> Would you believe in 20 years of computing, this is the first > time I've ever had a virus?
You didn't get a virus, you were attacked by an organized criminal enterprise! This isn't mere semantics, it goes to the core of how we perceive what's going on. The word "virus" implies they occur in nature, which masks the truth and keeps people from getting as riled as they should be. But I'm not writing just to repeat this observation, but to mention: First, the need for a disaster recovery plan to insure the needed materials for complete machine rebuilds are available and timely, something which we and our customers should be well versed in and regularly maintain. I've written an app for this purpose. Second is awareness of a highly insidious act by these criminals: they can - and I've seen it - change source code, such as HTML files on our machines, which we might then install on a server without realizing what's happened. For this problem, even completely rebuilding a machine and restoring backups isn't a complete solution. What to do? Some thoughts: 1. A VM that doesn't require a host and can't be cracked should become standard fare. This way, if a virtual copy of Win/xx is hacked, rebooting Win/xx starts with a completely fresh copy and no traces of the hack. Concurrently, something (see #2) is protecting our files from unauthorized access and change. 2. A resource control system such as IBM's RACF. It's simple in concept: everything is protected by default, and then any number of user groups can be defined, each with very specific access rights that go right down to the file name level. For example, your ID can be in a group that can only read file 'abc' and during the daytime only. 3. Until 1 and 2 are readily available, isolate development machines (due to the source code exposure) from the Internet altogether, and use a spare (unimportant) machine to access the net. 4. For now, I've settled on MS Security Essentials because protecting Windows from hacks is MS's job, plain and simple. It's their source code, therefore their responsibility. To give credit were it's due, it does seems to be working okay, but then I've become extremely careful with Internet access from this machine, using a limited account on a spare machine for googling (even simple, innocuous Google searches can bring up lists with bugged websites, which I've seen happen). 5. International law should be tracking down these gangs and putting them in jail. I've not heard of even a single such case, yet they keep getting more sophisticated by the day. The cynic would think that those in power actually want the Internet to become uninhabitable. That can't be the case, right? Bill _______________________________________________ Post Messages to: [email protected] Subscription Maintenance: http://leafe.com/mailman/listinfo/profox OT-free version of this list: http://leafe.com/mailman/listinfo/profoxtech Searchable Archive: http://leafe.com/archives/search/profox This message: http://leafe.com/archives/byMID/profox/f80fd47e559c44ae889798119e44d...@bills ** All postings, unless explicitly stated otherwise, are the opinions of the author, and do not constitute legal or medical advice. This statement is added to the messages for those lawyers who are too stupid to see the obvious.
