conversley, i prefer to run the programmes that stop the infection & mean you do not have to 'flatten' your system & restore from backup from your, or any one elses system.
Prevention is better than cure. customers may like it better that they do not have down time whilst the system is recovered :) Regards, Phill. On 11 July 2012 22:17, Phill Whiteside <phi...@vpolink.com> wrote: > conversley, i prefer to run the programmes that stop the infection & mean > you do not have to 'flatten' your system & restore from backup from your, > or any one elses system. > > Prevention is better than cure. customers may like it better that they do > not have down time whilst the system is recovered :) > > Regards, > > Phill. > > On 11 July 2012 22:04, Ivan Wright <quid...@gmail.com> wrote: > >> Blackhole exploit has been doing the rounds long enough, and my Ubuntu >> system got infected last November back when Adobe Flash was vulnerable. >> I found with Wireshark that my computer was beaconing out to a Polish IP >> address, fortunately I had a full disk backup from a few days before so I >> just flattened my system and restored the backup. >> >> The majority of these Java exploits cause massive resource usage on the >> browser and cause it to damn near crash. So they put a simple message on >> the screen like "Please wait while page loads" >> After its done exploiting your system they dump you back on Google, so >> you think nothing is wrong and carry on as normal. >> If you've ever seen that your computer may have been infected. >> >> My job is a Network Security Analyst and I monitor a very large network. >> This year I've seen Blackhole migrate from Adult sites to pretty much >> run-of-the-mill sites such as: Holiday, Car, Shopping, Wordpress, and >> Family history websites. >> Its no surprise these malware/viruses would progress further as exploit >> paths get patched. >> >> I don't like running NoScript as it turns your faithful Linux system into >> an annoying little brat like Windows - always asking you questions instead >> of just getting on with the job. >> >> My preference is to use OpenDNS and do Top Level Domain (TLD) blocking. >> I've set mine to block: >> .info - Information >> .cc – Cocos Islands >> .cn - China >> .vn - Vietnam >> .cm - Cameroon >> .in - India >> .ru - Russia >> .am - Armenia >> .tk – Tokelau >> .pl - Poland >> .co.be – .co sub-domain in Belgium >> .co.tv - .co sub-domain in Tuvalu >> That small list ends up blocking the vast majority of malicious websites. >> >> Heres a video I did showing how to setup OpenDNS in Ubuntu: >> http://www.youtube.com/watch?v=h2Qa1xqO2v4 >> >> Regards, >> Ivan >> >> >> >> -- >> ubuntu-uk@lists.ubuntu.com >> https://lists.ubuntu.com/mailman/listinfo/ubuntu-uk >> https://wiki.ubuntu.com/UKTeam/ >> >> > > > -- > https://wiki.ubuntu.com/phillw > > -- > <https://wiki.ubuntu.com/phillw>https://wiki.ubuntu.com/phillw > >
-- ubuntu-uk@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-uk https://wiki.ubuntu.com/UKTeam/
