The Virus Squad

dncsky1530 writes "Sydney Morning Herald - The Virus Squad - 'A new species has been discovered. So new, it's still unnamed, but researchers are racing to tag it - before it spreads around the world. For the next 10 to 30 minutes, the computer virus or worm is dissected, analysed and identified... "On the day we detected MyDoom, we did another 18 viruses," says Paul Ducklin, Sophos's head of technology for the Asia-Pacific. "There are about 800 new viruses a month. And the unglamorous bit of our work is often the other 798."'"

Re:I wonder

[aheath]

I remember the days when anti-viral software was freeware or shareware. The anti-virus industry will have to adapt when Microsoft includes free anti-virus technology in Windows XP service pack 2. Assuming of course that the XP SP2 anti-virus software is robust and fully featured. Perhaps some of the anti-viral software companies will have to evolve from providing software to providing security conulting.

Some security companies do give back to the community. GRISOFT offers a free version of AVG Anti-Virus 6.0 for single home users. Zone Labs offers a free version of the Zone Alarm firewall.

Do you know of any other companies that offer free anti-viral or firewall software?

So very, very true.

[nordicfrost]

"If you unblocked port 135 [an access point Blaster targeted] you would be found by Blaster," Lee says, adding that it would just be a matter of time.

This happened when I installed a (legal) copy of Windows 2000 on my GFs old machine. Boom! Infected with Blaster on the first five minutes on the net, trying to D/L a firewall. Not to speak of the servicepacks... It happened so fast, I thought there was something wrong with the modem drivers, I downloaded via an iBook. I spent a lot of time getting that machine up. But as the family of the GF saw what happened, three persons became Apple converts that evening.

My GF now has an iBook and is more productive on a computer than ever.

Re:I wonder

[merlin65537]

There is AntiVir which provides its software free for personal users, however it's in German only. I've used it on my Win2k system for a few years now. As far as I know it doesn't integrate with any e-mail-clients, but it recognized viruses in attachments as soon as I saved them to disk.

Re:I wonder

[Fex303]

Avast! Antivirus is free for home users. I've been using it for a while now and it's successfully picked up the few viri that have tried to visit my inbox. I've installed it on few machines (parents/friends computers) and I've had no probs so far.

It's got auto-updates, Outlook add-on module, etc. All good. They want some info in lieu of registration, but it's non-spammy/invasive

You can download it from here if you're so inclined.

Disclaimer: I have nothing to do with Avast, beyond being a quite satisfied user of their software.

Re:Unsafe

[s7uar7]

How do you know? Without anti-virus software, unless a virus is doing something really obvious, such as rebooting your machine, you're not going to. I always find it amusing when I here people say they've been using Norton/McAfee/Whatever for 5 years and never had a virus. That's not their anti virus software, that's just luck. All they can be sure of is they've never had a virus their package can detect. Anti virus software doesn't make you immune from catching them, it just stops them spreading and (hopefully) makes cleaning up easier.

Re:The Perfect Virus..?

[gnu-generation-one]

"I was thinking about how to design the "perfect" virus."

(1) Virus intially comes in as an attachment. This is a decoy, we're not going for computers owned by retards this time.

(2) Virus tests for one of the recent linux vulnerabilities. If it gets in, this indicates that we've got someone with a default unpatched install of Mandrake or whatever, who probably imagines they're immune. Plenty of time to proceed.

(3) Virus has a look through the setup files of common FTP programs to obtain website passwords, connects to website, searches for .exe and .tar.gz files, uploads itself in their place. Virus knows that people will download the .tar.gz, configure, make, and install it, then run it without even looking at the source code.

(4) Virus uploads a set of personal data to a hidden file on that website.

(5) Virus goes through the ~/Mail folder, looking for username/password combinations mailed to the person by clueless companies such as maplin.co.uk, who email peoples' passwords in cleartext. Stores a list of all the data it's collected so far.

(6) Virus sets up a backdoor, using port-knocking so that none of the "respond to virus with portscan" tools can find it.

Re:I wonder

[jaavaaguru]

F-Prot antivirus is available for free for home users, and runs on Linux, Windows, BSD, DOS and Solaris. For the Unix-based systems, there is a nice GUI front end called xfprot.

Smoothwall is a "best-of-breed Internet firewall/router, designed to run on commodity hardware, and to give an easy-to-use administration interface to those using it. Built using open source and Free software, it's distributed under the GNU Public License".

Re:Huh?

[jaavaaguru]

If the average person in front of a computer had an office suite with VB scripting turned off by default (typing up your homework in Word doesn't require it anyway), and the OS only executed files that were saved to disk and needed the execute permission turned on explicitly (I think Windows using NTFS has this option, but it's always on by default), then the "mouse clicking fools" wouldn't be doing so much harm. This is something that only the OS vendor can fix.