Re: How to prevent malware from running on your PC

On 17 Sep 2005 08:52:14 +0200, Volker Birk <bumens@dingens.org> wrote:

>Art <null@zip.com> wrote:
>[Windows Update]
>> The real problem with WU is that it's a Trojan.
>
>I don't think so.

I recently had occassion to do a fresh install of Win 98SE. As is my
custom, I then proceeded to disable services and make sure the
adapters were bound to TCP/IP only. The netstat -an result was
empty as usual.

After doing a Windows Update ... downloading and installing all
patches and IE 6 sp1 ... I rebooted and to my surprise the Windows
logon screen appeared. Sure enough, my work had been nullified
and netstat -an showed all the usual NETBIOS ports listening. I had
been on line for quite some time with DSL servcice wide open to
attack. Luckily, I took no hits.

To protect yourself from the WU trojan, you can keep the install
file of your favorite software fw on CD and install it immediately
after installing Windows and before going online. Do your OS hardening
_after_ doing WU since it will undo some of your work. Then if your
sw firewall is disabled for any reason, you'll still be safe going
online.

Art

http://home.epix.net/~artnpeg
Received on Thu Sep 29 20:08:49 2005