RE: Insane Steam Holiday Sale (Full Version)

All Forums >> [General] >> General Discussion



Message


LarryP -> RE: Insane Steam Holiday Sale (1/5/2010 10:22:55 PM)

quote:

ORIGINAL: cmurphy625

So how do guys do 'quote'?


You should see three buttons on the top of each message:


[image]local://upfiles/16647/77301C5EF4CC45F2B794E8E4A95AB67C.jpg[/image]
Click the middle one.




htuna -> RE: Insane Steam Holiday Sale (1/5/2010 10:27:01 PM)

ok.. so is it cause I use that 'fast reply' box at the bottom?




htuna -> RE: Insane Steam Holiday Sale (1/5/2010 10:28:16 PM)

quote:

ORIGINAL: cmurphy625

ok.. so is it cause I use that 'fast reply' box at the bottom?


Cool.. now I understand... again.. I didn't intentionally go in and edit and remove smileys, just didn't understand the Quote process ...thanks

Also that is so much easier as well, so really thanks!!!




LarryP -> RE: Insane Steam Holiday Sale (1/5/2010 11:30:59 PM)

Looking good now! You got it. [:)]




Zakhal -> RE: Insane Steam Holiday Sale (1/6/2010 4:59:47 AM)

quote:

ORIGINAL: LarryP

quote:

ORIGINAL: Zakhal

quote:

ORIGINAL: LarryP
My main PC got some viruses from Steam in 2007 and during that ordeal I used their customer support.


I could imagine a false positive but real viruses from steam downloads? Its hard to believe.


Well like always I'm lying again. I do that you know. I come on here and throw out a bunch of made up lies. It excites me! Woo hoo!


Perhaps you were simply mistaken? I dont mean to offend you but if one stranger in internet claims that he gets viruses from steam I would not believe him simply based on his claim. Thats just how it is.




06 Maestro -> RE: Insane Steam Holiday Sale (1/6/2010 5:16:41 AM)

As much as I would like to get Rome TW Gold for 2.50-I am not doing it. My computer will stay Steam free.




LarryP -> RE: Insane Steam Holiday Sale (1/6/2010 3:15:02 PM)

quote:

ORIGINAL: Zakhal

Perhaps you were simply mistaken? I dont mean to offend you but if one stranger in internet claims that he gets viruses from steam I would not believe him simply based on his claim. Thats just how it is.


Thank you for saying it that way. [:)] Knowing what I know now about all forms of Internet intrusions, if anyone were to tell me they even think they got a trojan, virus, or malware from a site, I would be careful. I don't even have to go to a web site to get infected. All I have to do is have my PC connected to the Internet through a broadband or dialup connectoin without a good firewall configured correctly and they can come to me. It's gotten that bad. With all of the ports in a computer, it's an open freeway for intrusions without good protection.

The thread I posted here about the Steam incident was back in about April or May (I think April though) of 2007. I don't remember every detail of it now but I do remember that I had done a thorough virus check right before connecting to Steam to play Disciples, and right after I got done I scanned again and I had gotten several infections. It was so bad I had to do a reinstall of XP. Then of course when Steam customer support finally got back to me, a long time later, they denied even the possibility. I expected nothing less, they have a business and a name to protect, and sad to say, most people DO lie.

Could it have been from a hacker at the same time? Sure. The way it played out though, I would say that the odds of it being from Steam with all things considered are pretty good. However, that's not the main reason I don't like Steam, but that doesn't matter this far into this thread. [;)]

By the way, your tag line makes good sense. [;)]




Scott_WAR -> RE: Insane Steam Holiday Sale (1/6/2010 9:35:09 PM)

Viruses, spyware,..etc, dont come to you, unless someone goes out of there way to find you. So unless you have pissed a hacker off you have very little to ever worry about. I have had broadband, with no firewall, no virus scanner, for over 8 years noiw,... and have never had a virus, or any spyware. In that time I have played mainly MMO's and other online games,....including buying from Steam. Yet no viruses at all,.... ever.
You cant get a virus or spyware by just going to a website, unless you have your security settings turned down, and it allows websites to download scripts etc without asking your permission first. Otherwise it asks you with a little popup at the top of the page,..and you should always say no.

Really some people have bought inot the BS spread by the companies that make firewalls and virus scanners. Its not NEARLY that bad out there unless you are an idiot and basically ask to get infected.

But, peace of mind is a valuable thing too and if having firewalls and virus scanners and being scared of the shadows makes you feel safer, then by all means.......enjoy. To each his own.


Set your security settings for IE or whatever browser you use to at LEAST medium (so that you have to agree to ANYTHING downloaded to your computer)DONT use torrents, dont download something from joe random. Dont download music files, dont download anything that isnt from an 'official' site. Follow those rules, you should never have problems with viruses or spyware.




LarryP -> RE: Insane Steam Holiday Sale (1/6/2010 9:54:45 PM)

quote:

ORIGINAL: Scott_WAR

Viruses, spyware,..etc, dont come to you, unless someone goes out of there way to find you. So unless you have pissed a hacker off you have very little to ever worry about. I have had broadband, with no firewall, no virus scanner, for over 8 years noiw,... and have never had a virus, or any spyware. In that time I have played mainly MMO's and other online games,....including buying from Steam. Yet no viruses at all,.... ever.
You cant get a virus or spyware by just going to a website, unless you have your security settings turned down, and it allows websites to download scripts etc without asking your permission first. Otherwise it asks you with a little popup at the top of the page,..and you should always say no.

Really some people have bought inot the BS spread by the companies that make firewalls and virus scanners. Its not NEARLY that bad out there unless you are an idiot and basically ask to get infected.

But, peace of mind is a valuable thing too and if having firewalls and virus scanners and being scared of the shadows makes you feel safer, then by all means.......enjoy. To each his own.


Set your security settings for IE or whatever browser you use to at LEAST medium (so that you have to agree to ANYTHING downloaded to your computer)DONT use torrents, dont download something from joe random. Dont download music files, dont download anything that isnt from an 'official' site. Follow those rules, you should never have problems with viruses or spyware.


That's hilarious! You made my day. [:D][sm=happy0005.gif][sm=happy0065.gif]




Scott_WAR -> RE: Insane Steam Holiday Sale (1/6/2010 9:57:40 PM)

Well if you find the truth funny so be it. Everything I posted is fact,..not opinion.

Edit- but as I posted above, if you feel better with a firewall and virus scanner,.....thats your choice.




LarryP -> RE: Insane Steam Holiday Sale (1/6/2010 10:49:07 PM)

quote:

ORIGINAL: Scott_WAR

Viruses, spyware,..etc, dont come to you, unless someone goes out of there way to find you. So unless you have pissed a hacker off you have very little to ever worry about.


The above is the funniest part. You have so much to learn but you seem to know it all.

quote:

ORIGINAL: Scott_WAR
Edit- but as I posted above, if you feel better with a firewall and virus scanner,.....thats your choice.


Thank you for permission. I'll do that.

I also find it funny when someone without a profile, no name, no age, no location, nothing but a login name, comes on here and acts like their word is God. For all we know, you're five years old and use your parents computer.

Your funnies have made me laugh more this afternoon than a good movie! I'm in debt to you for that. Thanks Scott, or is it Scott? Woo hoo! [:D][:D]




Scott_WAR -> RE: Insane Steam Holiday Sale (1/6/2010 11:12:30 PM)


If I am 5, and joined Matrix in 2005, then i was typing right outta the womb,....and if thats so you BETTER believe what I say as if its the word of god.[:D]

Regardless, it seems this thread has us disagreeing on things the thread isnt even about,.....so lets just forget it, it isnt really doing any goood either way.




LarryP -> RE: Insane Steam Holiday Sale (1/6/2010 11:26:32 PM)

That's one way to avoid the issues brought up. However, you are the one that came in slinging.

One question for you: What is the bare necessity to get into a PC with a broadband connection? In other words, what is the minimum required to talk to another PC with a broadband connection? Do you know?




Scott_WAR -> RE: Insane Steam Holiday Sale (1/6/2010 11:45:40 PM)

Not off hand, but I can find out if needed. Do I need to for some reason?

If its to satisfy you that I know what I talking about, then please enlighten us with the answer to your own question,....with proof now, becasue anyone can throw out randow specs and sound like they know what they are talking about. The facts I speak of are relatively common knowledge,.....but then again if you read what I said closely it would be rather obvious to you. I think you assumed I said something I didnt say.

Please point out anything I posted you feel is false.........

Edit- just for arguments sake, I know its less than 800mHz, as that was the CPU speed of the PC that I first used broadband with.




killroyishere -> RE: Insane Steam Holiday Sale (1/7/2010 2:06:59 AM)


quote:

ORIGINAL: LarryP

quote:

ORIGINAL: Scott_WAR

Viruses, spyware,..etc, dont come to you, unless someone goes out of there way to find you. So unless you have pissed a hacker off you have very little to ever worry about.


The above is the funniest part. You have so much to learn but you seem to know it all.

quote:

ORIGINAL: Scott_WAR
Edit- but as I posted above, if you feel better with a firewall and virus scanner,.....thats your choice.


Thank you for permission. I'll do that.

I also find it funny when someone without a profile, no name, no age, no location, nothing but a login name, comes on here and acts like their word is God. For all we know, you're five years old and use your parents computer.

Your funnies have made me laugh more this afternoon than a good movie! I'm in debt to you for that. Thanks Scott, or is it Scott? Woo hoo! [:D][:D]


Well for that matter even if you have a profile, with age, name, location and blah blah doesn't mean that is who you are or your age or where you live. You put too much faith in profiles I'm afraid. [:D] For all we know "you're" only five years old and use your parents computer as well. [:'(]




LarryP -> RE: Insane Steam Holiday Sale (1/7/2010 2:26:56 AM)

quote:

ORIGINAL: Scott_WAR

Not off hand, but I can find out if needed. Do I need to for some reason?

Edit- just for arguments sake, I know its less than 800mHz, as that was the CPU speed of the PC that I first used broadband with.


You didn't even get the question right. Wow, I should take advice from you on how to surf safely. This is getting funnier by the hour.

And now you have another nobody with no name and lives nowhere with no age sticking up for a blank profile mud slinging poster.

I think I will have the neighbors come over and watch this thread. They too are in need of good laughs! I love it! You guys are killing me! [:D][:D][:D]

Now, I will ask you again but more simple: If a hacker wanted to talk to your PC without you knowing about it, what is the ONE piece of information he would have to have? Just ONE item, and it's simple to acquire.




Scott_WAR -> RE: Insane Steam Holiday Sale (1/7/2010 2:43:18 AM)

I.P. would be the first and most important thing.




LarryP -> RE: Insane Steam Holiday Sale (1/7/2010 2:47:28 AM)

quote:

ORIGINAL: Scott_WAR

I.P. would be the first and most important thing.


Correct! Did you have to look on the Internet?




Scott_WAR -> RE: Insane Steam Holiday Sale (1/7/2010 3:24:45 AM)

Nope. Of course now I DID have to look up whether or not 'nope' was the answer...................[;)]




LarryP -> RE: Insane Steam Holiday Sale (1/7/2010 3:50:40 AM)

That's funny. You got me. [:)]

I never used a firewall for 13 years. I seldom used an anti virus program either. I heard and knew of people that got all manner of things from the Internet. I did pretty much what you described to me. I was very careful. My security settings were on medium-high in IE and then I went to custom settings and made more changes for the safer side. All I used was MS Firewall.

Then one day everything changed. I thought OK, one time, I'll be safe for another 13 years. Not so. I got hammered again and real bad. Then I started learning about hacking some, as I already was a software programmer. I found out what it takes to get into a PC and from then on, I have been using some sort of protection. Lately though I have been testing different programs and their interactions with each other. They can be so picky.

There is a guy from Germany on these forums called Goodguy, and he knows a lot about this stuff. I was hoping he would come here and say a few things about firewalls. Maybe he will. Anyway, I hope you never do get a virus or a rootkit, or a trojan. You are on borrowed time if you don't use anything now other than the Windows firewall. You can use Comodo and Avast, both are free and you won't be buying into any scam if you feel that way.

If you have never used a firewall and seen after an hour, all of the unknown incoming requests, it would surprise you at the activity. It's scary. Until you see for yourself, you won't believe it. After a day or two it's astronomical. The other day I had 150 of them in one hour. [X(]

It's not hard for a hacker to get an IP address, and once they have it they can access your ports. There are programs running all the time to find unprotected PC's and people do this sort of thing for kicks. I read about it quite often. If a person chooses to not believe this then oh well. I don't know what else to say except given enough time, they might. [:(]




GoodGuy -> RE: Insane Steam Holiday Sale (1/7/2010 4:47:28 AM)

quote:

ORIGINAL: LarryP

There is a guy from Germany on these forums called Goodguy, and he knows a lot about this stuff. I was hoping he would come here and say a few things about firewalls.


*Flash and blue puff of smoke*

Who called my name? *serious and meaningful facial expression* [;)]


EDIT:
K,.... here we go, i'll try to cut it short:

quote:

ORIGINAL: Scott_WAR

Viruses, spyware,..etc, dont come to you, unless someone goes out of there way to find you. So unless you have pissed a hacker off you have very little to ever worry about.


While this conclusion may sound reasonable for some people, i'd consider this to be one of the first comedy highlights in 2010.
You describe today's major online threats with a calmness and a level of unsuspicion, it's unbelievable. It may either be the result of a lack of knowldge or you just don't care, or you're indeed a kid, I dunno. [:)]

Viruses: There are so many forms, worms, trojans, viruses... there's a reason that some Anti-Virus companies put out DAILY updates for their virus definition-databases. If you go to www.trendmicro.com and check out their Virus knowledge databse, you'll find a myriad of Viruses, Worms and Trojans listed, plus you'll get an idea how intrusive some of them are, as they're rated with a "Threat Level" grade, and you'll get an idea about how deep some of them can dig into the system, by looking at the removal instructions.

How Viruses spread: There are so many ways of spreading them, it would be a neverending post if I'd list them here.

Let's pick an example: The infamous "I love you" Loveletter-Virus/worm did it in a pretty sneaky way, and it caused real financially quantifiable damage in the economy... worldwide, just by targeting unsuspecting MS Outlook users. That virus assumed that 1) windows scripting host is enabled on most computers (even on monitored corporate machines) and 2) that file-extensions of common (or system) files won't be visible on standard PCs. Also, the programmer of the Virus knew that Outlook does not display more than one file-extension. So this is what happened:
The Loveletter contained a script file (filename.txt.vbs) but a "dummy" user would just think it was a harmless text-file, as he/she could only see filename.txt . Once "opened" the fun started, as the script used Outlook (via OLE automation) to send the letter to all addresses found in the address book. Even personal firewalls couldn't do anything about it, as the traffic from Outlook to the mailserver was authorized. They just detect the actual communication, but they don't analyze the content, anyways.
The next step was to replace files on the infected system AND on computers found in the (company or private) network, usually spreading itself or amending to existing config/system files. Some clone versions used to rename all jpg files to let's say .txt files. Last but not least I love you spread on the IRC network, via DCC (direct client-to-client) file-transfer, as many people had "auto accept" enabled, overwriting the IRC client's (ie. MIRC) "script.ini" file, so that on next launch the infected MIRC client would act as Virus "spreader" too, sending the Virus to everyone who entered the same IRC channel.
The Virus programmer's script inserted a serious sounding warning message (something like DO NOT DELETE this FILE - substantial MIRC system file) at the top of the ini-file, in order to scare newbie users and to avoid that they'd delete the ini-file.

That whole ordeal happened 9 years ago, and - since then - Virus routines and scripts have improved a lot. You also have to keep in mind that this virus was written by a college student, and that the routines used in the virus weren't very sophisticated.

Nowadays, eg. with all the worms floating around, it's even possible to ship around a half-assed maintained/configured firewall, as they try to misuse and exploit game executables, system services or - via IP tunneling - try to make the user believe an attack is a legit request from/to his browser (in theory, no incoming request is ever legit, unless you want to establish a direct {IP to IP} connection to a fellow gaming partner, a game server or a direct {real-time} chat - like earlier versions of ICQ, for example). Another common procedure of quite some worms is to disable AVIRA, Norton AV or other AV tools, where some AV icons in the system tray would still indicate that the AV suite is still active (and guarding the system), although the drivers had either been shut down or replaced by dead fake-services. In such a case, say Avira for instance, would still display the opened umbrella, but (right-) clicking on the icon or main executable wouldn't launch the application anymore. So, the programmers explicitly target AV services in order to create a "free for all"-environment for the virus.

Malware/spyware and the like:
These types contain some of the most sophisticated routines you can find, nowadays. They hide in webpage html-scripts and java applets, are pretty common in advertizing banners, but can be found in every unsuspicious page created with JAVA, flash (using java-script), or shockwave (Java-script), too, in theory. If I don't actually play a wargame/game that requires the "JAVA runtime environment" (JRE), I uninstall JAVA - to reduce my system's vulnerability, and I disable java-script in my browser. The JAVA "Ersatz"/clone that comes with either IE or XP (can't remember) is not a fully functional JAVA environment, so it's not as risky to have that.

With a firewall (but without Anti-Virus software), and even if you avoid XXX ([:D]), torrent or "warez" sites, you can get a script virus easily, as quite some legit webpages use banner rotations to refinance some of the server/traffic costs, but where they are not able to control the content of the banner feeds. Malicious webcode would first "just" inject a "downloader" application into the system, which would then download the actual Virus/Trojan from a remote website. Many AV programs won't detect the activity of the downloader, until the actual virus steps in. The execution of the Virus code may still be "invisible" for the AV suite, on some occasions, as they don't just disguise themselfs with system DLL names like some weaker viruses, but as they actually use and launch legit system DLLs in order to do their malicious business under the "protection" of a legit system process.
In the last resort, a properly configured firewall may display and deny the "downloader's" attempt to connect to the trojan URL, in case it attempts a direct connection, means IF the downloader does NOT misuse your browser, other legit applications or IP tunneling, in order to connect and download the virus.

I've read an interview with a guy who used to work for a company that authored mal- and spyware. He works for security companies and anti-virus companies now. His employer pushed him to come up with some more sophisticated methods to push content to people's computers (surely without users' consent), in order to improve the particular company's market share. He described how he reshaped tools and methods - from IP tunneling, to automated cloning/spreading to even altering system files {eg. replacling/editing "beep.sys" in the user's windows directory, ie : ensuring the malware will recreate itself even AFTER deleting/cleaning the other files of the malware-combo, just on next reboot).
Last but not least, the infamous Rootkits are probably the most sophisticated malware pieces these days. Really hard to detect, and until around 2-3 years ago, only few virus scanners actually attempted/offered a rootkit-scan. I doubt that more than a few rootkits are a)known and b)actually being detected.

Hackers:

Noone has to "piss off" a hacker in order to get him to actually do stuff, like you suggested.
There are so many different levels of hacker-skills, ranging from the kid around the neighborhood using some old win32-version of the "SubSeven" (1996/97?) trojan, who taught himself how to inject the "Sub7"-routine into some unsuspicious JPG file and who would then send it to some friend to make fun of him, scare him or spy on him, to hacking on some uber-professional governmental/military level to obtain secret infos about patents (like some chinese institutions/companies actually try to spy on US and German company AND government networks) or about military apps/installations. On a sidenote, the NSA's surveillance and "bugging" compound ECHELON, which used to reside in Germany (now in England, details can be found in the STOA report authored by the European Parliament - a report about surveillance tech and risk of abuse), is suspected to spy even on institutions AND companies of allied/friendly nations, another reason for EU authorities to recommend that EU companies use encryption for all sensible data and communication.

But even the average hacker "Joe", at least, will be able to run fully automated scans of IP ranges (let's say he decides to scan the common system ports on a US cable network), and he'll then take a closer look at those IPs which reply with a ping ECHO (the number ONE reason why you should set your firewall to deny/drop incoming ICMP requests - it will make your system completely "stealth"). If a particular IP/Computer replies on multiple ports, the hacker will know that either the firewall is badly configured, or that there is NO firewall at all = easy prey. He can then use several ways of gaining access to the target system, and this doesn't even necessarily involve trojan-injection ... there's a German slang term ("freischiessen") for what a hacker could do next, it would translate to "shoot one's way out", well.. one's way IN, in this case, i guess, eh? hehe

This means he could use a DOS ("Denial of service", look it up) attack, and just any type of RPC attack. After bombarding a non-firewalled (and unpatched) system, the particular Windows computer will finally "give" in and grant FULL remote access after a while, as the system can't handle the myriad of requests (per second) - virtually, the system drops its pants. Then the hacker can pretty much browse completely through the remote system, freely, as if he was using his file explorer on his own machine.

Some hackers, besides searching remote computers for "useful" data, may then hijack a given system and inject code so that it (randomly) attacks other computers on the internet (which some virus routines actually do, too). Sophisticated hackers often use entire "armies" of hijacked computers for their "projects".

Early (primitive) tools for intrusion detection:
Around 1998 I was using a tool called "lockdown" and lockdown 2000 later on. This tool protected one port only (I can't remember which one, probably port 135?). It had 2 other functionalities, where one was a traceroute-routine that would trace an attacker's IP (it did pretty much what the DOS command "tracrt" did, but it was incorporated into the program's GUI) and it could deny hijacking of programs/games running on the system.
Whatsoever, it didn't have ANY firewall functionality except for that one port:

http://www.pc-help.org/www.nwinternet.com/pchelp/lockdown/claims/firewall.htm#conclusion

If you only read the few lines about firewalls supposedly being pure "marketing tools" or terms, you may get the false impression that the author of the webpage above just rants about companies which "frighten" users "silly" by heavily pushing and implanting fears on the user's end. This is not the case. If you check the main page, you'll figure that he just tries to reveal that apps like "lockdown" are just attempts to make money, instead of really offering a tool that protects a windows user:

http://www.pc-help.org/www.nwinternet.com/pchelp/index.html

The author, just like me, recommends sites like "ShieldsUp" (www.grc.com - Links of interest: ShieldsUp, LeakTest, Freeware Listing) and freeware firewalls. He recommends ZoneAlarm (that's where I wouldn't follow him [:D]), but Larry did a good pick with Commodo, I guess.

Back to Lockdown: Back then, McAfee/F-Prot etc still found some of those early viruses/trojans once in a while, so I talked to the Sys Admin of my father's internet company, and he recommended to get a personal firewall ASAP. He used TinyPersonalFirewall on his admin machine, but the company servers were protected by a set of different professional (expensive) firewalls, filters and anti-virus solutions. Since then, I've always used a firewall.

Common freeware FWs are pretty safe, if not a tick safer than TPF these days, and the net is packed with professional reviews and recommendations regarding personal firewalls. I recommend to do some research, maybe start with "ShieldsUp". You should also investigate on HOW (easily) Viruses can (and will) dance on an unprotected system and on how eg. worms or viruses can easily find their way to your system, even though NO hacker was being actively involved, since a worm can very well be sent automatically from a computer of some unsuspecting user (who happens to have an unprotected system), as I outlined above. Some hackers have thousands of unaware "accomplices", who, in most countries, -de jure- can't even be held responsible for their collaboration, as it's legal to have an unprotected system, right? [:D]
It's a bit sad, tho, that there are still ppl in 2010 who think that moving around on the internet is as safe as sitting around and aligning stamps in their hobby room. [sm=sign0063.gif]

My 2 cents. (well not so short, sorry [:)])




Scott_WAR -> RE: Insane Steam Holiday Sale (1/7/2010 5:26:31 AM)

I concede that my knowledge is over 8 years old, and I'll be truthfull about the extent of my knowledge. My brother is a network mumblemumble something or the other[&:] He owns his own server cluster, and runs/maintains it and other clusters/servers owned by various companies, mainly inventroy management and such I think..................again [&:], I dont question too much. I was having problems getting a firewall to allow exceptions right after I got broadband. When he visited I asked him for help and he explained that IF I didnt download anything questionable or allow any website to run anything, scripts etc, then I didnt have too much to really worry about. That unles a hacker came after me specifically (which if one does Im cooked, I realize that) he would have to have randomly came across me,...which the odds of are 1 in something billions.

8 years later he has yet to be proven wrong,......but then again it sounds terribly close to exactly what you said and you got nailed,...so it might be a good idea for me to do a little research as things do change.........




GoodGuy -> RE: Insane Steam Holiday Sale (1/7/2010 11:47:54 AM)

quote:

ORIGINAL: Scott_WAR

....he would have to have randomly came across me,...which the odds of are 1 in something billions.


Quite frankly, I'm not a genius in math, I forgot plenty of what I've learned in school. But this guy seems to really suck at IT (not necessarily at math [;)]), if he emits such an unrealistic numerical ratio.

For ONE particular hacker to pick on YOUR IP (out of several billion IPs) this may almost sound correct, at first glance.

Picking a random number, I would say it's rather like a handful of hackers and several thousand infected computers per let's say 50,000-100,000 (a theoretical approach, see below) users, where then a handful may actually try to access my IP with a number of scans per day:

For this example I'll exclude scans from other networks:

I get scanned almost daily by IP addresses where most are in fact part of my provider's network, which sureley means that it's not my provider trying to access my system, BUT CUSTOMERS of the same network, as it's easier to come up with valid IP addresses within a (for a hacker) well known area network.
My provider can't do anything about it, though, as a pure scan is not illegal. With my old provider, I got scanned several times per HOUR, from IPs inside and outside that network, as it was a well known and popular network with millions of users.

Now, we won't add all those ppl from foreign countries doing fully automated port scans on let's say US or German IP ranges, for instance, but if looking at the ratio I provided above (a "handful" per 100,000 users, say at least 5-10), the overall amount of potential hackers targeting my network will increase with every large network you add, most likely, as an unprotected PC/IP is accessable (you can ping it) from every location. And for this example we also won't add the myriad of infected PCs who act like hackers, as they scan IP ranges and try to "hack" in a fully automated way - usually without their users' knowledge.

My actual provider has around 559,000 customers, 360,000 have a registered internet account and pay for internet services. A few thousand of the latter are companies, the rest are private customers.
So, for the number crunching, let's insinuate that companies don't hack and let's assume that the 360,000

a) won't be online at the same time (at any given moment) and
b) that there will be quite some who rarely or even never use the service,

... then we'll add the fact that the majority will be using their internet after 6 pm only, and last but not least - since I get several port scans a day (on my dynamic IP) from some of these private customers, then it's prolly safe to say that only a group of a few hundred (I pick the random number 387) wannabe-hackers and a handful of capable hackers (say 57) out of let's say some 50,000 people who are "online" during the day [at work or at home] do these port-scans.
I'd then say, that the probability that some of these hackers target MY IP range and actually scan or hack (if my puter would belong to the minority share of unprotected systems within the dynamic IP pool) my system, would be higher than you could ever imagine, even in cases where a local provider has way more dynamic IPs (in his pool) than customers, to cope for "rush hours" and expansion of the customer base.

A hacker-tool usually automatically pings sub-ranges of a given Provider's network, reducing the number of IPs it has to ping/scan to several thousand or several ten thousand, per scan job. A hacker does NOT have to know your IP, nor does he pick a single IP randomly to see if someone's "on". If a given hacker would do things that way, the guy you quoted would actually be right.

Usually, I guess, a hacker will find the first unprotected systems in no time, which will get him busy rather quickly, ehehe, so THAT may actually really lower the chance that he gets to YOUR system, if your system obtained a high/lengthy dynamic IP. [;)]
On the other hand, you might want to include the number of hackers and wanna-be hackers worldwide, plus you might want to add the fact that countries like China employ several thousand people whose sole job is to spy on company, governmental, military and private puters worldwide.

Actually, in the 1980s, some viruses supposedly came from Rumania (IIRC), where a tiny department programmed boot viruses and routines that would destroy exe- or com-files. Well, since viruses used to be relatively harmless back then, the communists didn't achieve much[:)], eh?
And the basic version of many early systems, like the Atari ST, Amiga, Mac or even the IBM-PC didn't have a harddisk anyways, so once you turned off the computer, the virus was gone.

Anyway, my math is rusty, so someone with some math skills may want to do the probability calculation with all the numbers above.

I hope the stuff I typed above made sense.

Whatsoever, Scott, you still might get the idea.




LarryP -> RE: Insane Steam Holiday Sale (1/7/2010 3:39:49 PM)

Thanks GoodGuy! I'm printing your first post out for a relative that is also on borrowed time. You have helped me a lot with your firewall advice in the other thread, and I now have a pretty tight system (actually 3 of them) that I feel somewhat safe with. [:)] By the way, I sent you an email but maybe your email link in your profile has changed? It was about the Tiny firewall.

The Israeli's say that "Americans deny that there really is evil in the world." I guess until you get robbed, car jacked, or similar, it's hard to imagine evil happening to you, it's always somebody else. Especially here in the states where it's easy to feel safe. However, computers know no continental boundaries.

Back on topic somewhat:
I know you don't like Steam, but for a gamer that uses the service, what can they do for protection without a firewall stopping every few minutes with a pop up asking for clearance and crashing the system? [&:]




Emobama -> RE: Insane Steam Holiday Sale (1/7/2010 6:01:50 PM)


quote:

ORIGINAL: GoodGuy

Thing is, with the detail I posted, it's not just a rumour. Steam used to spy on users. I don't even care if they still do it or not.

Nothing you posted was a detail to me. It was basically following the urban legend template of "I knew a guy who". No details at all.




leastonh1 -> RE: Insane Steam Holiday Sale (1/7/2010 6:16:48 PM)

I've always used firewalls and used to trace a few random IP's who had tried a port scan on my stealthed pooter. Most of them came from China, a few from Germany and Eastern Europe and some from Russia. As LarryP said, it's amazing just how many times you will be targetted by some computer for a scan or probe throughout the day. Some days it doesn't happen more than a handful of times, others it's almost bad enough to cause a DoS.

When I was an IT Manager, many moons ago, I remember using a packet sniffer after seeing traffic spike massively one morning on my network. I'm talking about a gigabit network, with fibre to switches becoming almost completely unusable. Using the management modules on the switches and some freebie software, I traced and sniffed the packet stream causing the network to effectively die to one of the project managers laptops. It was sending single packets of data to sequential IP addresses out on the Internet at a rate of hundreds per minute. I forget the exact numbers now, but it was unbelievable to watch. This laptop had the latest McAffee (spelling?!) with updates and had still acquired a trojan (turns out he'd been using his works laptop with his home broadband and LAN to download "stuff"). Physically unplugging the laptop from the network solved the wider issue and the trojan was history after using a standalone removal tool. The point is, the IP's it was scanning could have replied with a packet after a request for an acknowledgement. In English, the trojan was basically picking a random set of addresses and knocking on the door of each in turn to see if anyone was at home. A response would have been written to a logfile and this would then have been uploaded via email to the trojan author, presumably for them to then try and gain access to the computers on these IP's. It doesn't take much coding knowledge to write this kind of software and use it, but it also illustrates how insecure and easy a target Windows really is, even when patched.

As far as I'm concerned, anyone who puts a Windows PC online without at least a firewall is just begging for trouble. The Windows firewall is woefully inadequate.

Here is a link to the site I use to decide which firewall I should be running. It's quite an eye opener when you see some of the big names failing the tests! - http://www.matousec.com/projects/proactive-security-challenge/results.php




GoodGuy -> RE: Insane Steam Holiday Sale (1/7/2010 6:30:52 PM)

quote:

ORIGINAL: Emobama

Nothing you posted was a detail to me. It was basically following the urban legend template of "I knew a guy who". No details at all.


Well, I did not look over his shoulder while he was analyzing Steam packets, nor do I have the qualification and experience to dig as deep as he can, in order to provide more than that one "detail", as it doesn't just take a sniffer.
I don't think he ever documented or published his findings, besides communicating (to his friends) that the data (I mentioned) were being relayed ... that's his call though - and not my fault. I do trust his expertise.

The fuss around Sony audio CDs is well documented across the net, though, as gathering personal user data is pretty common these days. If Steam did that back then, where I am convinced that they did it, they surely weren't the first company who ever did that, right? [:D]




GoodGuy -> RE: Insane Steam Holiday Sale (1/7/2010 6:38:15 PM)

quote:

ORIGINAL: LarryP

I know you don't like Steam, but for a gamer that uses the service, what can they do for protection without a firewall stopping every few minutes with a pop up asking for clearance and crashing the system? [&:]


Well, if Steam needs to connect to the net while you're playing, you can just create a rule in your firewall and enter all the ports which Steam needs in order to access their server(s), or if you trust Steam, you can give Steam the right to establish/accept connections on any port.




SlickWilhelm -> RE: Insane Steam Holiday Sale (1/7/2010 6:42:35 PM)


quote:

ORIGINAL: Scott_WAR
I have had broadband, with no firewall, no virus scanner, for over 8 years noiw,... and have never had a virus, or any spyware.


That you know of. [:D]




LarryP -> RE: Insane Steam Holiday Sale (1/7/2010 6:48:31 PM)

Jim, that pretty much sums up what we have been saying here. It's a jungle when you turn on a PC that's connected. The link you gave put Comodo as the number one firewall. That's what I ended up putting on all three of my PC's. I went through a bunch in the last few months too, and Comodo was the most configurable for each port and amazingly is free. Heck, I would be willing to pay them for it.

The first virus I ever got was called "Sunday." It was in 1990. A friend (ex friend now) brought over a floppy disk (remember those?) and wanted me to see something. I had a 20 meg HD and I got to reformat it shortly after. The next one I got was about 2003 I think, running no firewall but the Windows one.

Looks like you were quite involved in the Internet field. Any advice is welcome as nothing beats experience. [&o] Thank you sir! No pun intended since you live in England. [;)]




Page: <<   < prev  2 3 [4] 5 6   next >   >>

Valid CSS!




Forum Software © ASPPlayground.NET Advanced Edition 2.4.5 ANSI
7.671875