Read the article that everyone's commenting on.
Subscribe to the RSS Feed for comments on this article.
>So the challenge was how to copy the hard disk
>contents off without actually booting the
>operating system and activating any malware
>while the machine sat on the supposedly "safe"
>side of my firewall.
Even if it was on the safe side of your hardware firewall, don't all your computers still have software firewalls (at least the Windows XP default firewall) on their own individual connections? Would an infected computer on the network still be a risk to the others if all the other computers do have their software firewalls enabled? I've always assumed it wouldn't, but your post seems to imply otherwise...
Posted by: Simon at December 10, 2006 7:55 PM
Because I keep the "safe side" of my network safe, I do not run software firewalls on any of my machines. Yes, an infected machine on the "safe side" could certainly infect other machines on my network. That's why when I bring a potentially suspect machine to the 'safe side' I need to take extra precautions, as I described.
Posted by: Leo Notenboom at December 10, 2006 8:20 PM
So, what was the actual issue? Did your router not want to add the network card to it's routing table? Had me an SMC router once, had to reboot that POS every other day - avoid like the plague.
Posted by: Ivan at December 13, 2006 7:31 AM
ok all that makes sense however I think you are doing this all the wrong way and making this way too complicated. if you copy the contents of the hard drive it may copy the viruses, trojans, worms..etc. So why not boot it up clean the hard drive using various antivirus/antispyware tools, once done that organize with your friend what exactly he wants on it so this can be much easier than coping the entire drive with system files. doing that you can safely and easily copy it's content via cd burning or onto another drive without any problems and you can clear it after that!
Posted by: Dominique at December 13, 2006 10:16 AM
If the system is badly compromised (and I had no assurance that it wasn't) a virus scan may not clean things out completely - the virus scanner itself might be infected. In addition, the machine wasn't running well so I'm not certain I actually COULD have booted and run a Virus scan.
And finally, I wanted an *exact* image of what my friend had left - I wanted to avoid any changes prior to saving the image, and that included any changed due to a virus scan.
Posted by: Leo at December 13, 2006 10:22 AM
eyy leo thx for the myspace updates. especially the one where you put a picture as a caption. i relle wondered how to do that and now i now
thz a LOT!!!
Posted by: Rhoda at January 29, 2007 5:20 PM
i have a virus that disabled my firewall, and it appears to be impossible to bring it back up. Also, this virus is blocking my attempts to boot from disk. I can boot up, but I can't bring up the firewall, and it doesn't even mention booting into safe mode. I'm running Vista. What do I do? Is there anything to do?
Posted by: mike g at March 3, 2009 3:45 PM
Read the article that everyone's commenting on.
Subscribe to the RSS Feed for comments on this article.
Comments
Read the article that everyone's commenting on.
Subscribe to the RSS Feed for comments on this article.
>So the challenge was how to copy the hard disk
>contents off without actually booting the
>operating system and activating any malware
>while the machine sat on the supposedly "safe"
>side of my firewall.
Even if it was on the safe side of your hardware firewall, don't all your computers still have software firewalls (at least the Windows XP default firewall) on their own individual connections? Would an infected computer on the network still be a risk to the others if all the other computers do have their software firewalls enabled? I've always assumed it wouldn't, but your post seems to imply otherwise...
Posted by: Simon at December 10, 2006 7:55 PMBecause I keep the "safe side" of my network safe, I do not run software firewalls on any of my machines. Yes, an infected machine on the "safe side" could certainly infect other machines on my network. That's why when I bring a potentially suspect machine to the 'safe side' I need to take extra precautions, as I described.
Posted by: Leo Notenboom at December 10, 2006 8:20 PMSo, what was the actual issue? Did your router not want to add the network card to it's routing table? Had me an SMC router once, had to reboot that POS every other day - avoid like the plague.
Posted by: Ivan at December 13, 2006 7:31 AMok all that makes sense however I think you are doing this all the wrong way and making this way too complicated. if you copy the contents of the hard drive it may copy the viruses, trojans, worms..etc. So why not boot it up clean the hard drive using various antivirus/antispyware tools, once done that organize with your friend what exactly he wants on it so this can be much easier than coping the entire drive with system files. doing that you can safely and easily copy it's content via cd burning or onto another drive without any problems and you can clear it after that!
Posted by: Dominique at December 13, 2006 10:16 AMIf the system is badly compromised (and I had no assurance that it wasn't) a virus scan may not clean things out completely - the virus scanner itself might be infected. In addition, the machine wasn't running well so I'm not certain I actually COULD have booted and run a Virus scan.
And finally, I wanted an *exact* image of what my friend had left - I wanted to avoid any changes prior to saving the image, and that included any changed due to a virus scan.
Posted by: Leo at December 13, 2006 10:22 AMeyy leo thx for the myspace updates. especially the one where you put a picture as a caption. i relle wondered how to do that and now i now
Posted by: Rhoda at January 29, 2007 5:20 PMthz a LOT!!!
i have a virus that disabled my firewall, and it appears to be impossible to bring it back up. Also, this virus is blocking my attempts to boot from disk. I can boot up, but I can't bring up the firewall, and it doesn't even mention booting into safe mode. I'm running Vista. What do I do? Is there anything to do?
Posted by: mike g at March 3, 2009 3:45 PMTo post a comment on "Sometimes, it's not what you think", please return to that article's main page.