New Laptop - which flavour of Windows? (and other issues)

[BillW50]

In news:JeoRJdDKBA0LFwXm@bancom.co.uk,
tony sayer typed on Thu, 22 Apr 2010 08:52:42 +0100:
>> I actually tried this once as a test. Installed the original Windows
>> 2000 release, no firewall, no anti-virus, nor any updates back in
>> 2002. Although I had it networked to another computer and that one
>> was setup to scan the unprotected one. And that was very
>> interesting. Two servers slipped two viruses on the computer within
>> 90 seconds and I didn't even access any of those servers. Those bots
>> finds unprotected computers really fast. Pretty clever! But not
>> clever enough to fool me. lol
>
> Was this -directly- connected to the net, or via a ADSL/Router NAT
> unit like a lot of people now use?..

Hi Tony! It was connected up by dial-up. If it had a router connected,
that never would have happened (well a correctly setup router anyway).
And the viruses were inert until the user rebooted the computer. Then
the viruses would install themselves and infect the system.

--
Bill
Asus EEE PC 701G4 ~ 2GB RAM ~ 16GB-SDHC
Windows XP SP2 (quit Windows updates back in May 2009)

 

[tony sayer]

In article <hqp98b$4al$1@news.eternal-september.org>, BillW50
<BillW50@aol.kom> scribeth thus
>In news:JeoRJdDKBA0LFwXm@bancom.co.uk,
>tony sayer typed on Thu, 22 Apr 2010 08:52:42 +0100:
>>> I actually tried this once as a test. Installed the original Windows
>>> 2000 release, no firewall, no anti-virus, nor any updates back in
>>> 2002. Although I had it networked to another computer and that one
>>> was setup to scan the unprotected one. And that was very
>>> interesting. Two servers slipped two viruses on the computer within
>>> 90 seconds and I didn't even access any of those servers. Those bots
>>> finds unprotected computers really fast. Pretty clever! But not
>>> clever enough to fool me. lol
>>
>> Was this -directly- connected to the net, or via a ADSL/Router NAT
>> unit like a lot of people now use?..
>
>Hi Tony! It was connected up by dial-up. If it had a router connected,
>that never would have happened (well a correctly setup router anyway).
>And the viruses were inert until the user rebooted the computer. Then
>the viruses would install themselves and infect the system.
>

Indeed.. but surely these days would anyone connect -directly- to the
net?.

Seeing that wireless routers with inbuilt NAT seem to be all the rage
these days?..
--
Tony Sayer

 

[BillW50]

In news:c54kANGIAG0LFwX3@bancom.co.uk,
tony sayer typed on Thu, 22 Apr 2010 15:41:12 +0100:
> In article <hqp98b$4al$1@news.eternal-september.org>, BillW50
> <BillW50@aol.kom> scribeth thus
>> In news:JeoRJdDKBA0LFwXm@bancom.co.uk,
>> tony sayer typed on Thu, 22 Apr 2010 08:52:42 +0100:
>>>> I actually tried this once as a test. Installed the original
>>>> Windows 2000 release, no firewall, no anti-virus, nor any updates
>>>> back in 2002. Although I had it networked to another computer and
>>>> that one was setup to scan the unprotected one. And that was very
>>>> interesting. Two servers slipped two viruses on the computer within
>>>> 90 seconds and I didn't even access any of those servers. Those
>>>> bots finds unprotected computers really fast. Pretty clever! But
>>>> not clever enough to fool me. lol
>>>
>>> Was this -directly- connected to the net, or via a ADSL/Router NAT
>>> unit like a lot of people now use?..
>>
>> Hi Tony! It was connected up by dial-up. If it had a router
>> connected, that never would have happened (well a correctly setup
>> router anyway). And the viruses were inert until the user rebooted
>> the computer. Then the viruses would install themselves and infect
>> the system.
>>
>
> Indeed.. but surely these days would anyone connect -directly- to the
> net?.
>
> Seeing that wireless routers with inbuilt NAT seem to be all the rage
> these days?..

Well there are a number of households with only one computer which uses
just a ADSL modem to connect. And the ISP assigns them an IP address
(usually dynamic) which can be seen from the outside world directly to
your computer. And they would have the same problem without a firewall.

Cable modem users are on their own little neighborhood network from all
I know and they would be safe from random attacks from the outside
world. So you are right, but there is still enough users out there that
could be still at risk. I don't know, maybe 20 million alone in the US
would be my best guess.

--
Bill
Gateway M465e ('06 era) - Windows XP SP3

 

[Barry Watzman]

There have been a number of studies showing that the mean time before
infection of a pre-XP-SP2 computer (fresh install Windows, no other
security software, connect to the internet (broadband connection), DO
***NOTHING***, just let it sit with a configured and working IP
connection) is less than 5 minutes.

This holds for any computer running any version of Windows prior to XP
SP2, with no added security software and not running behind a firewall
or at least a router with NAT.

Most people have no idea how great the risks are.

tony sayer wrote:
>> I actually tried this once as a test. Installed the original Windows
>> 2000 release, no firewall, no anti-virus, nor any updates back in 2002.
>> Although I had it networked to another computer and that one was setup
>> to scan the unprotected one. And that was very interesting. Two servers
>> slipped two viruses on the computer within 90 seconds and I didn't even
>> access any of those servers. Those bots finds unprotected computers
>> really fast. Pretty clever! But not clever enough to fool me. lol
>
> Was this -directly- connected to the net, or via a ADSL/Router NAT unit
> like a lot of people now use?..

 

[Barry Watzman]

Not all cable modems and DSL routers have an internal router with NAT.
Many will still give a single connected computer a public IP address.

tony sayer wrote:

>
> Indeed.. but surely these days would anyone connect -directly- to the
> net?.
>
> Seeing that wireless routers with inbuilt NAT seem to be all the rage
> these days?..

 

[Barry Watzman]

Cable modems are the same as DSL routers, in that they inherently have a
public IP address.

The issue here is whether or not a single computer, connected directly
to a cable modem or DSL (ADSL) modem is given a public or private IP
address.

(Private = 192.168.xxx.xxx = safe; public = almost anything else; you
can check your ip address by opening a command prompt window (DOS box;
Start, Accessories, Command Prompt) and typing the command "IPCONFIG".]

As a nearly correct generality, ALL cable modems and DSL modems natively
have public IP addresses. The "subnetting" of the cable network, by
itself, DOES NOT help you in that regard.

In the first place, in order to even be able to give you a private IP
address, the cable or DSL modem needs to have an internal single port
router and NAT. Not all do.

In the second place, even if the cable or DSL modem has the ability to
do NAT and issue a private IP address, it's ALWAY configurable. The
reason is that if customer is going to run a SERVER on the internet, he
NEEDS a public IP address, consequently the ability to achieve this is
always present. So it becomes a matter then of how the modem, if it has
a built-in routter and NAT to begin with, is configured by default (I
say "by default" because probably only a low single digit percentage of
users have any idea that their cable or DSL modem is configurable in
this regard, or how to do it).

Although some users might be ok with their equipment as supplied, the
standard advice that most professionals give is that ALL computers
should be behind an "explicit" router, e.g. a customer supplied piece of
equipment inserted between the modem and the user's computer or LAN.
Even if the user is not sharing the internet connection and/or has no
interest in setting up a WiFi network.


BillW50 wrote:

>
> Well there are a number of households with only one computer which uses
> just a ADSL modem to connect. And the ISP assigns them an IP address
> (usually dynamic) which can be seen from the outside world directly to
> your computer. And they would have the same problem without a firewall.
>
> Cable modem users are on their own little neighborhood network from all
> I know and they would be safe from random attacks from the outside
> world. So you are right, but there is still enough users out there that
> could be still at risk. I don't know, maybe 20 million alone in the US
> would be my best guess.
>

 

[dennis@home]

"Barry Watzman" <WatzmanNOSPAM@neo.rr.com> wrote in message
news:hqqkhf$qt3$2@news.eternal-september.org...
> Not all cable modems and DSL routers have an internal router with NAT.
> Many will still give a single connected computer a public IP address.

That's true of cable modems and adsl modems but not of adsl routers unless
its configured for a subnet which is not very often.
Someone with a subnet would have the sense to turn on the firewall on XP
before downloading and installing the updates.
With the firewall turned on its not going to be infected before the updates
are installed.

Linux can be infected if you install a 5 year old unpatched version and
leave it connected, it just takes longer.

 

[The Natural Philosopher]

Barry Watzman wrote:
> There have been a number of studies showing that the mean time before
> infection of a pre-XP-SP2 computer (fresh install Windows, no other
> security software, connect to the internet (broadband connection), DO
> ***NOTHING***, just let it sit with a configured and working IP
> connection) is less than 5 minutes.
>

I.e. teh same tim as it takes to laod Windows anyway!

Windows IS a virus..

 

[tony sayer]

In article <hqqkhf$qt3$2@news.eternal-september.org>, Barry Watzman
<WatzmanNOSPAM@neo.rr.com> scribeth thus
>Not all cable modems and DSL routers have an internal router with NAT.
>Many will still give a single connected computer a public IP address.
>
>tony sayer wrote:
>

Well I wonder if the UK and USA practice differs in this respect?.

Most all the people I know with Broadband ADSL or cable have a router
with say 4 ethernet ports thereon issuing invariably 192.168.1.xxx

or more often than not a wireless connection...

>>
>> Indeed.. but surely these days would anyone connect -directly- to the
>> net?.
>>
>> Seeing that wireless routers with inbuilt NAT seem to be all the rage
>> these days?..

--
Tony Sayer

 

[The Natural Philosopher]

tony sayer wrote:
> In article <hqqkhf$qt3$2@news.eternal-september.org>, Barry Watzman
> <WatzmanNOSPAM@neo.rr.com> scribeth thus
>> Not all cable modems and DSL routers have an internal router with NAT.
>> Many will still give a single connected computer a public IP address.
>>
>> tony sayer wrote:
>>
>
> Well I wonder if the UK and USA practice differs in this respect?.
>
> Most all the people I know with Broadband ADSL or cable have a router
> with say 4 ethernet ports thereon issuing invariably 192.168.1.xxx
>
> or more often than not a wireless connection...
>

That's the modern reality: Most ISP's give such away anyway, and the
price of e.g. an integrated DSL router.modem with NAT is not much more
than a modem alone anyway. Its all software really.

However it wasn't always the case, particularly on cable.

 

[Adrian C]

On 19/04/2010 23:13, BillW50 wrote:

> Heck lots of applications write in the Program Folder. Off of the top of
> my head, instant messengers (which stores the chat logs there),
> anti-virus software (which updates the virus database there), Microsoft
> Office (which stores saved templates there), Faststone Capture (stores
> saved screen shots there), etc.

Well, not any more ...

UAC File & Registry Virtualization sends the actual writes (and eventual
reads) somewhere else. It's a process that mostly works if all
applications are fooled by the redirection. Doesn't always work though

Like last week installing Apache on Vista I found Apache had set the
documents directory 'htdocs' straight in the midst of 'Program Files'
and steadfastly served http from that location. Copying web files there
from my editor program (Eclipse) was futile, they disapear somewhere
else and Apache never got the chance to serve them.

The workaround was to configure Apache to support the htdocs folder
relocated somewhere else, and keep UAC active. I won't turn that off.

--
Adrian C