You write scary stuff. It will take me quite a while to absorb this.
Chuck Norcutt
On 2/25/2014 9:48 AM, WayneS wrote:
> 3 cents of a geek along the road of OSes.... and viruses, long time since
> last post
>
> Win 7 (64-bit) is the new XP and pretty good. 64-bit with 16G+ of ram makes
> for happy photoshop. With that amount of ram and VMs, you can set up multiple
> systems on one box. If it gets messed up, just restore a snapshot. Of course
> for windoes VM OS you need licenses.
>
> Win8: I installed Win 8 on a machine in order to build some hyper-V linux
> machines for hosting on our server at work. Other than Hyper V, I hate
> windows 8 for desktop. Too bad hyper-V is not on windows 7. You could still
> run an older XP vm in a Hyper-V, I believe.
>
> VM: VMware was on sale last year so I purchased that. They have a tool that
> can take a live XP machine and convert it into a VM. Of course the windows
> activation will get tripped, but mine reactivated fine. I have some compiler
> tools for older embedded devices I wanted to still run. I have not fully
> tested it, but in theory it should work for my needs. I tried to do the same
> with virtual box but was not successful.
>
> Trojans: I downloaded the leaked virus source code, Zeus and Calbert, in
> order to analyze them. Interestingly they are more targeted at Win 7 than XP.
> So the virus writers are moving away from XP also. Exception being that many
> point of sale machines are still XP based, and will be for some time. Perhaps
> how Target got hit. There are a lot of XP machines still in service that will
> take a long time to replace. I wonder how may PoS machines do auto updates?
>
> Java: Of all the XP machines that got infected at my house (a couple) were
> due to oracle Java running. Java and javascript are the most vulnerable to
> drive by malware on the web.
>
> Hardware: On two of my newer machines, Win7, the MB did not have any COM
> ports, which I need for some embedded development (and Utilite). Embedded
> linux often requires a COM port for a console. So on both an Asus P8Z68-V and
> a P8Z77-V mb, I installed an older PCI serial COM port card. For some reason,
> on both boards, it destroyed the Realtek audio controllers. Be Carefully if
> you plug in older PCI stuff in newer MBs.
>
> Linux: I have several Linux boxes and Linux VMs, but mostly as servers. I
> have not found any desktop version that does not have some problems doing
> what you want. X11 is a pain. I don't like the new Ubuntu Union. My linux
> preferences are Debian and Arch, and Xubuntu if I really want a desktop.
> Mostly I use desktop for network analysis tools like Wireshark. I've also
> spent some time setting up a home linux router firewall, and intend to
> install some intrusion detection. It is interesting to check what is getting
> hit on the firewall.
>
> Firewall: No OS is invulnerable, and many firewall appliances are very
> hackable (see devttys0.com). My current hardware of choice for firewall is a
> Utilite for $219 (utilite-computer.com) which has two ethernet ports. I
> installed ArchLinuxArm for Utilite and Shorewall for firewall on it. Using
> shorewall, I can also download block lists from dshield.org or C&C block
> lists, like Zeus Tracker from abuse.ch... or I can block all of chinanet if I
> want... (of course after some fussing with linux scrips and IPsets and
> shorewall rules). Unfortunately, the newer P2P based trojans can get around
> even this.
>
> IDS: So the next line of defense is something like Snort, intrusion
> detection, on the firewall. Proper snort rules can often catch 95+% of
> initial infections based on virus behavior, as the initial infection usually
> involves an initial download package. That certainly beats most anti-virus
> software.
>
> Routers: Many home routers have uPnP enabled, which allows systems on your
> internal net to automatically open up ports on the firewall. Very handy for
> trojans. uPnP is not the same as PnP.
>
> Agghhhh: The more I study and research this, the scarier it looks. The more
> modern trojans no long upset your system, but rather sit and hide in stealth
> mode. They want to remain undetected. Most modern viruses can easily get
> around signature based anti-virus.
>
> Upgrade: As for upgrading to Win 7, I recommend it (64 bit) for the increased
> memory available for photo editing. As to increased security, I have not
> found Win 7 to be that much more secure than XP, other than Win 7 locks
> things down more in order to frustrate the user. It has only a little impact
> for viruses. Zeus and Calbert can easily get around UAC (user access control)
> for example. UAC just makes the user feel more secure. So the first thing I
> do when installing Win 7 is turn off UAC.
>
> Whatever system you use, mac OS, Linux, Windows - security still mostly
> depends on the end user awareness. Who knows, check how much power your
> system is using, you might just be mining bitcoins for someone else.
>
> Wayne S - just call me paranoid hacker
>
--
_________________________________________________________________
Options: http://lists.thomasclausen.net/mailman/listinfo/olympus
Archives: http://lists.thomasclausen.net/mailman/private/olympus/
Themed Olympus Photo Exhibition: http://www.tope.nl/
|