Date
1 - 12 of 12
Another malware question
|
Gene
I may be moving to an apartment building where all the tenants share a network. If my computer connection is set to public, will that keep malware from other machines from spreading or trying to spread to my computer?
My connection is currently set to public. Also, I connected a computer to my network a day or two ago that may have malware. Again, does the public setting protect my malware free computer from being attacked? Gene |
|
|
|
Set your connection to private if on a private network.
toggle quoted message
Show quoted text
The most important thing is to make sure your file and folder sharing is off. Also if you are that concerned turn off your network discovery of course you may need that on for various things. Its likely that the complex will have secured servers and the like anyway. At any rate nothing should stop you getting your own network going. On 21/11/2022 8:35 pm, Gene wrote:
I may be moving to an apartment building where all the tenants share a network. If my computer connection is set to public, will that keep malware from other machines from spreading or trying to spread to my computer? |
|
|
|
Anyway I have friends living in retirement villages.
toggle quoted message
Show quoted text
While the fibre signal is previded for nothing, you are still suppoed to pay for your previder and a connection. On 21/11/2022 8:35 pm, Gene wrote:
I may be moving to an apartment building where all the tenants share a network. If my computer connection is set to public, will that keep malware from other machines from spreading or trying to spread to my computer? |
|
|
|
Gene
I've been doing some reading on security in public networks and it appears my question leaves out a lot of potential threats. I don't know how I would connect to the network in the building, its a family owned building with a few apartments. What do I need to ask? Should I use a VPN in the building or does it depend on the way I connect to the one network used by the building?
toggle quoted message
Show quoted text
Thanks in advance for answers and discussion. Gene On 11/21/2022 1:35 AM, Gene wrote:
I may be moving to an apartment building where all the tenants share a network. If my computer connection is set to public, will that keep malware from other machines from spreading or trying to spread to my computer? |
|
|
|
Brian's Mail list account
Yes a very sobering event took place a couple of years back where a local authority put in public hot spots, and somebody somehow managed to harvest loads of data that went through it from outside. I was not party to how this was done, but I myself would not now use places offering wifi, since its obviously not secure.
toggle quoted message
Show quoted text
Brian -- bglists@... Sent via blueyonder.(Virgin media) Please address personal E-mail to:- briang1@..., putting 'Brian Gaff' in the display name field. ----- Original Message -----
From: "Shaun Everiss" <sm.everiss@...> To: <chat@nvda.groups.io> Sent: Monday, November 21, 2022 7:55 AM Subject: Re: [chat] Another malware question Set your connection to private if on a private network. |
|
|
|
Gene
Those who know more technically may want to comment on what I'm
discussing.
toggle quoted message
Show quoted text
I'm not sure how it is done, but I've read about how people can have connections that seem like the public connection you want to use but aren't, so they see all the information you use because you are connecting to the criminals instead of the real thing. I think someone has a computer in the area that offers a network connection that is similar in name to the real one. I'm not sure what happened in the case you are speaking about but my understanding is that using a virtual private network completely protects your communication even if you are working with such a counterfeit network because all the communication is encrypted. It appears to me that using a VPN for public networks would make you safe but if I'm wrong, I'd like to know. Gene On 11/21/2022 3:45 AM, Brian's Mail
list account via groups.io wrote:
Yes a very sobering event took place a couple of years back where a local authority put in public hot spots, and somebody somehow managed to harvest loads of data that went through it from outside. I was not party to how this was done, but I myself would not now use places offering wifi, since its obviously not secure. |
|
|
|
Luke Davis
Gene wrote:
I may be moving to an apartment building where all the tenants share a network.Wired, where you plug in your own ethernet cable? If so, buy a router, plug it in, and hang all your compute hardware, your WIFI network, etc., off the private side of the router. Then at least you're running your own network, and you would treat the house network just like it was a cable company or similar other untrusted gateway network that you wouldn't plug your computer directly into. If it's WIFI that their providing, and they won't let you install your own service from a third party (check into T-Mobile's wireless internet service in your area; I believe that's low impact), I still suggest the router/firewall solution, but you'll have to jump through extra hoops to make it deal with their WIFI as the egress point. I never trust any edge network that I'm connected to that I don't completely control; their all hostile as far as I'm concerned. Firewalls at a minimum. Web traffic is generally encrypted anyway (though not always), as is email if properly configured, and most other standard services. Their network will be able to record what sights you visit, and who your email and other providers are, but probably not the content. Still, that's enough for someone to develop a profile on you, and use it to arrange a more directed spoofing technique to divert you into one of those fake networks you were talking about. And since your DNS traffic is exposed and usually not encrypted, anyone on that network will know exactly what domains you visit, send mail to, or otherwise interact with. Use a VPN if you want to prevent such things. For guarding against worms and such from other users of the network, take the same precautions you would on any other network--a good hardware firewall, a good software firewall on the computers themselves, and don't have any open services that you don't need setup in a way that allows them to be touched by the outside network. But all the network separation in the world doesn't matter, if you're going to bring infected machines in and let them connect directly to your home network, as you seem to indicate that you did. Setup a separate guest network if you're potentially doing that sort of thing. Possibly not just a guest WIFI network on your router, but a DMZ using a different router, for your insecure/pre-hacked associates. Luke |
|
|
|
I will say this as simply as I can: Your best predictor of future infection is your history of past infection.
If you've been using a decent security suite for years, and you can't remember the last time it detected anything at all, or where it wasn't a false positive, you could (in theory, God forbid you'd do it in practice) run without anything at all. The fact of the matter is that very, very, very few infections sneak on to systems via programmatic means. Almost all infections come from social engineering where the end user gets convinced to click on something, agree to something, etc., that they should not. Your best defense is a good offense by the person sitting behind the keyboard. I've posted the following before, but it absolutely applies here. Quietman7, a security expert who is an active contributor on Bleeping Computer, has written extensively on what you (any you) need to do to develop safe interaction habits with cyberspace. The following four are, in my opinion, must-reads: · Users Themselves Are The Most Substantial Weakness In The Security Chain (just that single message) · What you must understand regarding computer security (also just this single message) · Best Practices for Safe Computing · Reflections on Antivirus/Antimalware Testing & Comparisons Brian - Windows 10, 64-Bit, Version 22H2, Build 19045 Puritanism: The haunting fear that someone, somewhere, may be happy. ~ H.L. Mencken, AKA The Sage of Baltimore |
|
|
|
On Mon, Nov 21, 2022 at 04:45 AM, Brian's Mail list account wrote:
put in public hot spots,- If they're unsecured/open (that is, you don't need a password to join the network) then they are "open season." I don't know of too many places that offer unsecured public access anymore. They may offer WiFi to the public, but with a password that needs to be entered to join. If you are at a coffee shop and need a password to use their WiFi, there's no huge security risk involved, as the traffic is encrypted when this is the case. Use of any open network requires caution. I still use them, e.g., Walmart WiFi, McDonalds, etc., when I need to but only briefly and never for doing anything like online banking. I also don't log in to anything when on public WiFi on an open network. If the computer has been asleep and I'm already logged in, though, I don't hesitate to look at my email and similar. -- Brian - Windows 10, 64-Bit, Version 22H2, Build 19045 Puritanism: The haunting fear that someone, somewhere, may be happy. ~ H.L. Mencken, AKA The Sage of Baltimore |
|
|
|
On Mon, Nov 21, 2022 at 02:35 AM, Gene wrote:
My connection is currently set to public.- If I were using a shared network, even in an apartment building that supplies one, I would leave the WiFi Network Profile setting as Public. This automatically keeps printer and file sharing off when connected to that network among other things. You really don't want other computers using that network to be able to see yours nor to share any files/printers. Unless I am connected to a network under my own control, or the control of someone I trust, I keep the WiFi Network Profile as Public. On my own home network, it's set to private because I want to be able to file share and printer share. -- Brian - Windows 10, 64-Bit, Version 22H2, Build 19045 Puritanism: The haunting fear that someone, somewhere, may be happy. ~ H.L. Mencken, AKA The Sage of Baltimore |
|
|
|
On Mon, Nov 21, 2022 at 02:35 AM, Gene wrote:
Also, I connected a computer to my network a day or two ago that may have malware. Again, does the public setting protect my malware free computer from being attacked?- Again, the vast majority of infections do NOT just "jump on" to a computer because another infected computer is on a network. There are a few select types (e.g., worms) that do, but most do not. If you are running a decent security suite, and Windows Security is a very, very good one, on your machine it's pretty well armored whether another infected computer is somewhere on the network you're using or not. Most malware (of any type) only lands on a computer through end users doing something to invite it in. And that even includes most ransomware, which gets there from fake tech support schemes where remote control is given to the outside source who then installs the ransomware. There is some ransomware that is more "worm-like" but it's a very small minority. -- Brian - Windows 10, 64-Bit, Version 22H2, Build 19045 Puritanism: The haunting fear that someone, somewhere, may be happy. ~ H.L. Mencken, AKA The Sage of Baltimore |
|
|
|
Gene
Thank you and others who have discussed the question. I had read
things in looking into the question I wasn't sure I fully
understood. What you are saying goes along with my understanding of
what I read that I did understand.
toggle quoted message
Show quoted text
Gene On 11/22/2022 10:36 AM, Brian Vogel
wrote:
On Mon, Nov 21, 2022 at 02:35 AM, Gene wrote: |
|
|