Archive for the ‘Firewalls’ Category

What is spyware.

December 15, 2010

Caroline, good question! First let us talk about MALWARE. Malware is any kind of software that had a MALevolent (or bad) purpose. Spyware is a subset of malware. Malware may be something destructive which would damage the operating system or delete important things from the hard drive or registry. In the late 1990s the trend was to design such destructive malware. SPYWARE is a program that installs itself on your computer and then feeds back information about what you type or email. Actually there are companies and websites which plant COOKIES in your browser to report back to them what sort of websites you visit so that they may target you with advertisements based upon your interests or preferences. Other types of malware do what is called PHISHING (which sounds like Fishing) namely, they make themselves look like a login page from Facebook or some other application and tell you you must log in again. Once they have your user name and password then they use software to log into your account as you, go through all your friends list or email address book and spam your friends with advertisements or perhaps links which they will click on which will in turn trick them into revealing their login Identity and password. Other types of malware simply try to spread themselves to as many machines as possible and do nothing other than report their presence back to the program author through the Internet. Hackers who create such malware simply see it as a game to see how many thousands or millions of computers they may affect. There are some excellent free anti-malware programs available. I use two of them. http://malwarebytes.org has a free one. You must update the virus signatures each day (or each time you use it) which takes about 2 minutes, and then you run a scan which can take an hour on 80 gig drives or longer on larger drives. At the end Malwarebytes will report how many dangerous programs it found and remove them. Malwarebytes will also remove the so-called TRACKING COOKIES left on your machine when you shop on-line. The tracking cookie tries to report back to the company which sites you browse and what your shopping interests are. The second program I use is Avira Antivir. There is a free Classic version and also a paid version which is more automatic and has a built in firewall. We have three computers and one of them is what my wife uses for banking and bill paying so we have Premium paid Avira on that one with the firewall. A firewall program senses when an unknown program from the internet is trying to gain access to your computer AND ALSO sense when an unauthorized program ON your computer is trying to send a message out to the Internet. Many malware programs need to use a connection to the internet to communicate information back to the hacker programmer. This is why a firewall can be important. I hope this answers some of your questions about what Spyware is. We must always be very careful not to open email messages which contain attachments and come from people we do not know as the opening of the attachment might install malware on your computer. Even Microsoft Access, Word, Excel and Powerpoint have the VBA language which is sometimes used to install Malware. Whenever I open Word or Access or Excel it always asks me if I want to ENABLE the VBA and I say NO unless I really need it for something.

Advertisements

My post at Avira Antivirus Support Forum

November 23, 2009

Just today I received the Install Disc from your fulfillment center in Illinois, which is very speedy. I felt I would be wise to protect my investment with the small additional expense of an install CD.

The updates are super fast with the Premium Suite, and the Firewall is much less “in your face” than other firewalls which is good for my wife. I am a programmer and I enjoy interacting with a verbose firewall, but most non tech folks do not.

My question is this: In the event that her old machine crashes, I presume that I am free to reinstall Avira on a replacement machine, and that my only obligation as a user is to have it installed and active on only ONE machine at a time. Am I correct in these assumptions? I assume that every time Avira downloads or scans, your servers are aware of the license and IP address and all of that, which would make sense to control the legitimate use of the license and prevent abuse.

Several other machine in my extended family are running free Avira, and I want to report that updates are very fast and reliable. I have only had to resort to a manual update perhaps twice in the past 2 months, and those are quite speedy when they are necessary.

I post what follows simply in the spirit of friendly readable chat because we do get to know each other in these forums (but I am not seeking Ubuntu support in this post)

Regarding my Ubuntu experiments, last night at midnight, I totally crashed my Ubuntu install by experimenting with two different forms of backup,, one a tar to root, and the other a Simple Backup installed via synaptic manager, which places a mysterious folder /var/backup which is unmoveable except by some form of sudo command. I think I crashed it because I did a sudo Nautilus to launch the file manager GUI with root privileges. It did work and let me delete the /backup.tar.gz, but when I rebooted, I got fatal error messages. I realize that this forum is not the place to ask for help on such matters, but I just wanted to also let reader know my latest adventure. I stayed up all night and in 7 hours did a complete Ubuntu reinstall, based upon my elaborate notes in my wordpress blog. And I took elaborate notes on the step by step REINSTALL process, which was a better install because I learned from my first mistakes and so perhaps it is a sounder system now with ext4 rather than ext3, and the installer did its own disk format and partitioning, which did not occur during the first install.

I found the instructions for Avira install under Linux too daunting, involving kernel rebuilds, which I yet lack the skills to undertake. I did find an easy Avast install with a .deb (Debian) which is what Ubuntu likes. But it did some rather strange things both in my Wubi Ubuntu under Windows and my pure Ubuntu machine. I have decided that I do not really need antivirus or firewall on the Ubuntu machine, since each exotic program and install runs the risk to trashing the system. As far as I can see from my readings, the main reason for a linux virus scan is to protect Windows users who might receive emails, but I do not forward many emails with attachments. And Ubuntu is suppose to be farily sound with regard to firewall issues by the default nature of its install. And, now that I know I can restore the system in 7 hours, I can somewhat affort to risk not doing system backups and just backing up as much data as possible, or if I am doing a lot of MySQL Apache PhP, then just building scripts as I go, which would automatically recreate databases.

I do think I will get a large (64 gig) flash drive and practice with their option for an Ubuntu bootable flash, once I have combed google for feedback on the procedure..

Thanks, Avira Forum Members, for all your great help. I am spending a lot of time now in IRC Ubuntu chat using Konversation client, and there are usually 300 people in the channel from around the world at any time, so I take every opportunity to praiise Avira and this forum.

Avira Paltalk and Online Armor issues

November 19, 2009

posted at Avira Antivir Support Forum today:

I just upgraded to 3 years of Premium Avira Suite (having done a 30 day eval. with Firewall, so no need for Online Armor) and everything is smooth).

But my old Compaq machine has Free Avira and Online Armor as well as MalwareBytes (free).

I do use Paltalk on this machine, and neither Avira nor MalwareBytes has ever caught anything. But Online Armor reported some very suspicious activity from Paltalk. I allowed Online Armor to block certain things, and I still had a fine long session in Paltalk Tuesday night. But ever since, Online Armour has been doing OAminidumps. I SUBMIT them via the minidump submit. When I go to DELETE, the machine hangs for a long time and then reboots. I booted in safe (F8) mode and the defragger said I needed to do chkdsk /f and that it could not be performed at the moment but would be performed at next reboot. When I rebooted, out of curiosity, I chose the Ubuntu boot, and it did a bit of fixing and then Ubuntu came up fine and stable. But each time I boot into Windows, I get the same Online Armor minidump crash. I am in safe mode right now on that machine after the chkdsk /f successfully ran. It is allowing me to do a defrag right now. As soon as that finishes, I think I shall delete Online Armor, with the assumption that the OAdump business will go away. I do wonder about the Paltalk issues, but I really enjoy Paltalk, and I know so many people around the world who use it, so it cannot be too malicious or destructive. I shall also post this at Online Armor’s forum, but I am curious to get the feedback from people here. Thanks for your great support!

Someone suggested at Avira that it would make more sense to tell Tall Emu, the makers of Online Armor, to which I reply:

[quote=’Farger’,index.php?page=Thread&postID=875210#post875210]HI WilliamBuell,

I think that more reasonable will be to ask Tallemu about this :S[/quote]

Of course I am going to tell Tallemu about this, but it IS a legitimate Avira issue with regard to the question of whether Paltalk is doing something questionable, and is escaping the attention of Avira AND malwarebytes.

The two strange things that happened with regard to Online Armor and Paltalk are that Paltalk when I first launched it, tried to access my drive directly, and Online Armor said this is a very suspicious activity. The other thing, which I blocked, had something to do with some key.dll. I didnt like the looks of it, so I blocked it, but Paltalk launched fine and I was in it for an hour. But after that, all this crash business started.

I was marveling to myself how a firewall can detect suspicious activity which an AV scanner might miss. So, this in itself is a valid issue to raise on the Avira forum, NAMELY, what can be said about those suspicious activities which only a Firewall can catch? There is one antivirus someone recommended to me which supposedly detects suspicious activity and can catch a virus or malware on DAY ZERO. I am perfectly happy with Avira Premium Suite on my wife’s computer, because I want everything integrated and straight foward, and the Avira fire wall is not “in your face” every other minute with questions.

A side note of interest: I find that I am able to access Paltalk on my Ubuntu machine via Firefox. Initially, I could not get audio or mic to work, but then Firefox installed an Adobe flash update, and suddenly it was working. So, I imagine I would be safe from Paltalk monkey business on an Ubuntu machine in a Firefox browser.