Worms, Viruses And Trojans

[HeijoshinCool]

No, not about Bar Girls, sorry, try GENERAL.

I work at a school where all the software, and I do mean all, is pirated. Every computer, from the Director's to the Computer Lab, to the one in my classroom, has the op system (XP) and Kaspersky pirated, and of course, greatly outdated, software. The kids are free to download whatever they want from any website. The other staff just doesn't get it when Itried to explain. Now I just keep quiet.

All computers are networked. I am not "permitted" to disconnect the network cables.

I downloaded MS security Essentials and it catches all the Worms, Trojans and Viruses, with constant alerts and so slowing down the computer. As quickly as I delete them, they return. There are always keyboard trackers,Spammer/Tedroo, Worm/Dorkbot and something called Trojan/Lethic that supposedly accepts outside commands, etc.

It is the only place in this tiny berg where there is internet. I can use my computer on the school's Wi-Fi. Will any of these programs still be able to track my keyboard activities? Learn my email passwords/send emails with my account? Or does using a wireless connection afford a degree of security?

If not, and I sign in someplace in the city, and check "keep me signed in," will that protect me at the school if I don't enter my email address and password?

[aarn]

Mmmm, big problem here. Have you thought about getting a dongle/aircard? Cost ~ 1000B with SIM, then you can pay per time, or download amount, on the www.

Last year I was in Uttaradit province for about 2 months, 28 km from the capital, aircard was very good.

Obviously unwise to use the facility at work, and who can be sure of their privacy using signal from wifi cafe. Cheers, AA

[worgeordie]

I thought Microsoft Security Essentials would not work with pirated copy of Windows?

Try Zemana anti logger FREE, prevents keyboard loggers, or SpyShelter prevents

a lot more, google them or download from Snapfiles or Softpedia, where you can

also read revues ,PS SpyShelter also has FREE version.

regards Worgeordie

[Swiss1960]

Once you get your own computer free of all the stuff that's currently on it, load a decent anti-virus product on it, BUT forget about MS Essentials... they have pretty bad reviews lately about catching malware... free AVG is still much better.

After that, you can connect to your school wifi and should be fine working. However, don't forget that all the programs you use that are located on your school's server might be tampered and deliver your personal data to people you don't want to see, i.e. if you need to connect to the Internet throught a school proxy or if you use school booking systems which are not located on your computer and have to type in your credit cards... then you can assume they are gone for bad...

[Dork]

As long as your own computer is reasonably protected such as running Win7 or later and MSE there is no way your keyboard activity can be logged from somewhere else on the LAN.

However if you really want to feel safe (e.g. using internet banking), use a VPN service.

[HeijoshinCool]

Mmmm, big problem here. Have you thought about getting a dongle/aircard? Cost ~ 1000B with SIM, then you can pay per time, or download amount, on the www.

Last year I was in Uttaradit province for about 2 months, 28 km from the capital, aircard was very good.

Obviously unwise to use the facility at work, and who can be sure of their privacy using signal from wifi cafe. Cheers, AA

Like to, but my computer will not accept an aircard.

[HeijoshinCool]

I thought Microsoft Security Essentials would not work with pirated copy of Windows?

Try Zemana anti logger FREE, prevents keyboard loggers, or SpyShelter prevents

a lot more, google them or download from Snapfiles or Softpedia, where you can

also read revues ,PS SpyShelter also has FREE version.

regards Worgeordie

Thanks, I'll investigate.

[HeijoshinCool]

What if I use an Apple Air? Can keyboard loggers, etc., access?

[bangkockney]

As long as your own computer is reasonably protected such as running Win7 or later and MSE there is no way your keyboard activity can be logged from somewhere else on the LAN.

However if you really want to feel safe (e.g. using internet banking), use a VPN service.

Not strictly true.

Keyboard input can't be captured directly, but with a network so compromised and no apparent sys admin, the chances of a man in the middle attack are relatively high.

I wouldn't transmit anything personal over that network.

[HeijoshinCool]

As long as your own computer is reasonably protected such as running Win7 or later and MSE there is no way your keyboard activity can be logged from somewhere else on the LAN.

However if you really want to feel safe (e.g. using internet banking), use a VPN service.

Not strictly true.

Keyboard input can't be captured directly, but with a network so compromised and no apparent sys admin, the chances of a man in the middle attack are relatively high.

I wouldn't transmit anything personal over that network.

Okay, thanks. But what about if I sign in somewhere else that's secure, then "stay signed in?" When I get back to the school, does my computer STILL send the email address and password over the system, just without my physically entering it?

[Dork]

As long as your own computer is reasonably protected such as running Win7 or later and MSE there is no way your keyboard activity can be logged from somewhere else on the LAN.

However if you really want to feel safe (e.g. using internet banking), use a VPN service.

Not strictly true.

Keyboard input can't be captured directly, but with a network so compromised and no apparent sys admin, the chances of a man in the middle attack are relatively high.

I wouldn't transmit anything personal over that network.

Okay, thanks. But what about if I sign in somewhere else that's secure, then "stay signed in?" When I get back to the school, does my computer STILL send the email address and password over the system, just without my physically entering it?

Yes it does but in encrypted form over https (http://en.wikipedia.org/wiki/HTTP_Secure) so you have nothing to worry about.

[bangkockney]

As long as your own computer is reasonably protected such as running Win7 or later and MSE there is no way your keyboard activity can be logged from somewhere else on the LAN.

However if you really want to feel safe (e.g. using internet banking), use a VPN service.

Not strictly true.

Keyboard input can't be captured directly, but with a network so compromised and no apparent sys admin, the chances of a man in the middle attack are relatively high.

I wouldn't transmit anything personal over that network.

Okay, thanks. But what about if I sign in somewhere else that's secure, then "stay signed in?" When I get back to the school, does my computer STILL send the email address and password over the system, just without my physically entering it?

Unfortunately you can still be subject to session hijacking even when using an HTTPS connection.

Further, in your example, when browsing to http://mail.google.com/mail/ your browser actually sends your email address in cleartext for everyone to see before you get redirected to HTTPS.

A dongle is a good suggestion or even a tethered iPhone.

SSH won't be an option here as you don't have access to the router and/or firewall.

A VPN is another potential option but is not infallible.

You said before you didn't think your machine would accept a dongle - why?

You could potentially assess whether a MITM is happening yourself. At the very least browse to https://google.com and check that you are not being redirected to http.

Also don't forget sites like TV transmit your user and pass in plaintext.

The obvious disclaimer applies: I wouldn't use the network even if the above check passed, but it's your data.

Would like to help you get secured as networks like you've described bloody annoy me.

[bangkockney]

As long as your own computer is reasonably protected such as running Win7 or later and MSE there is no way your keyboard activity can be logged from somewhere else on the LAN.

However if you really want to feel safe (e.g. using internet banking), use a VPN service.

Not strictly true.

Keyboard input can't be captured directly, but with a network so compromised and no apparent sys admin, the chances of a man in the middle attack are relatively high.

I wouldn't transmit anything personal over that network.

Okay, thanks. But what about if I sign in somewhere else that's secure, then "stay signed in?" When I get back to the school, does my computer STILL send the email address and password over the system, just without my physically entering it?

Yes it does but in encrypted form over https (http://en.wikipedia.org/wiki/HTTP_Secure) so you have nothing to worry about.

An adversary able to position themselves in between you and a website is able to inject arbitrary http-based content elements for domains that do not set the 'Encrypted Sessions Only' property of their cookies, and thus cause your client to transmit these cookies via clear text, intercept them, and impersonate you. The important thing to note is that they can do this when you visit ANY website. You do not ever have to leave SSL for the vulnerable site.

That said, I think GM forces https as default now, for the ENTIRE session, not just login (unlike many other sites).

But, HTTPS session highjacking has been demonstrated this year - a tool called CRIME.

Edited December 4, 2012 by bangkockney

[Dork]

As long as your own computer is reasonably protected such as running Win7 or later and MSE there is no way your keyboard activity can be logged from somewhere else on the LAN.

However if you really want to feel safe (e.g. using internet banking), use a VPN service.

Not strictly true.

Keyboard input can't be captured directly, but with a network so compromised and no apparent sys admin, the chances of a man in the middle attack are relatively high.

I wouldn't transmit anything personal over that network.

Okay, thanks. But what about if I sign in somewhere else that's secure, then "stay signed in?" When I get back to the school, does my computer STILL send the email address and password over the system, just without my physically entering it?

Unfortunately you can still be subject to session hijacking even when using an HTTPS connection.

Further, in your example, when browsing to http://mail.google.com/mail/ your browser actually sends your email address in cleartext for everyone to see before you get redirected to HTTPS.

A dongle is a good suggestion or even a tethered iPhone.

SSH won't be an option here as you don't have access to the router and/or firewall.

A VPN is another potential option but is not infallible.

You said before you didn't think your machine would accept a dongle - why?

You could potentially assess whether a MITM is happening yourself. At the very least browse to https://google.com and check that you are not being redirected to http.

Also don't forget sites like TV transmit your user and pass in plaintext.

The obvious disclaimer applies: I wouldn't use the network even if the above check passed, but it's your data.

Would like to help you get secured as networks like you've described bloody annoy me.

To me this is verging on paranoia. In the op's case, he happens to know that some PC's on his local network are unprotected or infected with malware. But what about every hotel, airport or other wifi connection where you have no idea what else is connected on that LAN? The internet by it's very nature means that once a packet has left your device, you have no control over how it is routed unless you use a tunnel like VPN. But you say that even this is not infallible.

It's like building 5 rings of barbed wire fence around your house, with alarms and rottweilers and then saying it's still possible to break in.

In that case, yes it is possible and the internet is too dangerous for normal people to use.

Edited December 4, 2012 by Dork

[bangkockney]

I think prudent would be a more accurate term.

If you're happy transferring personal data over a network you know to be breached and not monitored by a sys admin, more fool you.

If you're happy transferring personal data over an unknown network, more fool you.

The point being, hotel and airport network security is one of the most overlooked risks.

Better secure than sorry.

[tfc]

What if I use an Apple Air? Can keyboard loggers, etc., access?

It can be done.

[BlackPuddingBertha]

Keyboard input can't be captured directly, but with a network so compromised and no apparent sys admin, the chances of a man in the middle attack are relatively high.

I wouldn't transmit anything personal over that network.

Indeed. I wouldn't do any more than read the newspaper online over such a network.

[RandomSand]

To be on the safe side; turn off all LAN networking such as homegroup & file printer sharing to avoid getting worms from the local computers. Make sure you use an anti-malware application too and think about anti-rootkit.

[ITGabs]

Still in that situations. you can use this method, like hack the hacker

bascicly is a combination of keyboard, the visual keyboard and copy and paste chars of the password from text sources.

the key loggers are only that, get name of the windows program and sometimes the webpage name and all the keystrokes.

another level it's monitoring the copy paste behavior

pro level is take screenshots wherever you do a click

the pc of mi gf was infected and I saw a keylogger, so in one minute searching the latest files i found the file with all the passwords xD, I did some test and only get keystrokes no copy and paste or screenshots.

usually the keyloggers are VB6 is quite easy to made one, but not so easy to hide.

[HeijoshinCool]

Thanks for all the replies, though I didn't realize so many members spoke Greek.

I'm not paranoid, but if you could see the constant flow of "red flags," you might be. This system has more viruses than a ... well, you know.

Anyway, I learned a lot, but am not sure which is best, or how to apply it. I will use the desktop computer at school only for news and Thai Visa (therefore, if you see any posts or topics by Heijoshincool that are anything but entertaining, edifying and/or enlightening, know that my account has been hacked ).

Having said that, I will use the Apple Air for my email, and just hope that no one kidnaps my 15 year old account. I don't see, or at least understand, anything above that I could use on the Apple to prevent it.

[HeijoshinCool]

As long as your own computer is reasonably protected such as running Win7 or later and MSE there is no way your keyboard activity can be logged from somewhere else on the LAN.

However if you really want to feel safe (e.g. using internet banking), use a VPN service.

Not strictly true.

Keyboard input can't be captured directly, but with a network so compromised and no apparent sys admin, the chances of a man in the middle attack are relatively high.

I wouldn't transmit anything personal over that network.

Okay, thanks. But what about if I sign in somewhere else that's secure, then "stay signed in?" When I get back to the school, does my computer STILL send the email address and password over the system, just without my physically entering it?

Unfortunately you can still be subject to session hijacking even when using an HTTPS connection.

Further, in your example, when browsing to http://mail.google.com/mail/ your browser actually sends your email address in cleartext for everyone to see before you get redirected to HTTPS.

A dongle is a good suggestion or even a tethered iPhone.

SSH won't be an option here as you don't have access to the router and/or firewall.

A VPN is another potential option but is not infallible.

You said before you didn't think your machine would accept a dongle - why?

You could potentially assess whether a MITM is happening yourself. At the very least browse to https://google.com and check that you are not being redirected to http.

Also don't forget sites like TV transmit your user and pass in plaintext.

The obvious disclaimer applies: I wouldn't use the network even if the above check passed, but it's your data.

Would like to help you get secured as networks like you've described bloody annoy me.

Yea, makes me crazy. Mostly because I explained, in my limited capacity, that everything they enter has the potential to be hacked. That I have a number of emails in my box every week from a few old friends who got hacked. Either for Viagra, or some marketing scheme. Mai pen rai.

If I understand a "dongle" it's what I used to have to plug into the USB when I wanted to run a bit of software for my CNC router. Wouldn't open the drawing software without the dongle in the office computer, first, then the computer in the shop for machining. But how does that apply to accessing email?