[lotuseclat79]

Researcher Uncovers Massive, Sophisticated Trojan Targeting Top Businesses.

Trojan may already have infected hundreds of thousands of PCs, botnet expert says

Quote:

"We weren't all that worried about Storm, and we weren't all that worried about Conficker," Stewart says. "This one you need to worry about."
...
The best strategy to defend against Clampi -- and other attacks that use a similar approach -- is to use separate machines for Web surfing and funds transfer, Stewart says. "Using Windows, it's too dangerous to do transactions on the same machine you do for Web surfing," he says. "You can't have any crossover between them."

-- Tom

[skyfox]

Posted via Mobile Device

[Look_Whos_Typing]

Lotusclat,

Hi, I am just fixing a nasty little bug with the help of Cookiegal. I decided to browse in the general security posts and yours intrigued me. I am wondering if my problem is not part of your above mentioned problem.

If you would like to view the thread on my problem and see if they are connected I would be so greatful.

LWT
Thread is "Completley Baffled"

[perfume]

Dear Tom,
Thank you for the info'! In the article" Enterprises currently can block Clampi with an intrusion prevention system, but Stewart says he doesn't expect that defense to last very long before the Trojan adapts.", interested me!

What's your take on Web Application Firewalls (WAFs) to counter this threat? I have stopped using the net totally for financial transactions since almost a year and half, so what's the risk of my PC becoming a botnet? I'll be eagerly waiting for your response!
Regards,
perfume.

[lotuseclat79]

Quote:

Originally Posted by Look_Whos_Typing

Lotusclat,

Hi, I am just fixing a nasty little bug with the help of Cookiegal. I decided to browse in the general security posts and yours intrigued me. I am wondering if my problem is not part of your above mentioned problem.

If you would like to view the thread on my problem and see if they are connected I would be so greatful.

LWT
Thread is "Completley Baffled"

Hi Look_Whos_Typing,

Unless you are one of the Top Wealthy businesses cited in the article, it is very doubtful your problem is related to that cited in the article. You were not targeted, you were, however, pnwded by a piece of malware that Cookiegal has helped you fix.

-- Tom

[lotuseclat79]

Quote:

Originally Posted by perfume

Dear Tom,
Thank you for the info'! In the article" Enterprises currently can block Clampi with an intrusion prevention system, but Stewart says he doesn't expect that defense to last very long before the Trojan adapts.", interested me!

What's your take on Web Application Firewalls (WAFs) to counter this threat? I have stopped using the net totally for financial transactions since almost a year and half, so what's the risk of my PC becoming a botnet? I'll be eagerly waiting for your response!
Regards,
perfume.

Hi perfume,

The chances of anyone running a Windows computer becoming a member of a botnet is a lot higher if they are not attentive to their computer's security. Do you have a link about WAFs?

Good for you to not use a computer for financial transactions - neither do I.

-- Tom

[perfume]

Dear Tom,
It's you who taught me how dangerous the web can be for conducting financial transactions! That was a good lesson i learnt, lucky me! I am seriously considering shifting to a Linux Distro after MS has decided to launch Windows 7! As RootbeaR said he's getting tired of "keeping the Windows on his PC secure"!

Yes, i have a link to some free WAF scanners and i have checked the site with both "Interclue" and "Dr.Web Link Scanner" which have given a clean chit to the link. (link removed by Cookiegal)

[Cookiegal]

Quote:

Originally Posted by perfume

Dear Tom,
It's you who taught me how dangerous the web can be for conducting financial transactions! That was a good lesson i learnt, lucky me! I am seriously considering shifting to a Linux Distro after MS has decided to launch Windows 7! As RootbeaR said he's getting tired of "keeping the Windows on his PC secure"!

Yes, i have a link to some free WAF scanners and i have checked the site with both "Interclue" and "Dr.Web Link Scanner" which have given a clean chit to the link. (link removed by Cookiegal)

I've removed the link. We do not link to warez sites here as we don't support that activity.

[Look_Whos_Typing]

Tom,

Nope that wouldn't be me. On a secondary note. What about using a prepaid credit card to do financial transactions. That way you can have the convenience without the fear. Is this ok to do?

Thanks
LWT

[perfume]

Dear cookiegal,
Sincerely did not know it was on the banned list! Accept my unreserved apologies ! I will give Tom, a valid site for WAFs this time!

[perfume]

Dear Tom,
Linux seems to score a point over Windows every time! This article mentions four WAFs for Linux,namely :

• AppArmor
• Gufw
• Systrace
• Zorp

These have been lifted from this need-to-know educative article: http://en.wikipedia.org/wiki/Application_firewall

This link leads to OnIt Personal Firewall (application firewall) download : http://download.cnet.com/OnIt-Personal-Firewall/3000-10435_4-10548233.html

Hope this will be useful! Dear Tom, Kindly let me know your opinion on both these types of firewalls!

[lunarlander]

Hi Perfume,

I think your definition of WAF is a bit broad, given the examples you gave above. I follow this definition here :
http://www.owasp.org/index.php/Web_Application_Firewall

[perfume]

Dear lunarlander,
" Web application firewalls (WAF) are a new breed of information security technology designed to protect web sites from attack. WAF solutions are capable of preventing attacks that network firewalls and intrusion detection systems can't, and they do not require modification of application source code. It is vitally important to develop a standardized criteria for product evaluation. How else can we accurately compare or measure the performance of a particular solution?

Establishing an evaluation criteria can be a difficult task even for a skilled web security professional. This fact makes it very difficult to compare WAF products offered by various different vendors. source : http://www.webappsec.org/projects/wafec/

Generally an application layer firewall is a host using various forms of proxy servers to proxy traffic instead of routing it. Source : http://en.wikipedia.org/wiki/Application_layer_firewall

I use this wiki's def. of a WAF!