Behind a well-configured WatchGuard firewall, those pages are no threat. The
fake page comes up (or at least parts of it), but no executable files (DLL,
EXE, SYS, etc) can reach the computer, so they end up being just a scary
For clients without a WatchGuard in place, I have seen them get by AV
software. One day it will get by Norton/Symantec, another day it gets by
WFBS, yet another day, it gets by a different vendor. Completely innocent
searches can get one into trouble. My wife searched Google for "tuxedo
cheesecake recipe" and got one of those pages. She stopped and told me, then
I had my way with it through the WatchGuard, and it stopped everything that
tried to get through it.
I have my WG set very tight, only trusting Microsoft, Trend Micro, and a
couple others for access to executables. For others that are blocked but
needed, I have a temporary-use bypass username and password that allows the
download, but AV scans it as it comes in. For a user to get infected, they'd
have to ignore the screaming red warnings in my custom deny message from the
WG that the file might be infected, they'd have to know the bypass username
and password, the download would have to get by the WG's AV scan (using
AVG), and get by the different vendor's AV on the desktop. In my testing,
that is nearly impossible (never failed yet!). I test with an unpatched Win
2000 VPC with no antivirus, and with an unprotected XP VPC.
Gregg's pet peeves:
First of all, what does a peeve look like, and why would anyone want one as
Peeve #1: Apostrophes: when in doubt, leave them out! You will be correct
more often than not.
Its = Belonging to it. For example, "Look at the sky. Its color is blue."
It's = It is. For example, "It's hot today."
It's = It has. For example, "It's been nice talking to you."
Its' = completely incorrect usage. Stop it!
Peeve #2: Your vs. You're
"Your" means belonging to you, as in, "It's your truck."
"You're" means "You are." Example, you're probably about ready to throttle
me for this peeve!
"Richard K" <rkokoski@newsgroup> wrote in message
> Has anyone noticed a major uptick in viruses affecting XP Pro clients on
> SBS2003 networks over the past few months? I'm talking the "you have been
> infected with a virus and we are going to scan... click here to purchase
> our product" type of viruses. I have been using MalwareBytes to clean
> them but even MB is missing a few unless the database is REALLY up to
> I have given a lot more latitude to clients in letting them have local
> admin priv. and I am very good at keeping clients up to date in software
> patches and AV (trend WFBS) but am rethinking the local admin rights. The
> only thing that puts a hole in that theory is I have another associate who
> is major league locked down with non-local admin rights, updates, AV etc.
> in addition to a very good appliance firewall from Barracuda. His XP Pro
> clients are still getting hit. Labor to fix these issues is starting to
> get bad.