Author Topic: A couple of beginner's questions  (Read 9007 times)

0 Members and 1 Guest are viewing this topic.

Online DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 83337
  • No support PMs thanks
Re: A couple of beginner's questions
« Reply #15 on: May 18, 2008, 07:26:46 PM »
Shame about your copy of Outlook isn't recent enough, it would have been very convenient.

STunnel by all accounts isn't too hard to set-up and there are a few topics to help. Though if you are only using webmail, viewed through your browser and you don't use an other email client, that really isn't an issue as there is nothing to download through STunnel as you have the chicken and egg problem. Outlook 2000 doesn't need Tunnel, but Outlook 2000 isn't supported by gmail or yahoo.

I also us a disk imaging tool, Drive Image 7.1 before it to got bought out by Symantec. I do a weekly image of the partitions on my master HDD and save the copies on my slave drive, it is also possible to burn them to DVD. But I don't know if I would like to use that as a primary means of protection. Though even this isn't necessary as and gmail and yahoo don't support Outlook 2000 so you wouldn't be downloading email through outlook 2000.

Something not to forget in this matter is that your gmail is also scanned at source, that does reduce the risk but wouldn't eliminate it. For that what you are suggesting would work up to a point.
WinXP ProSP3/ Core2Duo E8300/ 4GB Ram/ avast! free 18.5.2342/ Firefox ESR, uBlock Origin, uMatrix/ MailWasher Pro7.11.0/ DropMyRights/ WinPatrol+/ Drive Image 7.1/ SnagIt 10.0/ avast! mobile security
Windows 10 Home 1909 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 20.5.2415 (build 20.5.5410.561) UI-1.0.532/ WinPatrol+/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro

Offline trigan

  • Jr. Member
  • **
  • Posts: 68
Re: A couple of beginner's questions
« Reply #16 on: May 18, 2008, 08:39:47 PM »
Thank you for your helpful comments, DavidR.

The only thing you say that I do not understand is :

"But I don't know if I would like to use that ( make image files of Windows partitions ) as a primary means of protection."

Can you give me your reasons as to why you say this ?

Even in the worst scenario where a virus downloaded from the internet ends up erasing my entire master drive, I could still quite easily restore it exactly as it was in under an hour so long as the partitions remain intact.

If you think I may be wrong, please enlighten me.

Online DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 83337
  • No support PMs thanks
Re: A couple of beginner's questions
« Reply #17 on: May 18, 2008, 08:53:53 PM »
Simply because there is the delay from the image being made to the restoration of a .pst file (this is after all why you were suggesting the ghost image), which is a volatile file that can change on an hourly basis.

It isn't how long it takes to restore but how long since the ghost image and as I mentioned if you are doing more frequent incremental images rather than something like a weekly or longer interval 'Full' image.

It is I would say using a sledge hammer to crack a nut, when you could create a batch file or use a back-up program to do regular hourly backups of volatile files like .pst, .doc, your bookmarks, etc. All of which is a bit of a moot point if you can't use Outlook for your gmail/yahoo email as there would be no .pst file to be infected/scanned/corrupted, etc.

Remember we were talking of using this for the protection of .pst files nothing else mentioned about other scenarios.
WinXP ProSP3/ Core2Duo E8300/ 4GB Ram/ avast! free 18.5.2342/ Firefox ESR, uBlock Origin, uMatrix/ MailWasher Pro7.11.0/ DropMyRights/ WinPatrol+/ Drive Image 7.1/ SnagIt 10.0/ avast! mobile security
Windows 10 Home 1909 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 20.5.2415 (build 20.5.5410.561) UI-1.0.532/ WinPatrol+/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro

Offline trigan

  • Jr. Member
  • **
  • Posts: 68
Re: A couple of beginner's questions
« Reply #18 on: May 18, 2008, 11:42:51 PM »
Thank you once again for your helpful comments.

Oh I see. You were talking about making image files as protection with regard.pst files which Outlook program creates and nothing else.

I am not going to bother use Microsoft Outlook 2000 at all but stick to Google and Yahoo Mail.

That being the case, there is not going to be any .pst file to be infected / scanned / corrupted as you said.

I am just wary about what you said earlier on keeping the Internet Mail Avast provider on high sensitivity just in case some undetected or hidden malaware in my hard drive ( e.g. I forget to scan my hard driver with my Avast AV program ) in the future has its own very small email program and uses it to send email from my computer.

So I think I better keep that Internet Mail provider on high sensitivity even though it is going to slow down my antiquated computer.

Regarding Microsoft Outlook 2000 which is now installed and configured on my computer, would it be better to leave it or should I now uninstall it ?

You also wrote earlier :
Something not to forget in this matter is that your gmail is also scanned at source, that does reduce the risk but wouldn't eliminate it.

It is still a bit hazy to me how reading my Google Emails on Firefox can infect my hard drive ? Can you explain this to me please ? After all, the emails in my Google account are stored on another computer, aren't they ?
Thank you again.


Offline alanrf

  • Avast Evangelist
  • Massive Poster
  • ***
  • Posts: 3867
  • Just an avast user
Re: A couple of beginner's questions
« Reply #19 on: May 19, 2008, 12:04:03 AM »
When you read your Web based email in your browser the body of the email is downloaded to the browser on your system to either display it (if it is plain text) or to execute the html code that most of our emails are made of these days.  The execution of the html code takes place on your system and the html code can tell the browser to go out an bring in more pieces of code and images etc. from other servers on the Internet.

The webshield will be scanning all this activity as it proceeds to display your email. 

The greater threat is when you choose to download to your system and attachments that come with the email message.  If you do you should be sure to have avast scan them (or use an download manager add-on for Firefox that allows you to have avast automatically scan any files you download). 

Online DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 83337
  • No support PMs thanks
Re: A couple of beginner's questions
« Reply #20 on: May 19, 2008, 12:06:05 AM »
Leaving the Internet Mail provider installed and running won't overly tax anything other than its minimal RAM use as it starts, there will be no activity as if there is no smtp (sending) email traffic it will have nothing to do but sit and wait.

If there is an attachment in the email that you want to download then gmail should have pre-scanned it minimising the risk and the standard shield should also cut you some slack depending on the file type being downloaded. You can get infected just by reading an email, there is a powerful function called an iframe tag.

This is an HTML code function that is usually used on web pages to provide dynamic content, e.g. import data into the iframe, this can just as easily be in an email (often used to import adverts) and in stead of importing data/ads, etc. it could just as easily execute a file on the internet. So I would hope that gmail would also have that covered, if not the web shield might also give some cover, provided the web page you are browsing your email over isn't https (secure).

And as Alan said to be viewed on your browser it has to be in the browser cache on 'your' system, be careful out there.
WinXP ProSP3/ Core2Duo E8300/ 4GB Ram/ avast! free 18.5.2342/ Firefox ESR, uBlock Origin, uMatrix/ MailWasher Pro7.11.0/ DropMyRights/ WinPatrol+/ Drive Image 7.1/ SnagIt 10.0/ avast! mobile security
Windows 10 Home 1909 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 20.5.2415 (build 20.5.5410.561) UI-1.0.532/ WinPatrol+/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro

Offline trigan

  • Jr. Member
  • **
  • Posts: 68
Re: A couple of beginner's questions
« Reply #21 on: May 19, 2008, 11:59:21 AM »
Thank you David and Alan for your information.

So if I understand correctly, the reason why web based email can still infect my computer with malaware is because firefox.exe is running on my computer and its job is to gather the digital information that I ask for, from my ISP server, be it web pages or web based emails. That digital information can contain malaware. But thankfully, Avast webshield provider will be scanning all this digital information as it arrives in my computer and displays the web pages on my computer.

To David,
You wrote something which I am not sure about. I quote :
The (Avast ) web shield might also give some cover, provided the web page you are browsing your email over isn't https (secure).
-----
Avast software cannot scan web pages that are encrypted using SSL.
So are you referring to websites that use SSL including Google or Yahoo Mail ?
Is there a way of knowing whether a web page is using SSL ?

How can I browse my Google email over a web page that is not using SSL ?


Online DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 83337
  • No support PMs thanks
Re: A couple of beginner's questions
« Reply #22 on: May 19, 2008, 04:07:38 PM »
1. it isn't because you have firefox that webmail email displayed using firefox could, but any browser as they act the same way, download the content into the browser cache and display it according to the HTML layout code. If that code includes an iframe tag with actions to carry out all browsers act the same way, if anything firefox is possibly more secure in this regard.

2. SSL is usually associated with email and the download from an email server to an email program and not with webmail, which is displayed using the HTTP protocol, the secure version of that protocol is HTTPS, the S standing for secure (encrypted).

So how do you know:
a) the URL displayed in the browser address bar begins with HTTPS.
b) there should also be a little padlock in the status bar of the browser (the bit at the bottom of the browser window).

Many webmail services start by you logging in on an HTTPS (secure) page and once your user name and password is validated your email account is usually displayed in a normal HTML page, if that is the case then the Web Shield can scan that content as it is downloaded to your browser cache so it can be displayed on your browser. If however that is on an HTTPS page then avast's web shield 'can't' scan it because it is encrypted (the whole point of the encryption) so the HTTPS traffic is ignored by the web shield.

You are confusing the two different protocols one for standard email and the other for browsing (be that webmail or standard web pages).
WinXP ProSP3/ Core2Duo E8300/ 4GB Ram/ avast! free 18.5.2342/ Firefox ESR, uBlock Origin, uMatrix/ MailWasher Pro7.11.0/ DropMyRights/ WinPatrol+/ Drive Image 7.1/ SnagIt 10.0/ avast! mobile security
Windows 10 Home 1909 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 20.5.2415 (build 20.5.5410.561) UI-1.0.532/ WinPatrol+/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro

Offline trigan

  • Jr. Member
  • **
  • Posts: 68
Re: A couple of beginner's questions
« Reply #23 on: May 19, 2008, 05:54:08 PM »
Thank you for your answer, DavidR.

Yes, of course I realize that it could be any browser not just firefox that applies to what I said.

Regarding the different protocols you mentioned. If I understand correctly......

HTTP protocol is used for normal web pages including webmail.

HTTPS protocol is used by shopping websites or web mail providers like Google in order to sign you into your private account. HTTPS uses SSL protocol in order to encrypt private information such as username, password, address, bank account details etc.

Since I am not at all familiar with email programs like MS Outlook or Thunderbird, would the following be correct as well ?

HTTP protocol is used by ISP servers to download one's email to an email program such as MS Outlook or Eudora that is installed on one's computer.


Online DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 83337
  • No support PMs thanks
Re: A couple of beginner's questions
« Reply #24 on: May 19, 2008, 06:35:24 PM »
Its a Yes, Yes and No

SSL/TLS are secure layers for communication and work with the Protocol/s used by that of either the email program or browser to keep the communication secure.

a) When the email is sent or received using a secure sockets layer (that is what SSL stands for) for transmission or receipt of emails, to and from the email server and using a the POP3 or SMTP protocols an email program.

b) The browser uses the HTTP protocol but over a secure socket layer, identified by HTTPS

HTTP is an internet protocol that is only used by browsers, email is downloaded from email servers and uses email protocols, when an email program (like OE or thunderbird or ms outlook) is used to send and receive emails.

See http://en.wikipedia.org/wiki/Https and http://en.wikipedia.org/wiki/Secure_Sockets_Layer.
WinXP ProSP3/ Core2Duo E8300/ 4GB Ram/ avast! free 18.5.2342/ Firefox ESR, uBlock Origin, uMatrix/ MailWasher Pro7.11.0/ DropMyRights/ WinPatrol+/ Drive Image 7.1/ SnagIt 10.0/ avast! mobile security
Windows 10 Home 1909 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 20.5.2415 (build 20.5.5410.561) UI-1.0.532/ WinPatrol+/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro

Offline trigan

  • Jr. Member
  • **
  • Posts: 68
Re: A couple of beginner's questions
« Reply #25 on: May 19, 2008, 10:19:25 PM »
Thank you for your reply, DavidR.

So if I understand correctly, HTTP protocols are only used by Internet browsers and POP3 or SMTP protocols are only used by email programs such as MS Outlook and Thunderbird. But both kinds of protocols can incorporate SSL in order to encrypt computer code.

Obviously, email programs do not normally use SSL otherwise the Avast Resident Protection providers such as Internet Mail and Outlook/Exchange would not be able to scan the emails.

Out of curiosity, does your email program allow you to encrypt an email using SSL and then send it ? Do email programs normally allow you to do this ?



Offline alanrf

  • Avast Evangelist
  • Massive Poster
  • ***
  • Posts: 3867
  • Just an avast user
Re: A couple of beginner's questions
« Reply #26 on: May 19, 2008, 10:52:15 PM »
Again a yes but ...

you are quite right in believing that avast cannot scan the secure email connections between mail clients and mail servers. 
avast can scan the standard unsecured connections.  The email clients (and their users) have no choice about whether to use secure connections to the mail server.  The choice is made entirely by the administrators of the mail servers - they decide what kind of connections to offer for their service and they are in control. 

More and more mail servers are moving to using secure connections only but some offer both.  The move to secure connections (especially) for sending is being driven more by the needs of the mail services to restrict access to their sending servers to their real users and to prevent them being used by spammers.

As mentioned by DavidR, there is a free third party program called STunnel that you can use to manage the secure connections to the mail servers and allow the mail to be passed to/from an email client (completely securely inside your system) so that it can be scanned by avast.  avast have advised that in avast release 5 this support will be provided directly by avast.

The case for MS Outlook is a special one.  MS have defined an interface to Outlook so that antivirus vendors (like avast) can provide a plugin that can scan the messages sent and received totally independently of whatever type of email connection is being used.  This makes the use of the Outlook/Exchange provider of avast with MS Outlook so much more preferable than the Internet Mail provider.         
« Last Edit: May 19, 2008, 10:53:47 PM by alanrf »

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67275
Re: A couple of beginner's questions
« Reply #27 on: May 19, 2008, 10:55:46 PM »
Out of curiosity, does your email program allow you to encrypt an email using SSL and then send it ? Do email programs normally allow you to do this ?
Programs generally allow this. The use of SSL is a feature of the ISP and not the program.
Problem is: avast can't scan SSL connections... (yet).
The best things in life are free.

Offline trigan

  • Jr. Member
  • **
  • Posts: 68
Re: A couple of beginner's questions
« Reply #28 on: May 19, 2008, 11:36:21 PM »
To DavidR, Alanrf and Tech,

Thank you very much indeed for explaining all these details to me. Much appreciated.

Online DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 83337
  • No support PMs thanks
Re: A couple of beginner's questions
« Reply #29 on: May 19, 2008, 11:43:47 PM »
You're welcome, glad I could help.
WinXP ProSP3/ Core2Duo E8300/ 4GB Ram/ avast! free 18.5.2342/ Firefox ESR, uBlock Origin, uMatrix/ MailWasher Pro7.11.0/ DropMyRights/ WinPatrol+/ Drive Image 7.1/ SnagIt 10.0/ avast! mobile security
Windows 10 Home 1909 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 20.5.2415 (build 20.5.5410.561) UI-1.0.532/ WinPatrol+/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro