Re: Windows/Macro Language Info?
- From: "Richard" <riplin@xxxxxxxxxxxx>
- Date: 4 Apr 2005 13:04:39 -0700
> They can be spread just as easily by Java, JavaScript, JScript or
VBA macros in MS
> applications,
I think that you meant to say J++ when you had 'Java'.
> or any other web scripting.
No. The point is that malware is often using Windows _features_. For
example http://www.mikx.de/scrollbar/
> The fact is that Perl, PHP, and probably (I don't know
> because I have never used it) Python, can all be used to host or even
create
> malware.
No. These are server side scripting languages while Javascript and
VBScript are client side. There is a vast difference. That is, when
you connect your client machine to a potentially malicious server the
Perl, PHP, Python scripts run on the remote server and send you HTML,
the Javascript and VBScript runs on _your_ machine.
Now JS and VBS are running in a 'sandbox' inside your browser so they
can only do what that allows them to. With MS IE it is allowed to do
more, by design, or can access other features (such as drag and drop).
> And what exactly is the risk?
Viruses used to just do nasty things, like delete files, but now they
are much more useful. For example a conservitive estimate is one
million Windows zombie spam mailers. Machines that quietly wait for
instructions from their 'owner' to send out spam mail. The user
probably never notices the extra traffic.
I wouldn't run any machine, especially not a Windows machine, unless it
was behind a genuine firewall. I use old 486s, a 386 with a 1.44
floppy drive will do, and a couple of network cards to run Freesco or
Smoothwall, there are many similar free products. This runs headless
(no monitor) and acts as a firewall, router, gateway, and can do other
server functions. I put up a new one a couple of weeks ago and watched
the logs as it went on line. Within a minute it had logged probes on
various ports vulnerable to Windows as well as probes on telnet, ftp
and ssh ports.
> Usually Panda detects a couple of viruses that have never been
activated and removes them,
If you are getting _anything_ then you are being too complacent. The
latest technology is defeating virus checkers by infecting the
underlying Windows file system levels so that the scan gets a false
report of file sizes and dates, as it would be if the virus wasn't
there.
> Machine gets infected. So what? It is an inconvenience.
It is also an inconvenience to all the mailusers that you may be
pumping spam out to. For those with dial-up connection it is more than
an inconvenience when they silently dial 0900 numbers in Nigeria.
There was a case just a month or so ago where Xtra agreed to write off
a couple of thousand dollars in excess bandwidth charges where a
Windows machines sent out Gigabytes of spam.
.
- Follow-Ups:
- Re: Windows/Macro Language Info?
- From: Pete Dashwood
- Re: Windows/Macro Language Info?
- References:
- Re: Windows/Macro Language Info?
- From: Lueko Willms
- Re: Windows/Macro Language Info?
- From: Pete Dashwood
- Re: Windows/Macro Language Info?
- From: Lueko Willms
- Re: Windows/Macro Language Info?
- From: Pete Dashwood
- Re: Windows/Macro Language Info?
- Prev by Date: Re: Windows/Macro Language Info?
- Next by Date: Re: Windows/Macro Language Info?
- Previous by thread: Re: Windows/Macro Language Info?
- Next by thread: Re: Windows/Macro Language Info?
- Index(es):
Relevant Pages
|
