03-16-2004, 02:29 AM
Originally Posted by witeshark
I really don't know more then the other posts. But turn on your firewall, that should help in the future I would think. SYS preferences > security. Hope I helped!
Thanks, both of you for good advice. Let me comment on witeshark's post first, in saying that my firewall is always active and I keep up with packets inbound and outbound.
How do I accomplish this, you may ask? Simple. Apple wants us all to use only the firewall that comes with OS-X. Although I truly believe it's a good one... I prefer an aftermarket firewall made by the same people, Intego.
It's the NetBarrier X-3. With it I'm able to monitor packets in and out and know who's attacking me and when. I'm also able to set permissions preferences for all applications, and establish filter rules to handle TCP packets inbound if I choose.
So it's not a question of having and using a good firewall, witeshark. Besides, I happen to know from experience that although firewalls protect the user from hackers gaining unauthorized port access and block bad packets through stateful inspection, they can't block the downloading of spyware components in web site drive-bys unless those CLSIDs/MD-5's are entered in as block-rules.
Another point I feel compelled in making to rman regarding spyware and its detection is... that unless you have access to a detection program, how do you know for sure your MAC's clean? I'm thinking... OF COURSE you've never seen or heard of spyware in MAC. How could you, without something to tell you it's there? N'est pas?
In the past MACScan was available for OS-9 and Jaguar but now seems defunct. That leaves only the Aladdin Systems InternetCleanup with its weak and ineffective spyware scanner, Spy Alert. I don't mean to be a shrew about this, witeshark and rman... but really- how DO you know for sure your MAC's clean? I guarantee that Finder can be impugned so easily by some of the more recent Trojans that for all practical purposes (for all practical porpoises, said the whale) it's useless. What does that leave us to search with?
Spyware didn't get the name because it raises a 100' neon sign saying "look here." You'll never even know you have a Trojan unless you've got the means to run a competently enabled check. It seems inimical to our security situation that globally... GLOBALLY!! ... there is only one spyware scanner/remover to fall back on, as listed above... and it doesn't work!