Thread

Based on this article Use of Rogue DNS Servers on Rise which states:

“Most up-to-date antivirus software will catch and banish the viruses used to change DNS settings. Once a computer’s been infected, users need to run a new scan with the latest software and change their DNS settings back - which is easy.”

Is it still the common view that OSX Macs don’t need antivirus software?

Thanks for your feedback.

I like to keep my MacOS X system preferences “locked”.  So if you want to go in and change settings at the system level, like DNS, you will be prompted to type in your password to “unlock” the systems preferences to allow those changes.  In the System Preferences Panel there is a little “lock/unlock” icon, great for keeping even people with physical access to your system from doing a quick “change” of your settings if you step away and don’t lock your screen too 😉

While nothing is 100% secure, that little step is going to at least bring you aware of the fact that something is looking to make system level changes, and you should really know or consider what you are running that may ask for your administrative password to be typed.  This step is probably better initially at blocking behind the scenes “virus” changes, foreground “Trojan” applications, and so on.  Last I looked I don’t think Windows as a 2nd level password request when you are already logged in and you want to change Network settings and the like.  Might be in Vista but have not really bothered to look.

As always “your mileage may vary” and this is just my personal opinion. 😊

Like Nevin, I keep my network preferences in system preferences locked. I also run Little Snitch which is well worth the expense just in terms of the numerous corporate traffic it blocks—applications from Adobe, Microsoft, etc. that sends data or attempts to communicate with the creator whenever you open them. Adobe can be particularly bad—despite turing off Auto Update and putting a full block on all its internet communication. It still launches AutoUpdate whenever I accidently open a PDF in a web browser or such. Also Apple’s implementation of notifying when an application is being run for the first time, as well as when files downloaded from the internet are opened or attempt to run for the first time is pretty good as well.

But still with that, I’m a firm believer in anti-virus software for the Mac. I know lots of Mac consultants eschew it, but with the amount of file-sharing that happens between Macs ad PCs, I just don’t agree with them.  My thoughts on it are threefold:

(1) Even if a virus can’t effect your computer, why have hundred, or depending on the amount of email you get, thousands of the little bugger files sitting on your computer in your email attachments, etc.?;

(2) While they might not cause any harm to your machine, Macro viruses are still darn annoying for Macintosh users that still use Microsoft Office products, and officially means that your machine can infect someone else’s. And yes, there are Macro viruses that work under OS X, at least enough to modify your normal.dot template so that your machine distributes;

(3) People laugh at why should they help those stupid PC users, but maybe its that my blood lives and breathes a credo that firmly places me in the nonprofit sector, ‘you help your fellow man/human/small animals, etc.’  I’m a firm believer in responsibility—self and social—you don’t just willy nilly exist in the world to be smug and above everything else (this isn’t a Mac user thing, there are tons of PC techs and Linux gurus with this attitude as well).

We exist to create change, and while you can determine what type of change you wish to make, there are millions of things you can do everyday to make that can make your path positive or at least not so negative—smile at your neighbor, document your code well, look at that deer without shooting it, and turn on your anti-virus software. Really, unless its Norton or Symantec there’s no harm to you, and increased benefit to the world.

I use Sophos.

(1) Even if a virus can’t effect your computer, why have hundred, or depending on the amount of email you get, thousands of the little bugger files sitting on your computer in your email attachments, etc.?;

Ok so technically I do use AV software as all of my inbound email is passed through our anti-spam/anti-virus systems, which are updated as frequently as every 5 minutes if there are new viruses, or spam to trap, long before it arrives in my inbox.  I don’t use file sharing networks, and until MS makes a version of Office for OS X that does not suck, again… They use to make a great version of Office for Mac, but its been a long long time… I use alternatives there as well.  But again, your mileage may vary. 😊

Yes, the use of server level anti-virus/anti-spam system probably increases the number of Mac users with who benefit from antivirus software greatly. And server level use is great, because then you rarely have to deal with those things, including things like maintenance. For example, updated every 5 minutes versus my desktop antivirus is update once an hour.

But also great that Nevin mentioned filesharing sites, and I’ll add to the list music lyric sites, anime sites, etc.  Even if the sites are reputable, I’ve notice that the ads serve often serve a whole host of gifts for you and your family. Almost every time I visit a lyric site, based on a phrase search, whenever I load the page some javascript or something runs and downloads viruses, trojans, etc to my machine.  I feel safe visiting, because my Mac notifies me of the download, and my anti-virus software typically wipes the file; but I do feel sorry for PC users.  Once I was on A-Z Lyrics getting the lyrics for a World Leader Pretend song, and the site downloaded five virus/trojans to my machine in the minute or two I was on the site, and at least two of the files attempt to run/open themselves.

So maybe on top of Rouge DNS servers there are also Rouge Ad servers, because it was massive and invasive, and some of these sites get millions of daily hits mostly from PCs that provide very little protection from auto-install scripts.

I’m starting to feel a bit ‘naked.’ I think I’ll give Sophos a try.

Thanks to you both for your insights!

I don’t wish to start any arguments here but Nevins response has really pushed me to write this; Every windows basher complains about UAC, why? When you ring telephone banking they don’t ask if you use a mac/pc, so why does simple security such as “Are you sure” get such a bad rep on one platform, and almost praised on the other?

so why does simple security such as “Are you sure” get such a bad rep on one platform, and almost praised on the other?

Implementation. Even diehard Windows advocates, often mention that Mac OS X’s UAC is pretty close to the way it should be done. It’s not super intrusive, it’s not annoying, and often it’s reassuring.

I get annoyed with Vista’s take in about five minutes. The one time that I can recall being annoyed at Apple’s UAC was when I was downloading and opening a number of PDF files, that were irritatingly named 101.pdf, 102.pdf, 103.pdf and I didn’t have a reference for which file I wanted.  Getting 10, ‘you’re about to open a file from the internet…’ was annoying, but not more so than the fact that the files were so poorly named and referenced in the first place.

I personally feel like smashing my Apple Keyboard every time I have to respond to whether or not I really want to open this file that come from the internet or an email.  It’s my #1 gripe of all of the changes made in Leopard.

I say do it, smash it.  I double dog dare you.