: Spyware...



TeagueJT81
03-18-05, 08:09 PM
We've been doing security updates on our users' computers at work this week, and it's impossible not to notice how much spyware we find on some computers - even those belonging to users who almost never do anything with theirs that isn't work related.

What's most disturbing to me is that this stuff is getting on these machines despite the protection on our domain: two physical firewalls, at least three software firewalls, active software spyware protection on each computer, and god knows what else DOE gives us to keep the bad stuff out.

I thought some statistics on how big a problem it is for a more diverse sampling of people would be interesting, since a lot of the people who work in my building are are aging scientists and researchers who just haven't adapted to computers.

So post (or PM if you're embarassed) away if you don't mind divulging some info like this:



How big a problem is spyware for you?
How deliberate are you in avoiding it? Do you do lots of downloading and/or give your email address to lots of places (their content doesn't matter)?
Do you use Windows, a Mac, Linux, or something else?
How computer-savvy do you consider yourself?
None of this information will be used for teasing, name-calling, jeering, etc., nor will any of it be given to anyone in any form. I probably won't even type it up in a real report - it's mostly for curiosity and so I can have some information outside my workplace to go on when I come up with a plan for dealing with the stuff at work and present it to my boss.

Also, I'm writing a "guide" for some of our users and technicians about how to avoid the crap and remove it if you get some, accidentally or otherwise. If anyone wants it, say so. If enough people want, I'll post it here. It should be done today or tomorrow.

Thanks for any info.

And yes, I'm pretty freakin' bored right now. But that doesn't change the semi-serious nature of the post.

- Joe

TeagueJT81
03-18-05, 08:17 PM
I'll go first...

Personally, I have no problem with spyware. At work, it's a noticeable but not crippling problem. I'm very deliberate in taking steps to avoid it during daily internet use. I don't do a whole lot of downloading, and I don't give my email address to anyone who asks unless I know specifically why they're asking and either trust them or need to give it to them for some other reason. At home, I use Windows and Linux, and I use a browser on both that is noted for security (Firefox). I've been working with computers for about two years now, and I tinkered with them for a long time before that, so I consider myself pretty computer-literate.

I got into spyware bad on my last Windows partition, but I've been running this one for close to eight months without a single problem with it (probably a world record for Windows). My girlfriend (surprised I have one after all this techno-talk? I still am) and her family go through about two formats a month because they can't seem to learn to take any sort of security precaution.

- Joe

Sinister Angel
03-18-05, 08:56 PM
I as well run a combination of windows an linux boxes at my house. Spyware and virii aren't an issue because a) I use mozilla and b) I know enough what to watch out for.

In fact, I'm willing to bet that 90% of spyware that makes it onto machines is because people are... ignorant (I'll be nice) enough to go "oooh, desktop buddy"*click*"why is my computer slow now???"

Kev
03-18-05, 09:13 PM
How big a problem is spyware for you?
How deliberate are you in avoiding it? Do you do lots of downloading and/or give your email address to lots of places (their content doesn't matter)?
Do you use Windows, a Mac, Linux, or something else?
How computer-savvy do you consider yourself?

1. Doesn't seem to be a major problem for me.
2. I avoid what I am aware of, use Linksys (hw) firewall and Sigate (sw) solutions, Spybot for anti-spyware, AVG for anti-virus. I don't download music or other play stuffs, I only give email addresses to places I know.
3. I use Windows 98SE, 2kPro SP4 and XP Pro SP2.
4. I consider myself above average (my brother-in- law is a tech :D)

Elvis
03-18-05, 09:31 PM
I use Spybot-search & destroy and HijackThis! frequently.

If you could stop your employees from surfing on company time the problem would be solved. I don't know what the real statistics are, but my bet is that the average desktop computer is used less for company business now than it is for personal entertainment during work hours.

I can remember a day when the average desktop computer was only in use for about 40 minutes out of an 8-hour workday. We stretched a lot of resources back then.

CharBroiled
03-18-05, 10:32 PM
Spyware isnt much of a problem. I try to only dl stuff I do some homework about and read EULAs and TOS stuff, you find anything you dont like, dont install it. Use Firefox and a good firewall (zonealarm is free) and good antivirus. Spybot S&D is good also. My "real" email addy only does out to trusted folks, web based throwaway accounts are used for everything else. I use Win 2000 and XP mostly, and 98SE on a couple comps. Ive used computers since the late 70s so I know a bit.

Adumb
03-19-05, 12:22 AM
i had big problem with it a while ago despite being careful, i think when my friends use my computer is when i get the most spyware. so i put all my files onto my second hard drive and reinstalled windows and have tried to keep up on keeping spyware off my computer.

Kev
03-19-05, 12:39 AM
It is, in this day of constant high speed internet access, very important to takes measures that protect our computers and intranets. My church was hit pretty hard last year. After setting them up with DSL including a hardware firewall solution we instructed them to simply turn off the modem after working hours. Well, they did that for a while but then became complacent.

After a few months they complained of problems connecting to the network and their work stations were slowing down to a crawl. Turns out they had been hacked over a series of months, the hacker had gained access to the server, repartitioned one of the drives with a hidden partition (I hate to think what was stored on it) and changed the server to meet his needs.

It took us many hours to undo the damage. The hard drive with the hidden partition mysteriously crashed when we discovered it, put it in annother computer for insvestigation.

If you connect an unprotected computer to the internet I'd bet it won't be 5 seconds before it is probed from outside.

illumina
03-19-05, 12:40 AM
I also run Linux and Windows.

Spyware is not a real issue for me because of how I do my network. I also try and open all emails from my Linux machine, so email issues ae also not an issue.

Staving off spyware is also best accomplished by using Mozila Firefox or an alternate browser instead of internet explorer. I won't even mention how bad my IE was screwed up when I caught the "real-yellow-page" and "smartsearch" bugs some months ago...It was a frakin' mess I tell ya!

slk230mb
03-19-05, 12:56 AM
I use Firefox and regular scans with Spybot/Adaware keeps me clean. When I must use IE, I check to make sure no new objects have been installed. Over the summer when I work, I do tech support, the only real way to keep the spyware off the machines is to block internet access. We have too many IE based applications to make the switch to firefox.

RBraczyk
03-19-05, 01:58 AM
I'll detail my shiz tomorrow.