time to replace. I wonder how may PoS machines do auto updates?
>
> Java: Of all the XP machines that got infected at my house (a
> couple) were due to oracle Java running. Java and javascript are the
> most vulnerable to drive by malware on the web.
>
> Hardware: On two of my newer machines, Win7, the MB did not have any
> COM ports, which I need for some embedded development (and Utilite).
> Embedded linux often requires a COM port for a console. So on both
> an Asus P8Z68-V and a P8Z77-V mb, I installed an older PCI serial
> COM port card. For some reason, on both boards, it destroyed the
> Realtek audio controllers. Be Carefully if you plug in older PCI
> stuff in newer MBs.
>
> Linux: I have several Linux boxes and Linux VMs, but mostly as
> servers. I have not found any desktop version that does not have
> some problems doing what you want. X11 is a pain. I don't like the
> new Ubuntu Union. My linux preferences are Debian and Arch, and
> Xubuntu if I really want a desktop. Mostly I use desktop for network
> analysis tools like Wireshark. I've also spent some time setting up
> a home linux router firewall, and intend to install some intrusion
> detection. It is interesting to check what is getting hit on the
> firewall.
>
> Firewall: No OS is invulnerable, and many firewall appliances are
> very hackable (see devttys0.com). My current hardware of choice for
> firewall is a Utilite for $219 (utilite-computer.com) which has two
> ethernet ports. I installed ArchLinuxArm for Utilite and Shorewall
> for firewall on it. Using shorewall, I can also download block lists
> from dshield.org or C&C block lists, like Zeus Tracker from
> abuse.ch... or I can block all of chinanet if I want... (of course
> after some fussing with linux scrips and IPsets and shorewall
> rules). Unfortunately, the newer P2P based trojans can get around
> even this.
>
> IDS: So the next line of defense is something like Snort, intrusion
> detection, on the firewall. Proper snort rules can often catch 95+%
> of initial infections based on virus behavior, as the initial
> infection usually involves an initial download package. That
> certainly beats most anti-virus software.
>
> Routers: Many home routers have uPnP enabled, which allows systems
> on your internal net to automatically open up ports on the firewall.
> Very handy for trojans. uPnP is not the same as PnP.
>
> Agghhhh: The more I study and research this, the scarier it looks.
> The more modern trojans no long upset your system, but rather sit
> and hide in stealth mode. They want to remain undetected. Most
> modern viruses can easily get around signature based anti-virus.
>
> Upgrade: As for upgrading to Win 7, I recommend it (64 bit) for the
> increased memory available for photo editing. As to increased
> security, I have not found Win 7 to be that much more secure than
> XP, other than Win 7 locks things down more in order to frustrate
> the user. It has only a little impact for viruses. Zeus and Calbert
> can easily get around UAC (user access control) for example. UAC
> just makes the user feel more secure. So the first thing I do when
> installing Win 7 is turn off UAC.
>
> Whatever system you use, mac OS, Linux, Windows - security still
> mostly depends on the end user awareness. Who knows, check how much
> power your system is using, you might just be mining bitcoins for
> someone else.
>
> Wayne S - just call me paranoid hacker
> --
> _________________________________________________________________
> Options: http://lists.thomasclausen.net/mailman/listinfo/olympus
> Archives: http://lists.thomasclausen.net/mailman/private/olympus/
> Themed Olympus Photo Exhibition: http://www.tope.nl/
One sees clearly only with the heart. What is essential is invisible
to the eye. Antoine de Saint Exupéry in Le Petit Prince.
NO ARCHIVE
--
_________________________________________________________________
Options: http://lists.thomasclausen.net/mailman/listinfo/olympus
Archives: http://lists.thomasclausen.net/mailman/private/olympus/
Themed Olympus Photo Exhibition: http://www.tope.nl/
|