OPEN FILES ON THE NET OR SAVE IT ON HD

Discuss the many weaknesses of browser security and ways to mitigate the threat

OPEN FILES ON THE NET OR SAVE IT ON HD

Post by 88crawler88 on Tue Apr 22, 2008 4:47 pm
([msg=992]see OPEN FILES ON THE NET OR SAVE IT ON HD[/msg])

hello. Simple e maybe stupid question..if I have to open a file that could possibly be malicious, what's best thing to do , save it to HD let antivir to scan it or I can open it on net without run into problem, as well as if I had opened it by my hard disk? I ask this to avoid run into password-steel trojan and so on .
88crawler88
New User
New User
 
Posts: 15
Joined: Wed Apr 16, 2008 7:54 pm
Blog: View Blog (0)


Re: OPEN FILES ON THE NET OR SAVE IT ON HD

Post by Levels on Wed Apr 23, 2008 2:13 am
([msg=1030]see Re: OPEN FILES ON THE NET OR SAVE IT ON HD[/msg])

As far as i know when you click download then open it saves the file to your temperary internet folder first then opens it. If it has a virus the virus will infect your computer.

If you save the file to your computer and it has a virus, the virus wont infect you until the file is opened (dunno it might do) but then you can scan it.

Always scan with an anti-virus before opening if you dont trust it. Alot of anti-virus will let you scan it before you download it.

Hope i helped
Levels
New User
New User
 
Posts: 9
Joined: Mon Apr 14, 2008 4:41 am
Blog: View Blog (0)


Re: OPEN FILES ON THE NET OR SAVE IT ON HD

Post by 88crawler88 on Wed Apr 23, 2008 7:09 am
([msg=1045]see Re: OPEN FILES ON THE NET OR SAVE IT ON HD[/msg])

I was just thinkin' this , and you confirmed my idea , thanks for posting, bye 8-)
88crawler88
New User
New User
 
Posts: 15
Joined: Wed Apr 16, 2008 7:54 pm
Blog: View Blog (0)


Re: OPEN FILES ON THE NET OR SAVE IT ON HD

Post by TheMindRapist on Thu Apr 24, 2008 6:37 pm
([msg=1238]see Re: OPEN FILES ON THE NET OR SAVE IT ON HD[/msg])

Lol, trying to get free pr0n?
Image
User avatar
TheMindRapist
Contributor
Contributor
 
Posts: 585
Joined: Mon Apr 14, 2008 4:57 pm
Blog: View Blog (0)


Re: OPEN FILES ON THE NET OR SAVE IT ON HD

Post by Paddington_Bear on Fri Apr 25, 2008 11:37 am
([msg=1300]see Re: OPEN FILES ON THE NET OR SAVE IT ON HD[/msg])

I would have to say the safest thing to do would be not to mess with anything you don't trust. After that if you still have to use a a file from an untrusted source, I've heard that using a VM (virtual machine) will help minimize the risk. Never tried it myself though.
Paddington_Bear
New User
New User
 
Posts: 11
Joined: Mon Apr 21, 2008 7:11 pm
Blog: View Blog (0)


Re: OPEN FILES ON THE NET OR SAVE IT ON HD

Post by -The-Pr0xz- on Sun Apr 27, 2008 10:28 am
([msg=1509]see Re: OPEN FILES ON THE NET OR SAVE IT ON HD[/msg])

I like VirtualBox ( www.virtualbox.org )...
However if the file is a virus and messes with your virtual box your booting OS won't be touched.

VirtualBox saves all virtual drives on your harddisk so they should be easy to backup.



Hope this is helpfull in some way :)
-The-Pr0xz-
New User
New User
 
Posts: 2
Joined: Sun Apr 27, 2008 7:04 am
Blog: View Blog (0)


Re: OPEN FILES ON THE NET OR SAVE IT ON HD

Post by Aquina on Sun Jun 01, 2008 9:11 am
([msg=3879]see Re: OPEN FILES ON THE NET OR SAVE IT ON HD[/msg])

Sorry guys these are all nice explainations, but I feel like they're not absolutely correct...

Unless you're not using a proxy or other technology to effectively filter data, EVERYTHING you click on (open) from any website or whatever (including: location, protocol, datatype, etc.) is at least (if "displayed" in some way) loaded into your RAM. It's actually not even neccessary to physically store the data on any permanent media (HDD or such).

Todays malvare scanner (especially those "worm-virus-trojan-scanner" combinations you find everywhere) come with real-time and non-real-time scanning engines. No matter wether you use Windows (here the application implements the real-time scanning engine) or GNU/Linux (kernel modules are often loaded to run the real-time-engine) it's most likely detected by the real-time scanner because it NOT ONLY checks for new files created on a permanent media (again - it must not be a typical HDD) but ALSO has an (eye) on your RAM and "sees" what's going on there (traversion).

Whenever a pattern matches OR the heuristic-engine (configure THAT!) finds something you will be alerted in the way YOU configured YOUR scanner. This is the reason why even AM/AV solutions should always be configured to YOUR NEEDS! ;-)

Conclusion: 88crawler88 you should install a real-time scanner and RUN (that's the point) only files which were not classified as malicious by the scanner after loading. When files are accidentally executed the scanner (if it's a good one) will though warn you, stop the exec on a halt point and ask for instructions wether to continue or abort the execution. Try http://www.free-av.de/en/index.html it's from Germany and much better than most of these US (Norton) or Russian (Kaspersky) AV softwares. And it's FREE (like beer). ;-)

PS: "Real-time" scanner and "on-access" scanners are the same. Online scanners are something different but not important for your local system.
Aquina
New User
New User
 
Posts: 5
Joined: Fri May 30, 2008 8:41 pm
Location: Germany
Blog: View Blog (0)


Re: OPEN FILES ON THE NET OR SAVE IT ON HD

Post by 88crawler88 on Sat Jun 14, 2008 5:56 am
([msg=4783]see Re: OPEN FILES ON THE NET OR SAVE IT ON HD[/msg])

hey !! I had not seen all these replies!, thanks boys
Try http://www.free-av.de/en/index.html it's from Germany and much better than most of these US (Norton) or Russian (Kaspersky) AV softwares. And it's FREE (like beer).

Yes , i already use this one , it 's simple , clear and effective!
Lol, trying to get free pr0n?
Lol, trying to get free pr0n?

ah ah ! no boy, it only was a problem of thoerical knowledge, not for my bad vices! ah ah!

thanks to all of you! bye!
88crawler88
New User
New User
 
Posts: 15
Joined: Wed Apr 16, 2008 7:54 pm
Blog: View Blog (0)


Re: OPEN FILES ON THE NET OR SAVE IT ON HD

Post by Zarray on Sat Jun 14, 2008 11:17 am
([msg=4800]see Re: OPEN FILES ON THE NET OR SAVE IT ON HD[/msg])

maybe you can also run an p[rogram which tracks system changes at your virtual box, then you can see what it does, which reg keys it adds or if it hooks dlls,etc
Free Web host, 100gb bandwidth, 350mb space, no ads
http://www.000webhost.com/50327.html
Zarray
New User
New User
 
Posts: 4
Joined: Sat Jun 14, 2008 11:10 am
Blog: View Blog (0)


Re: OPEN FILES ON THE NET OR SAVE IT ON HD

Post by mudpuddle on Sat Jun 14, 2008 8:19 pm
([msg=4842]see Re: OPEN FILES ON THE NET OR SAVE IT ON HD[/msg])

If there is a malicious .exe file, if you download it to your HD but don't run it, you will still get infected. I suggest that if you absolutely need the file but you suspect it is malicious, and don't want to cause any harm to your PC, always try to get the contents of the file in a .zip file. That way, you can scan it with a tradition good anti virus that's free (like AVG), and be out of harms way. If that's not an option, or you can't get them in a .zip format, use VMWare or Virtual Box to run them in a virtual environment, or use Sandbox, which is in my opinion the best application trapper there is. I tried all three of them in an experiment like this, and Sandbox won hands down.

http://www.vmware.com/

http://www.virtualbox.org/

http://www.sandboxie.com/ (Read first to see how it works, then download if you like.)
mudpuddle
New User
New User
 
Posts: 13
Joined: Sat Jun 14, 2008 8:11 am
Blog: View Blog (0)


Next

Return to Web

Who is online

Users browsing this forum: No registered users and 0 guests