NAT Router - Firewalls

This is a discussion on NAT Router - Firewalls ; I have only one desktop computer that is used here. I have looked at several software personal firewalls. They all for the most part seem to be a joke. Would I just be better off connecting this computer to a ...

+ Reply to Thread
Page 1 of 2 1 2 LastLast
Results 1 to 20 of 22

Thread: NAT Router

  1. NAT Router

    I have only one desktop computer that is used here.

    I have looked at several software personal firewalls. They all for the
    most part seem to be a joke.

    Would I just be better off connecting this computer to a "NAT Router"
    for its firewall protection.

    Thanks for any and all help you can offer.

  2. Re: NAT Router



    "Tony" wrote in message news:9cfi03178975b8clqjd61064ggoelj7huf@4ax.com...
    >I have only one desktop computer that is used here.
    >
    > I have looked at several software personal firewalls. They all for the
    > most part seem to be a joke.
    >
    > Would I just be better off connecting this computer to a "NAT Router"
    > for its firewall protection.
    >
    > Thanks for any and all help you can offer.


    You don't need to think in terms of "either/or". I have an inexpensive
    D-Link router between my cable modem and PC, and it has a firewall built-in,
    which I have enabled. I still use a software firewall on the PC because I
    like to be more aware of the outgoing traffic. The only time I've had a
    Trojan on my PC I became aware of it because Agnitum's Outpost Firewall
    flagged and blocked it.

    Why do you feel software firewalls are a joke? The biggest problem with
    them is they require users to make decisions - it can sometimes be hard to
    identify applications requesting outbound connections even when you pay
    attention know what to look for. If the user just clicks "OK" every time
    the firewall pops up a permissions request then the purpose is defeated, but
    that's not the fault of the software.


  3. Re: NAT Router

    Victek wrote:

    > You don't need to think in terms of "either/or". I have an inexpensive
    > D-Link router between my cable modem and PC, and it has a firewall
    > built-in, which I have enabled. I still use a software firewall on the
    > PC because I like to be more aware of the outgoing traffic.


    Why don't you use an appropriate tool instead?

    BTW, what has the router to do with that anyway?

    > The only time I've had a Trojan on my PC I became aware of it because
    > Agnitum's Outpost Firewall flagged and blocked it.
    >
    > Why do you feel software firewalls are a joke?


    You already stated it. You only became aware of a trojan horse because it
    was too stupid to adequately circumvent this Outpost thing, just like the
    other trojans on your computer did.

    > The biggest problem with them is they require users to make decisions -
    > it can sometimes be hard to identify applications requesting outbound
    > connections even when you pay attention know what to look for.


    This is utterly bull****. Legitimate applications don't require such a
    control, and for illegitimate applications the term "control" simply
    doesn't apply.

    > If the user just clicks "OK" every time the firewall pops up a
    > permissions request then the purpose is defeated, but that's not the
    > fault of the software.


    If the trojan horse can click "OK" on the popup, the purpose is obviously
    defeated by design.

  4. Re: NAT Router



    "Sebastian Gottschalk" wrote in message
    news:56t9elF2ahtjmU1@mid.dfncis.de...
    > Victek wrote:
    >
    >> You don't need to think in terms of "either/or". I have an inexpensive
    >> D-Link router between my cable modem and PC, and it has a firewall
    >> built-in, which I have enabled. I still use a software firewall on the
    >> PC because I like to be more aware of the outgoing traffic.

    >
    > Why don't you use an appropriate tool instead?
    > BTW, what has the router to do with that anyway?


    I use a router/switch on my cable modem because I'm sharing the connection
    across multiple machines. It just happened to have a firewall feature as
    well, so I'm utilizing it. I'm sure that dedicated firewall appliances
    (such as sonicwall) are far more capable, but I haven't felt the need for
    one so far. I expect electronic threats to continue to get worse and I may
    opt for a firewall appliance down the road. I don't have a philosophy
    getting in the way.

    >
    >> The only time I've had a Trojan on my PC I became aware of it because
    >> Agnitum's Outpost Firewall flagged and blocked it.
    >>
    >> Why do you feel software firewalls are a joke?

    >
    > You already stated it. You only became aware of a trojan horse because it
    > was too stupid to adequately circumvent this Outpost thing, just like the
    > other trojans on your computer did.


    The fact that some malware can defeat personal firewall software doesn't
    invalidate the software. Any form of security can be defeated given time
    and resources, and probably will be. That's why all forms of hardware and
    software security continue to evolve and improve. Can you be absolutely
    certain that no form of malware exists (or ever will exist) that can get
    past whatever you consider to be a "real" firewall? I don't see how you
    could. And if some malware gets past the firewall, what then? I don't see
    how having a software firewall installed on the host hurts anything, and it
    just might help identify a problem as I've already experienced.


    >> The biggest problem with them is they require users to make decisions -
    >> it can sometimes be hard to identify applications requesting outbound
    >> connections even when you pay attention and know what to look for.

    >
    > This is utterly bull****. Legitimate applications don't require such a
    > control, and for illegitimate applications the term "control" simply
    > doesn't apply.



    Of course legitimate applications don't require such control. The firewall
    software simply "takes attendance". We get to see who's in the room and
    decide if something doesn't belong. It's possible for malware to be visible
    to the firewall, but if the firewall cannot identify it as a threat then it
    falls to the user who also may not have the skill to identify it. I think
    at least part of the solution for this problem is for software firewalls to
    rely on signatures, just like antivirus and antispyware apps, to identify
    applications.

    >> If the user just clicks "OK" every time the firewall pops up a
    >> permissions request then the purpose is defeated, but that's not the
    >> fault of the software.


    > If the trojan horse can click "OK" on the popup, the purpose is obviously
    > defeated by design.


    Without a doubt that's true. Software firewalls need to be "hardened" over
    time to make it more difficult for malware to circumvent, or manipulate or
    shut them down. all IMHO, of course.




  5. Re: NAT Router

    Victek wrote:

    >> BTW, what has the router to do with that anyway?

    >
    > I use a router/switch on my cable modem because I'm sharing the
    > connection across multiple machines. It just happened to have a
    > firewall feature as well, so I'm utilizing it.


    My gun has the feature to shoot myself in the foot. I still don't see the
    need to utilize it.

    > I don't have a philosophy getting in the way.


    It seems like you have the philosophy of putting up things that get in
    your way. Because that's what a firewall as such. If it can't provide an
    adequate benefit to justify this disadvantage, you should consider
    dropping it.

    >>> The only time I've had a Trojan on my PC I became aware of it because
    >>> Agnitum's Outpost Firewall flagged and blocked it.
    >>>
    >>> Why do you feel software firewalls are a joke?

    >>
    >> You already stated it. You only became aware of a trojan horse because
    >> it was too stupid to adequately circumvent this Outpost thing, just
    >> like the other trojans on your computer did.

    >
    > The fact that some malware can defeat personal firewall software doesn't
    > invalidate the software.


    It does, since it breaks the design goal.

    > Any form of security can be defeated given time and resources, and
    > probably will be.


    Bull****. Here, in the digital world, the set of all possibilities is
    finite and thus enumerable, in many cases quite easily.

    Well, try to circumvent this:

    access authenticate(string user, string password) { if (user == "testuser"
    && password == "Hippy floppy12345 kill Bush !!!12") return new
    ACCESS_TOKEN() else return null; }

    Hint: You can't. You will only authenticated if you provide the correct
    username and password. No chance to use "more force" and sneak around it,
    there's simply no way to defeat it.

    > I don't see how having a software firewall installed on the host hurts
    > anything,


    Beside that it introduced new vulnerabilities, in case of Outpost even
    well-known ones? Because it introduces complexity? Because it introduces
    errors?

    > and it just might help identify a problem as I've already experienced.


    Throwing more and more software doesn't solve your problem.

    > It's possible for malware to be visible to the firewall, but if the
    > firewall cannot identify it as a threat then it falls to the user who
    > also may not have the skill to identify it.


    As I said: It generally fails.

    >>> If the user just clicks "OK" every time the firewall pops up a
    >>> permissions request then the purpose is defeated, but that's not the
    >>> fault of the software.

    >
    >
    >> If the trojan horse can click "OK" on the popup, the purpose is
    >> obviously defeated by design.

    >
    > Without a doubt that's true. Software firewalls need to be "hardened"
    > over time to make it more difficult for malware to circumvent, or
    > manipulate or shut them down.


    You can't make it any more difficult. You can just play the cat-and-mouse
    game, whereas the malware is always the winner and the user is always the
    loser.

    After all, it's quite obvious why it must fail: The user himself wants
    inter process communication.

    > all IMHO, of course.


    What about "I will think about a concept to not get infected by malware in
    first place instead of trial attempts to treat the symptomes?"

  6. Re: NAT Router

    Victek wrote:
    > built-in, which I have enabled. I still use a software firewall on the
    > PC because I like to be more aware of the outgoing traffic. The only
    > time I've had a Trojan on my PC I became aware of it because Agnitum's
    > Outpost Firewall flagged and blocked it.


    And what did you do then? Did you reinstall the computer?

    And why did you install the trojan in the first place, anyway?

    Gerald

  7. Re: NAT Router

    On Tue, 27 Mar 2007 11:53:42 -0400, Tony wrote:

    > I have only one desktop computer that is used here.
    >
    > I have looked at several software personal firewalls. They all for the
    > most part seem to be a joke.
    >
    > Would I just be better off connecting this computer to a "NAT Router"
    > for its firewall protection.
    >
    > Thanks for any and all help you can offer.


    The NAT Router is your first barrier and it's the best barrier, but, it's
    the least of your needs. If you learn how to secure your computer the NAT
    Router just helps when you make a mistake in security.

    In most cases, the NAT router does a LOT better job than the Windows
    firewall or the other firewalls because it's not going to allow you to
    poke holes in it by accident and it won't allow applications running on
    your computer to program it fir holes unless you setup that function
    yourself.

    Once you get the NAT router the personal firewall solutions become candy.


    --
    Leythos
    spam999free@rrohio.com (remove 999 for proper email address)

  8. Re: NAT Router

    Tony wrote:
    > I have only one desktop computer that is used here.
    >
    > I have looked at several software personal firewalls. They all for the
    > most part seem to be a joke.
    >
    > Would I just be better off connecting this computer to a "NAT Router"
    > for its firewall protection.


    Well, in a way, because a NAT router, unlike a personal FW is not
    running with the O/S. The PFW can be attacked just like the O/S can be
    attacked.

    http://www.wallwatcher.com/

    >
    > Thanks for any and all help you can offer.



    You may want to spend a little more money and get a FW router that meets
    the specs in the link for *What does a FW do?*

    http://www.vicomsoft.com/knowledge/r...irewalls1.html

    I use a PFW on my laptop when it's not connected to my network. I have
    no PFW(s) running on the any MS machine or the Linux FW active on the
    Linux machine, because I have a FW appliance that will meet those specs.

    They have FW router's like Netgear's FR314 that's ICSA certified ,and
    others vendors do too, that will meet those specs in the link above.

    Look at it this way, you pay for a PFW and then you have to keep
    renewing it, possibly paying for the renew.

    It all washes out in the long run on money spent if you know what I mean.

    http://labmice.techtarget.com/articl...ychecklist.htm


  9. Re: NAT Router



    "Gerald Vogt" wrote in message
    news:4609c409$0$15971$44c9b20d@news3.asahi-net.or.jp...
    > Victek wrote:
    >> built-in, which I have enabled. I still use a software firewall on the
    >> PC because I like to be more aware of the outgoing traffic. The only
    >> time I've had a Trojan on my PC I became aware of it because Agnitum's
    >> Outpost Firewall flagged and blocked it.

    >
    > And what did you do then? Did you reinstall the computer?
    >
    > And why did you install the trojan in the first place, anyway?
    >
    > Gerald


    I didn't intentionally install the Trojan. I only discovered after the fact
    that it was on my computer. All that was necessary to remove it was run a
    scan with "anti-Trojan" software (I don't remember specifically which one I
    used), the same way you would use antivirus or antispyware to remove those
    kinds of malware.


  10. Re: NAT Router

    Victek wrote:
    > "Gerald Vogt" wrote in message
    > news:4609c409$0$15971$44c9b20d@news3.asahi-net.or.jp...
    >> Victek wrote:
    >>> built-in, which I have enabled. I still use a software firewall on
    >>> the PC because I like to be more aware of the outgoing traffic. The
    >>> only time I've had a Trojan on my PC I became aware of it because
    >>> Agnitum's Outpost Firewall flagged and blocked it.

    >>
    >> And what did you do then? Did you reinstall the computer?
    >>
    >> And why did you install the trojan in the first place, anyway?
    >>
    >> Gerald

    >
    > I didn't intentionally install the Trojan. I only discovered after the


    But you know how you got it? In most cases it is either something you
    install or some updates you did not install.

    > fact that it was on my computer. All that was necessary to remove it
    > was run a scan with "anti-Trojan" software (I don't remember
    > specifically which one I used), the same way you would use antivirus or
    > antispyware to remove those kinds of malware.


    What makes you think that it removed all malware from your computer? A
    good malware comes in packages: the good stuff is well hidden somewhere
    and knows how to circumvent the software firewall while it also some
    primitive malware bundled which may be detected quickly. The user thinks
    the firewall blocks everything and the malware removal tool reports
    something removed.

    I guess you are using an AV and PFW and the trojan still got past all
    this. Either you know that you have installed it with some software or
    it must be fairly good to get past AV and PFW. Malware designed to get
    past AV and PFW onto the computer will not be that easy detected except
    for some part for diversion. The only really secure thing to do would be
    to reformat the drive and reinstall windows.

    Gerald

  11. Re: NAT Router

    Victek wrote:

    > I didn't intentionally install the Trojan. I only discovered after the fact
    > that it was on my computer.


    So, and how did it come so far? What did your investigation point out?

    > All that was necessary to remove it was run a
    > scan with "anti-Trojan" software


    That's a lie.

    > (I don't remember specifically which one I
    > used), the same way you would use antivirus or antispyware to remove those
    > kinds of malware.


    Unlikely that you actually removed it. How do you think this should work
    reliably? Hint: It simply can't.

    Seems like your security concept failed due to stupidity. How exactly is
    your Outpost thingy worth then?

  12. Re: NAT Router

    On Wed, 28 Mar 2007 02:50:28 GMT, "Mr. Arnold" <"Mr.
    Arnold"@Arnold.COM> wrote:

    Thanks to all who replied it is appreciated.

    A special thank you to "Mr. Arnold" for his reply and great links.

    Its off to the drawing board.

    Thanks again.

    >Tony wrote:
    >> I have only one desktop computer that is used here.
    >>
    >> I have looked at several software personal firewalls. They all for the
    >> most part seem to be a joke.
    >>
    >> Would I just be better off connecting this computer to a "NAT Router"
    >> for its firewall protection.

    >
    >Well, in a way, because a NAT router, unlike a personal FW is not
    >running with the O/S. The PFW can be attacked just like the O/S can be
    >attacked.
    >
    >http://www.wallwatcher.com/
    >
    >>
    >> Thanks for any and all help you can offer.

    >
    >
    >You may want to spend a little more money and get a FW router that meets
    >the specs in the link for *What does a FW do?*
    >
    >http://www.vicomsoft.com/knowledge/r...irewalls1.html
    >
    >I use a PFW on my laptop when it's not connected to my network. I have
    >no PFW(s) running on the any MS machine or the Linux FW active on the
    >Linux machine, because I have a FW appliance that will meet those specs.
    >
    >They have FW router's like Netgear's FR314 that's ICSA certified ,and
    >others vendors do too, that will meet those specs in the link above.
    >
    >Look at it this way, you pay for a PFW and then you have to keep
    >renewing it, possibly paying for the renew.
    >
    >It all washes out in the long run on money spent if you know what I mean.
    >
    >http://labmice.techtarget.com/articl...ychecklist.htm



  13. Re: NAT Router



    > What makes you think that it removed all malware from your computer? A
    > good malware comes in packages: the good stuff is well hidden somewhere
    > and knows how to circumvent the software firewall while it also some
    > primitive malware bundled which may be detected quickly. The user thinks
    > the firewall blocks everything and the malware removal tool reports
    > something removed.
    >
    > I guess you are using an AV and PFW and the trojan still got past all
    > this. Either you know that you have installed it with some software or it
    > must be fairly good to get past AV and PFW. Malware designed to get past
    > AV and PFW onto the computer will not be that easy detected except for
    > some part for diversion. The only really secure thing to do would be to
    > reformat the drive and reinstall windows.
    >
    > Gerald


    I continued to scan my system with different antivirus, antispyware and
    anti-Trojan software and couldn't find additional problems. I also noted
    that there were no more attempts by unknown software to establish outbound
    connections. I guess it's possible that there was still malware on the
    system, but I didn't think so for the above reasons, plus the computer
    continued to be stable and normal in every perceivable way and that was good
    enough for me.

    As far as how the Trojan got on my computer, remember that firewall software
    would not block it being downloaded. The only initial protection was
    antivirus which apparently missed it, but that's not so unusual. It was a
    few years ago when this happened and then it was the norm for antivirus
    software to update only once or twice a week. That left a window of a few
    days when new viruses (or Trojans) were invisible could easily infect
    systems. There's also the fact that even the best antivirus software does
    not detect 100% of all viruses. That's why a multilayered defense is
    necessary(and I think personal firewall software is one of those layers).

    In the course of doing my job I have often had to clean computers that have
    been infected with viruses/Trojans/spyware. It's been my experience that
    the computers can be restored to normal functioning in most cases. A
    combination of multiple antivirus and antispyware scans does a very good job
    of removing malware. I only remember one case where the computer was so
    badly infected it was unrecoverable. It got that way because the user
    neglected to update the subscription for his antivirus - it hadn't had new
    "signatures" for many months.


  14. Re: NAT Router

    Victek wrote:

    > I continued to scan my system with different antivirus, antispyware and
    > anti-Trojan software and couldn't find additional problems. I also noted
    > that there were no more attempts by unknown software to establish outbound
    > connections. I guess it's possible that there was still malware on the
    > system, but I didn't think so for the above reasons,


    Huh? The malware simply doesn't have to match with the signatures of the
    above-stated software. That's a trivial thing, any new malware does so by
    design.

    > plus the computer continued to be stable and normal in every perceivable
    > way and that was good enough for me.


    It's still ready to start spamming and DoSing on command.

    > As far as how the Trojan got on my computer, remember that firewall software
    > would not block it being downloaded. The only initial protection was
    > antivirus which apparently missed it, but that's not so unusual.


    So then why did you EXECUTE it?

    > That's why a multilayered defense is necessary


    That's the typical phrase of those who're lacking concept.

    > In the course of doing my job I have often had to clean computers that have
    > been infected with viruses/Trojans/spyware. It's been my experience that
    > the computers can be restored to normal functioning in most cases.


    Nah, just that they don't seem to be compromised any more. Did you ever
    actually verify if they are cleaned?

    > I only remember one case where the computer was so
    > badly infected it was unrecoverable. It got that way because the user
    > neglected to update the subscription for his antivirus


    No. It got that way because he intentionally executed the malware.

  15. Re: NAT Router

    Victek wrote:
    > I continued to scan my system with different antivirus, antispyware and
    > anti-Trojan software and couldn't find additional problems. I also


    Which only tells you that those programs don't know about any other
    malware running on your computer. Any new malware is not detected by any
    detection software until the software includes the signature for that
    malware. If it is not a wide spread malware chances are it will never be
    detected. Someone has to locate the malware, extract the details and
    send it to a antivirus, antispyware, ... company for analysis. And even
    if someone did it is not sure it is added as signatures for malware
    which is hardly seen in the wild would only slow the whole thing further
    down.

    > noted that there were no more attempts by unknown software to establish
    > outbound connections. I guess it's possible that there was still


    The problem is no outbound connections detected by the PFW does not say
    anything about whether some malware sends something out or not. Just
    like before it just tells you that the PFW could not detect it.

    > malware on the system, but I didn't think so for the above reasons, plus
    > the computer continued to be stable and normal in every perceivable way
    > and that was good enough for me.


    That's what a good malware is supposed to do. A keylogger can silently
    run in the background without distrupting the system and only send
    something out when there is other network traffic on the system. You
    will hardly ever notice.

    > As far as how the Trojan got on my computer, remember that firewall
    > software would not block it being downloaded. The only initial


    Yes, but why did you download it in the first place?

    > protection was antivirus which apparently missed it, but that's not so
    > unusual. It was a few years ago when this happened and then it was the


    Did you submit it then to your AV company?

    > norm for antivirus software to update only once or twice a week. That


    Does it detect the malware now?

    > left a window of a few days when new viruses (or Trojans) were invisible
    > could easily infect systems. There's also the fact that even the best


    It is not "a few days". This is only true for the malware which spreads
    quickly. For anything, that spreads slowly or strategically and is not
    quickly noticed it can take weeks or months until someone found it and
    submitted it for analysis.

    > antivirus software does not detect 100% of all viruses. That's why a
    > multilayered defense is necessary(and I think personal firewall software
    > is one of those layers).


    But no "layer" of this "multilayer defense" is able to protect the
    computer against _you_! That's the problem. It is completely worthless
    because you did install the malware in the first place, probably as
    administrator on the computer. At the very moment it is running, in
    particular as administrator user, all those "layers" collapse. A program
    running on the computer can mess with the system in any way it likes. It
    does not matter what kind of security software there is on the computer,
    as the computer which is running the security software is compromised
    thus you cannot tell whether or not the security software is still
    running as intended even if it seems to be so.

    > In the course of doing my job I have often had to clean computers that
    > have been infected with viruses/Trojans/spyware. It's been my
    > experience that the computers can be restored to normal functioning in
    > most cases. A combination of multiple antivirus and antispyware scans


    You said the malware must distrupt the system or the normal functioning
    of a computer? A good malware, in particular a trojan, is only useful if
    it is well hidden. But if someone is collecting some trojan computers
    for a DDoS attack the trojan will just sit there and wait until the
    signal comes. And something like a keylogger would not ever want to be
    noticed if possible.

    > does a very good job of removing malware. I only remember one case
    > where the computer was so badly infected it was unrecoverable. It got


    This should make you think! Why would it be unrecoverable? Why do you
    think all the other computers were really recovered? The thing is: you
    don't. All you know is that you did not use any tool which could find
    something...

    Gerald

  16. Re: NAT Router

    Gerald,

    Yes, I can see how it's possible for malware to be virtually undetectable.
    In that case, what strategy do you recommend to protect against it?


  17. Re: NAT Router

    Victek wrote:

    > Gerald,
    >
    > Yes, I can see how it's possible for malware to be virtually undetectable.
    > In that case, what strategy do you recommend to protect against it?


    Don't execute it. Now that was simple...

  18. Re: NAT Router

    On Thu, 29 Mar 2007 15:28:23 +0000, Victek wrote:
    >
    > Gerald,
    >
    > Yes, I can see how it's possible for malware to be virtually undetectable.
    > In that case, what strategy do you recommend to protect against it?


    You have to follow security normal when using a computer, on or off the
    net, and you need to make sure that you have apps/os patches that are
    designed to secure your system.

    Once a machine is compromised, the only true to to be sure it's cleaned of
    malware is to wipe it completely and reinstall from known clean media in a
    clean environment.


    --
    Leythos
    spam999free@rrohio.com (remove 999 for proper email address)

  19. Re: NAT Router



    "Leythos" wrote in message
    news:1175186044_8311@sp6iad.superfeed.net...
    > On Thu, 29 Mar 2007 15:28:23 +0000, Victek wrote:
    >>
    >> Gerald,
    >>
    >> Yes, I can see how it's possible for malware to be virtually
    >> undetectable.
    >> In that case, what strategy do you recommend to protect against it?

    >
    > You have to follow security normal when using a computer, on or off the
    > net, and you need to make sure that you have apps/os patches that are
    > designed to secure your system.
    >
    > Once a machine is compromised, the only true to to be sure it's cleaned of
    > malware is to wipe it completely and reinstall from known clean media in a
    > clean environment.
    >
    >

    I agree, but how can you tell if the machine HAS been compromised by
    undetectable malware?


  20. Re: NAT Router

    On Thu, 29 Mar 2007 18:52:00 +0000, Victek wrote:

    > "Leythos" wrote in message
    > news:1175186044_8311@sp6iad.superfeed.net...
    >> On Thu, 29 Mar 2007 15:28:23 +0000, Victek wrote:
    >>>
    >>> Gerald,
    >>>
    >>> Yes, I can see how it's possible for malware to be virtually
    >>> undetectable.
    >>> In that case, what strategy do you recommend to protect against it?

    >>
    >> You have to follow security normal when using a computer, on or off the
    >> net, and you need to make sure that you have apps/os patches that are
    >> designed to secure your system.
    >>
    >> Once a machine is compromised, the only true to to be sure it's cleaned of
    >> malware is to wipe it completely and reinstall from known clean media in a
    >> clean environment.
    >>
    >>

    > I agree, but how can you tell if the machine HAS been compromised by
    > undetectable malware?


    Do you ask questions that can't be answered?

    How can you detect something that can't be detected???? Come on.

    If you have a machine that is/was compromised you know, or you would not
    have determined it was compromised. Now, the proper way to clean it is to
    wipe it, and do it in a clean environment with known clean media.

    If you can't deteremine if your media is clean then get clean media.

    Do you always run around in circles?

    --
    Leythos
    spam999free@rrohio.com (remove 999 for proper email address)

+ Reply to Thread
Page 1 of 2 1 2 LastLast