Sleeper virus/adware

Discussion in 'Mac OS X 10.3 (Panther) Discussion' started by Albone, Apr 13, 2004.

  1. Albone macrumors regular

    Joined:
    Jul 22, 2003
    #1
    I was talking with a PC using buddy of mine and he was saying how he has Zone Alarm and AV Guard on his computer. Necessary, he says because he finds DLL files on his computer trying to connect to the internet without his knowledge.

    I naively said that with my eMac running Panther 10.3, I have no worries, but do I? Should I/Do I need to get something to search my computer for these files that want to send data out and delete them? Should I get a mac version of Zone Alarm to let me know of any covert sendings?

    Is something like BrickHouse 1.1b6 the way to go?
     
  2. wrldwzrd89 macrumors G5

    wrldwzrd89

    Joined:
    Jun 6, 2003
    Location:
    Solon, OH
    #2
    I tried BrickHouse 1.1b6 but couldn't get it to work the way I wanted it to work. For the most part, you don't need to worry that much (unlike Windows XP, Mac OS X has no "phone-home" spyware built into it). I don't know that much about configuring Mac OS X's built-in firewall, but if you do want to configure it to warn you of such things, I'd use a GUI frontend (like BrickHouse, although I had trouble using it) of some sort to do so.
     
  3. 7on macrumors 601

    7on

    Joined:
    Nov 9, 2003
    Location:
    Dress Rosa
    #3
    I think the builtin Firewall is pretty good, though it only protects from incoming connections and not outgoing.
     
  4. wrldwzrd89 macrumors G5

    wrldwzrd89

    Joined:
    Jun 6, 2003
    Location:
    Solon, OH
    #4
    Well, it doesn't unless a third-party program like BrickHouse is used to configure it, at least as far as I know. After all, IPFW is supposedly a commercial-grade firewall, so I would think IPFW is capable of monitoring outgoing traffic as well as incoming traffic. Sure, it doesn't monitor outgoing traffic at all with the Mac OS X supplied configuration - that doesn't mean it lacks that ability!
     
  5. Albone thread starter macrumors regular

    Joined:
    Jul 22, 2003
    #5
    So, you're saying, if its not broke, don't fix it? Don't worry about using anything like Brickhouse and stick with the IPFW?
     
  6. wrldwzrd89 macrumors G5

    wrldwzrd89

    Joined:
    Jun 6, 2003
    Location:
    Solon, OH
    #6
    If you really are concerned, why don't you set up BrickHouse or some other GUI configuration utility for IPFW and analyze the logs it generates? Doing that will either make you feel like the effort was worthwhile or confirm my suspicions that nothing is sending data over the internet without your knowledge (spyware is practically non-existent on the Mac, which is usually the cause of mysterious outbound internet traffic).
     
  7. Albone thread starter macrumors regular

    Joined:
    Jul 22, 2003
    #7
    I think I might try Brickhouse, its just that I hope I don't screw nothing up.

    I may be paranoid, but it comes from this article:
    Microsoft spying on OSX

    Granted its a bit old, but I hate the idea of anything being sent out from my machine without my consent.
     
  8. wrldwzrd89 macrumors G5

    wrldwzrd89

    Joined:
    Jun 6, 2003
    Location:
    Solon, OH
    #8
    That's why I don't use MS Office - Microsoft has a bad habit of putting these kinds of things into all their programs, but their poor design causes security holes.
     
  9. PickledSquirrel macrumors regular

    PickledSquirrel

    Joined:
    Dec 10, 2003
    Location:
    Aarhus, DK
    #9
    If you want to keep track of which apps that "phone home" then you might want to try running Little Snitch. It'll simply notify you everytime something is wanting to connect to the outside world.
    Trial-version is free:D
     

Share This Page