1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
Dismiss Notice

Welcome To SNBForums

SNBForums is a community for anyone who wants to learn about or discuss the latest in wireless routers, network storage and the ins and outs of building and maintaining a small network.

If you'd like to post a question, simply register and have at it!

While you're at it, please check out SmallNetBuilder for product reviews and our famous Router Charts, Ranker and plenty more!

Website driveby attacks on routers are alive and well. Here’s what to do

Discussion in 'General Network Security' started by microchip, Jul 12, 2019 at 2:50 AM.

  1. microchip

    microchip Very Senior Member

    Joined:
    Sep 19, 2014
    Messages:
    533
    Location:
    Belgium
    L&LD likes this.
  2. RMerlin

    RMerlin Super Moderator

    Joined:
    Apr 14, 2012
    Messages:
    30,608
    Location:
    Canada
    This raises a point that some people don't seem to understand. You occasionally run into these guys who say: "I don't run any antivirus software, I am simply cautious, and I've never had any virus". Well, when legitimate websites are infected, how can you be "cautious" and avoid being infected? Just visiting that website can trigger the infection.

    Having some level of security software in place should be mandatory for anyone going on the Internet with a computer these days. Fortunately, Windows 10 does come with a built-in antivirus now, which is adequate for at least basic protection. If some misguided souls are disabling it because "I don't need them, they just slow me down", then they need to read more on these malwware attacks that distribute themselves through legitimate websites.

    There was also that wave a few years ago. Trend Micro had a security flaw in some of their security products that could be exploited. So you had these people who said: "See, an antivirus ONLY makes me more vulnerable to viruses, so I'm not gonna use one". Kinda like saying because a flu shot CAN give you a slight headache or leave you tried for a day or two, you shouldn't get one.
     
    Moogle Stiltzkin, Paliv and royarcher like this.
  3. thiggins

    thiggins Mr. Easy Staff Member

    Joined:
    May 18, 2008
    Messages:
    13,841
    I've had Avast save my butt a few times from website drive-by download exploit attempts. 1000% agree with your point.
     
    royarcher likes this.
  4. royarcher

    royarcher Senior Member

    Joined:
    Apr 25, 2019
    Messages:
    205
    Location:
    Melbourne Australia
    Does the trend micro security along with the windows ten generic one suffice or do you recommend getting something else like avast or Norton?
     
  5. RMerlin

    RMerlin Super Moderator

    Joined:
    Apr 14, 2012
    Messages:
    30,608
    Location:
    Canada
    I would avoid Norton/Symantec products,especially their home product. They are very poorly designed, inserting themselves into a bunch of private APIs at the risk of causing stability issues (this is driving Microsoft engineers crazy BTW). I used them on and off over the years, but as my system kept getting randomly corrupted (requiring me to recover from a disk image two or three times over the span of just a few weeks), I ditched them for good while troubleshooting the issue and switched to Eset products. System corruption issues stopped happening right away.

    There is also a class action suit against Symantec lately here in Quebec BTW...

    I recommend running a security suite on your computers and not only rely on router-based solutions, as it cannot protect you against threats coming through HTTPS connections or browser vulnerabilities. The Windows 10 solution is decent, but personally I recommend going with something backed by a company with an actual background in security research. I doubt Microsoft's security labs are on par with those from security specialists like Eset, Trend Micro or Bitdefender.
     
    Paliv and royarcher like this.
  6. royarcher

    royarcher Senior Member

    Joined:
    Apr 25, 2019
    Messages:
    205
    Location:
    Melbourne Australia
    Ok thanks your not the first to warn me about Norton but it is the first time for the issues mentioned.Others have simply said that they are not as good as they are cracked up to be
     
  7. RMerlin

    RMerlin Super Moderator

    Joined:
    Apr 14, 2012
    Messages:
    30,608
    Location:
    Canada
    They have a fairly good detection rate, thanks in part to a solid cloud-based service It's just their software that is trying to insert itself everywhere throughout the system, often in places it has zero reason to be, all so their marketing department can add a few more bullet points to their marketing material.
     
  8. royarcher

    royarcher Senior Member

    Joined:
    Apr 25, 2019
    Messages:
    205
    Location:
    Melbourne Australia
    Got you thanks
     
  9. Natey2

    Natey2 Occasional Visitor

    Joined:
    Jun 27, 2018
    Messages:
    22
    If you'd really like to compare AV engines, virustotal.com runs a suspect file you submit through 56 AV engines, and tells you the detection rate, false positives, etc

    FYI.

    Sent using Tapatalk
     
  10. Natey2

    Natey2 Occasional Visitor

    Joined:
    Jun 27, 2018
    Messages:
    22
    The Corporate versions of AV software do not yield processor/disk resources, and adversely affect other running apps. The Home versions are not as aggressive; if they were, end-users would bash them on internet forums for degrading their systems.
    Corporate end-users just put up with that.

    Sent using Tapatalk
     
  11. RMerlin

    RMerlin Super Moderator

    Joined:
    Apr 14, 2012
    Messages:
    30,608
    Location:
    Canada
    One nice thing about Eset is they use the exact same software and engine on home and business products. The only difference is they update the home product about once a year, while the business products stays on an older code base, to which they only backport fixes and minor enhancements.

    You can actually use the same licence with either versions.
     
  12. Paliv

    Paliv Regular Contributor

    Joined:
    Apr 27, 2018
    Messages:
    82
    The problem with using VirusTotal for that kind of comparison is that it doesn’t test all the modules of an AV, such as web filtering or behavior blocking. It’s a good way to see how good their signature detection is, though.
     
  13. Natey2

    Natey2 Occasional Visitor

    Joined:
    Jun 27, 2018
    Messages:
    22
    McAfee has caused performance issues:
    e.g. Corporate IT schedules scan on Sunday. Laptop users who leave their laptop off on the weekends get burdened with a CPU and Disk intensive scanning process on Monday morning when they turn on the laptop that can go on for hours: it maxes all 8 virtual cores on a Core i7, so if you have a Monday morning meeting/presentation to do with your laptop, your corporate laptop will be very slow, laptop fan will be noisy/revving at high RPM, VOiP will be affected, etc. The process will not yield until it is done.

    My ISP gives away McAfee (home) free with their internet service.

    The home version of Symantec/Norton will yield/defer if it knows a user is using the PC. It even pops up a dialog telling you it is yielding/postponing the process it was running when you touch the keyboard or mouse. They also have historical CPU usage charts to show what percentage of resources they used over time.

    Sent using Tapatalk
     
  14. Natey2

    Natey2 Occasional Visitor

    Joined:
    Jun 27, 2018
    Messages:
    22
    L&LD likes this.