Talk:Understanding Computer Infections

From CastleCopsWiki

Jump to: navigation, search

Contents

[edit] USB thumb drive safety

This article really needs a few lines or a paragraph on this issue. It seems to me to be a major issue. Unfortunately I don't know anything about it to write for sure. Anyone knowledgable in this area want to help me out? I'm looking for the following basic points

  • What are the typical threats that spread via thumb drives
  • How do they spread?
  • Is there any general tip or advise such as turning off autorun that will help? Software ideas are good too (e.g drivesentry) but not as important.
  • In particular I'm curious about how such threats execute themselves (if they do) when you plug into your computer.

Thanks. --LU 08:57, 2 August 2007 (EDT)

Never mind. I added in that part already and more besides. --LU 05:11, 3 August 2007 (EDT)


[edit] Request for Major Peer review & self criticism

  • Throughout the series I use the term program/executable content/code almost interchangeably, I'm pretty sure code is not exactly the same as the first two, can someone advise on the proper usage? At times, i also waver between using the words 'running/installing' and similarly between ' files/programs', for purposes of technical accuracy does that matter? Please advise! --Erikalbert 14:59, 12 June 2006 (EDT)
  • Okay, I split it up into three pieces as proposed. Another division or system of looking things is in the end arbitrary, I'm not entirely satisfied really. Anyone? People have in the past objected to my phrasing of "infecting yourself", because it is vague since any human action directly or indirectly can cause infection. Thoughts? --Erikalbert 14:59, 12 June 2006 (EDT)
  • Introduction is weak. I keep stressing to keep malicious code or program from running on your system. and then I focus on basically 3 parts --Erikalbert 14:59, 12 June 2006 (EDT)
  • Programs you run yourself directly by clicking on it (including email attachments)
  • Programs run automatically due to poor windows/program configuration. Which basically boils down to browser driveby downloads
  • Security exploits that cause autoexecution of code --Erikalbert 14:59, 12 June 2006 (EDT)

Is this too simplistic ? Am I focusing too much only on browser configuration in ii). What about other means of system access? Netbios over TCP/IP? Remote registry services? Wireless LAN? Network shares? Or am I trying to do too much? --Erikalbert 14:59, 12 June 2006 (EDT)


  • such as Jotti malware scan (accepts up to 15mb sized file) and Virustotal (accepts up to 2mb sized file) .

The last time I checked the maximum file sizes were correct. But I accidently realised Virtustotal could indeed accept more than 2mb, does anyone know the correct size? --Erikalbert 14:59, 12 June 2006 (EDT)

  • Do the screenshots distract too much? Should I turn them into thumbnail size? I'm still playing with the images. --Erikalbert 14:59, 12 June 2006 (EDT)
LU, you killed this whole section ... I assume that was inadvertent and thus rolled it back, then added back your following comment:

See also http://www.spywarewarrior.com/viewtopic.php?t=20166 - LU

[edit] Screenshots

--Erikalbert 02:57, 1 November 2005 (EST)Okay let me forstall all the possible comments i can think of

1. This model of looking at things isn't perfect either.

2. It's not meant to be a detailed listing of every little security step you can take. E.g hosts files, install specific security software etc

  1. Please sign your comments at this and any other talk page please.
  2. You've said what it's not meant to be but not what it is meant to be.
--Ikester 01:19, 30 October 2005 (EST)
--Erikalbert 02:57, 1 November 2005 (EST) It's meant to explain to people that there are only so many different ways to get infected.
Also it's meant to explain that in most cases, infection can be avoided if you are careful.


This is looking great! --Paul 00:50, 14 February 2006 (EST)

For the next newsletter, perhaps I might be able to put this one into there and also throw a highlight on the front page news. Let me know if you think its near that time. --Paul 18:52, 19 February 2006 (EST)

Not sure who you are talking to, but I'm satisifed with the content though the language can always be improved. As usual it's very wordy so normally at this point if it's my own article, I will start cutting down unneeded parts to make it more concise and polish up the phrasing to make things clearer, but since this is wiki, i'll leave the less fun parts to anyone else who is interested to do it if he likes. But yeah, you can probably put a highlight on it or whatever if you like. Or maybe after someone proof reads it, I already did it once, but I'm horrible at proofreading my own stuff --Erikalbert 19:43, 21 February 2006 (EST)
I propose to break the article into three parts: the overview, self-infection and automated infection. The overview would link to the other two parts. I also propose that the title be changed to "Understanding computer infection and repair" ... or something similar. --Ikester 22:01, 21 February 2006 (EST)
The title sounds okay , but I would drop "and repair" since this isn't about cleaning but mainly about preventation. As for splitting it up, be my guest. If you ask me the line between "self-infection" and "Auto-infection" is a very thin and gray one anyway.--Erikalbert 10:23, 22 February 2006 (EST)

Hmm what happened to the old talk page? Not redirected here? LOL>. --Erikalbert 12:11, 26 February 2006 (EST)

Dunno. Got it back but history is lost in the "?" character ending the URL it seems. It might be a bug. --Ikester 23:30, 28 February 2006 (EST)
Whatever, you are the wiki guy. I just type stuff --Erikalbert 14:25, 1 March 2006 (EST)

OK, I ended up renaming the page but was unable to bring the history of Understanding_computer_infections_or_How_did_I_get_infected? back into this current version. So a page that is assigned a name ending with the "?" (question mark) character, cannot be renamed without losing it's history thus shouldn't be used to begin with. --Ikester 00:08, 1 March 2006 (EST)

Time for me to add some screenshots... Good idea or Bad? --Erikalbert 01:42, 10 June 2006 (EDT)

Why not? Let's see what you have. --Ikester 17:10, 10 June 2006 (EDT)

[edit] Notes to self

  • USB flash drives as source of infection
  • More on network security --LU 05:37, 10 May 2007 (EDT)

[edit] readability

The fog index is 11.68. Not too bad. I was afraid it would be worse. Can be improved though. --LU 10:35, 31 October 2007 (EDT)

Retrieved from "http://wiki.castlecops.com/Talk:Understanding_Computer_Infections"
Personal tools