Jump to content

Sky Slate Blueberry Blackcurrant Watermelon Strawberry Orange Banana Apple Emerald Chocolate
Photo

Do files keep the header?


  • Please log in to reply
38 replies to this topic
Eedis
  • Members
  • 1775 posts
  • Last active: Aug 14 2015 06:33 PM
  • Joined: 12 Jun 2009
Okay, so I understand all files have a header just like emails. The header is the envelope that contains the IP address, host name, stuff like that to tell where the file is directed to. Is the header lost after it reaches the router or does every file still have the header that can be viewed some how?

My mom doesn't really go anywhere on the internet except news sites and to read the comics from the newspaper online. Although, she's been attacked by a virus twice this week. I've been able to kill them before they did any harm, but I kept a piece of one, it's quarantined, in hopes of getting an answer. I have no clue how she could be getting these virus's as she doesn't download anything. My brother comes over and gets on but he has a separate login, the virus's are under her name. Is it possible to view the header to find the website or IP address the virus's are coming from? I'm really like to know how she is getting these virus's.

Any help would be great, thanks.
AutoHotkey state, the forum, Poly, and Drainx1. The short story.
I love my wife, my life, my atomic-match; for giving me the greatest gift a man could ask for, such a perfect and beautiful little girl.
9rjbjc.png

codybear
  • Members
  • 600 posts
  • Last active: Feb 09 2015 12:41 PM
  • Joined: 15 Sep 2009
Not really an answer to your question, but I know I have been infected (along with many of my friends) from ads. I know there were some google ads that were infecting people a while back, but no idea if that's still going on or not as I have them blocked now.

Eedis
  • Members
  • 1775 posts
  • Last active: Aug 14 2015 06:33 PM
  • Joined: 12 Jun 2009
Well, the real question here is, is it possible to trace a file to it's source?
AutoHotkey state, the forum, Poly, and Drainx1. The short story.
I love my wife, my life, my atomic-match; for giving me the greatest gift a man could ask for, such a perfect and beautiful little girl.
9rjbjc.png

guest3456
  • Guests
  • Last active:
  • Joined: --
as i undestand it, i think youre confused. files dont have headers, but TCP/IP packets do. once the file is on your computer i'm not sure theres any way you can trace it. if you want to do a packet scan of real time TCP traffic you might be able to make some sense of the headers, but probably not, since they probably change as they jump from router to router. a TCP/IP or hacker forum might be able to help you better

theres lot of drive by viruses nowadays where you just visit a website and get infected. sometimes even legit sites have rouge flash ad banners that can infect you. best thing to do is to keep your plugins up to date, use a secure browser, and never run as administrator

MacroMan!
  • Members
  • 604 posts
  • Last active: Mar 20 2012 11:40 AM
  • Joined: 28 Aug 2009

and never run as administrator


+1

Very wise words, always do your normal daily routine in a limited account and switch to the admin account to install stuff/make changes.
What ever happened, happened.

Eedis
  • Members
  • 1775 posts
  • Last active: Aug 14 2015 06:33 PM
  • Joined: 12 Jun 2009
Hmm, I think I am a little confused about file headers. I have done some research on this topic but not much and haven't found anything so far. I will have to look for some hacking forums, those guys should know how to trace files.

Or I could call up the FBI and bribe them to give me some software of theirs. ;)

and never run as administrator


+1

Very wise words, always do your normal daily routine in a limited account and switch to the admin account to install stuff/make changes.


Okay, my brother does this and refuses to install virus protection software. I honestly find this to be the most inconvenient thing to do, especially with slow computers when it takes 10 minutes to switch or even 10 minutes to pull up the password dialog box to run as administrator. I also find the cons outweigh the pros for me as almost everything I do on the computer requires admin access, it'd be the biggest hassle to type in my password every 5 minutes. I find it much easier to use virus software and have a good knowledge on how to prevent them and use admin access. I've yet to be crippled by a virus for years. Call me living dangerous, but there's pros and cons with doing anything you do. I choose to run as admin.

As for my mom's computer, I could give her that advice as she doesn't do much on her computer. It just comes to the point when she does, she'll probably be calling me every time she does.

*EDIT* Third attack this week just happened 5 minutes ago. :/
AutoHotkey state, the forum, Poly, and Drainx1. The short story.
I love my wife, my life, my atomic-match; for giving me the greatest gift a man could ask for, such a perfect and beautiful little girl.
9rjbjc.png

MacroMan!
  • Members
  • 604 posts
  • Last active: Mar 20 2012 11:40 AM
  • Joined: 28 Aug 2009

Okay, my brother does this and refuses to install virus protection software.

:shock: That is what you call living dangerously on the net, even in a limited account, things can happen (e.g. downloading a virus, then next logon as admin, BOOM!). Always, always, always run anti-virus/firewall! There are plenty of free good ones (AVG, Comodo etc).

I also find the cons outweigh the pros for me as almost everything I do on the computer requires admin access

:shock: :shock: :shock:

What exactly do you do on your computer that requires admin access that often? Have you actually tried doing your daily routine on a computer in a limited account? How do you know that the things you are doing require admin access? I mean, I work with, fix and maintain computers as my job and on my main computer I prob need to log into the admin account once every 2 or 3 days, if that.

Sorry if this sounds harsh or blunt, but I have fixed computers for people that are very tech savvy, but have fallen pray to sophisticated virus's. If you are on a computer that is on the internet, you are susceptible, so the more precautions you take, the better.
What ever happened, happened.

Eedis
  • Members
  • 1775 posts
  • Last active: Aug 14 2015 06:33 PM
  • Joined: 12 Jun 2009
I myself am in college for an IT Help Desk Technician course and fix my friends and families computers. The thing is, I don't have much on my computer right now that I would have to care about if for some strange reason I become stupid to get a bad virus. Also, this computer is temporary and I don't plan on having it for long. I install a lot of stuff onto my computer and uninstall a lot of stuff on a daily basis. My daily routine is more than just a daily routine on a daily basis. If that makes sense. As in, I don't have a daily routine as I do different stuff on the computer daily. Cons greatly outweigh the pros for me. I'm not saying it's a dumb idea and I agree people who have something to lose should do it, but it just doesn't help me much in anyway.

This has also veered off topic. If you have anything to comment about, please message me.
AutoHotkey state, the forum, Poly, and Drainx1. The short story.
I love my wife, my life, my atomic-match; for giving me the greatest gift a man could ask for, such a perfect and beautiful little girl.
9rjbjc.png

MacroMan!
  • Members
  • 604 posts
  • Last active: Mar 20 2012 11:40 AM
  • Joined: 28 Aug 2009
<ot>
Although this is off topic still, I would still like to make a further comment.

As you are studying to become a help-desk technician, you are most likely aware of the runas command on windows (in fact right click on any program and you can click 'runas...').

I understand that you don't care much for the data held on your computer, but what if you got struck down with a fatal virus when you was in the middle of a project? pretty annoying huh?. The fact is, even if you install then uninstall 3 programs a day, that's what, six times in about 5-10 hours you have to enter your admin user/pass. How many times do you lock your comp daily for bathroom breaks etc? The average user will probably have to enter their password several times on a daily basis anyway.
</ot>
What ever happened, happened.

guest3456
  • Guests
  • Last active:
  • Joined: --

, but there's pros and cons with doing anything you do. I choose to run as admin.


thats fine if youre aware of the risks and know how to reformat and reinstall and dont mind the process

but theres no doubt that running as administrator is the biggest security leak in the history of windows. thats why ms introduced those UAC popups in vista, and i believe in win7 they have moved to the default account being limited

i would say that if you are running as a limited account, you could probably eliminate using anti virus software completely. its that important.

Eedis
  • Members
  • 1775 posts
  • Last active: Aug 14 2015 06:33 PM
  • Joined: 12 Jun 2009
Well, seeing as there is absolutely nobody in this household that needs to get anything from my computer, I don't even lock my computer. Can we just get off this topic as it's purely an opinionated difference?

A little example from a game I used to play called Ashen Empires.

Small Arms was a weapon type, as well as Polearms. The difference was that Polearms was extremely slow and powerful and Small Arms was extremely fast but weak. Many chose Small Arms over Polearms where as many chose Polearms over Small Arms. Some chose speed over power and vice versa. It's opinionated. I choose risky for convenience where you choose inconvenience for safety.
AutoHotkey state, the forum, Poly, and Drainx1. The short story.
I love my wife, my life, my atomic-match; for giving me the greatest gift a man could ask for, such a perfect and beautiful little girl.
9rjbjc.png

tank
  • Administrators
  • 4345 posts
  • AutoHotkey Foundation
  • Last active: May 02 2019 09:16 PM
  • Joined: 21 Dec 2007
You obviously don't understand virii. Your brothers probably getting your mother infected And you don't know it until your mother loves it with her anti virus The difference in user logins doesn't matter if the drive gets infected
Never lose.
WIN or LEARN.

tidbit
  • Administrators
  • 2709 posts
  • Hates playing Janitor
  • Last active: Jan 15 2016 11:37 PM
  • Joined: 09 Mar 2008
your not alone Eedis.

I run an on-demand AV (spybot s&d, though i got teatimer running) and no firewall, on an admin account. scan once (sometimes twice) a month with a few free cleaning tools.

it's probably been 2 years since I had any virus, and when i did get it, it had little/no effect. i also rarely get *ware.
my last major virus was probably 3+ years ago, and i did have to reinstall windows. but, I had backups, so little effect on me :roll:

are people just paranoid or do people just download any/everything they see?
why not download only from trusted sites and stay away from illegal softwares?

rawr. be very afraid
*poke*
. Populate the AutoHotkey city. Pointless but somewhat fun. .


Eedis
  • Members
  • 1775 posts
  • Last active: Aug 14 2015 06:33 PM
  • Joined: 12 Jun 2009
Hmm, I would have to agree on the downloading anything and everything and the paranoia part also. But, I download from untrusted sites, although, I scan everything before opening. That's one practice that has become habitual. Although, I stay away from P2P software, or viral incubators if you will, and I'm not completely stupid about the programs I run. I've been virtually virus clean on any of the systems that I've owned for the past 4 years. I'm not going to lie, I have downloaded infected files, but I deleted and cleaned up before they did anything.
AutoHotkey state, the forum, Poly, and Drainx1. The short story.
I love my wife, my life, my atomic-match; for giving me the greatest gift a man could ask for, such a perfect and beautiful little girl.
9rjbjc.png

TLM
  • Administrators
  • 3864 posts
  • Last active:
  • Joined: 21 Aug 2006
Remember there are also botted worms out there that search for ip addresses with open ports ( and their related services ).
PPL often forget to turn off plug and play, change default passwords change hide SSID Broadcast and turn on WEP/WPA on their routers.

Do a scan @ sheilds up to check wired ports: <!-- m -->https://www.grc.com/x/ne.dll?bh0bkyd2<!-- m -->
just to make sure your stealth or closed..

Posted Image

don't duplicate, iterate!