KE5EUP wrote: > > > philip gentile wrote: >> there is really no way possible to commercially develop a low cost >> operating system, such as windows, that allows third party software >> to run, etc., etc. without having it vulnerable to exploits. bugs and >> exploits in software, and hardware, are a fact of life in the product >> development world. >> >> putting a "rootkit" into any OS is really a no brainer and any person >> with a GED and malicious intent can trash any pc, regardless if it >> runs linux, mac, windows, or etc. especially when you employ no real >> means of prevention. > [ Thats BS. it takes skill to reverse engineer a specific > driver-signing mechanism that is closed source and and code a specific > rootkit for it.I was not talking about script kiddies that copy code > from the web and run around wreaking havoc] >> windows is vulnerable because it runs everything and all the various >> hooks, registery, and API functions are well documented. the same >> problem exists with windows server and most email server packages. in >> fact, there are several exploits to email servers that manifest >> themselves as window problems! people who run freeware virus >> protection like zone alarm are especially vulnerable as these program >> have exploits too. >> >> rootkits, viruses, and worms are a constant game for their authors >> and microsoft. once a month microsoft releases fixes and the spamers >> find new exploits and release new worms that day, sometimes the day >> before if the worm writer has an "in" at microsoft (that has >> happened) and worms come out the day before the exploit path >> exists!!. it will never end. > >> [zero day exploits have nothing to do with spammers a lot of good >> people make a living finding exploits and coding fixes for them] > >> as soon as linux and mac has a physical population that is attractive >> to spamers, they to will be compromised and exploited to, there is no >> doubt about that. saying that microsoft was embarrassed because >> someone can install a rootkit or worm on a new rev of software is >> akin to asking a bank robber why does he rob banks (i.e. that's where >> the money is!) >> >> (as a challenge to any black hat dude or spamer, i run snort 2.1, >> with my own rules set, inline on a dedicated and clean machine right >> off the lan side of my router. i challenge anyone to exploit my >> network here at home. everything they need to know is in this email >> if they want to try to give it a shot!) > >> [The only secure computer has had a clean install and no drive >> access and is not attached to the internet. snort is a good tool but >> even with custom rules it is no match for someone with the prorwe >> skills to exploit your system. Thanks for your comments. My point was >> this was quite significant given the manhours and money MS spent on >> thier new driver signing scheme. Of couse you are right about the GED >> part most likely a 12 -15 year old will end up taking your system >> down. After all if someone wants in your system they will get in.] > 73 > Al > > PS here is a link to her blog: > http://theinvisiblethings.blogspot.com/ >> >> i'm not sure if i ever saw a rootkit that was detectable as by nature >> it is part of the OS once it is loaded! i futzed around with a few >> different rootkits and tried cleaning them with McAfee and the only >> solution was to do a clean install. rootkits aren't worms so all the >> standard off the shelf virus software is pretty much useless against >> them. the cheapest way to protect your windows pc against rootkits is >> log on as a user without administrative priviledges. >> >> : ) >> >> phil AB2JL >> >> ps - i'll be on 160 meters on the flex tonight! yeah! - top band and >> the best radio ever made! life is good. >> >> >> ----- Original Message ----- From: "KE5EUP" <[EMAIL PROTECTED]> >> To: "Flex Radio Reflector" <flexradio@flex-radio.biz> >> Sent: Wednesday, January 03, 2007 5:27 PM >> Subject: [Flexradio] [OT] One interesting Lady, Must have been >> another embarrsing day at Microsoft. >> >> >>> Polish researcher Joanna Rutkowska also used the spotlight of the 2006 >>> Black Hat Briefings to showcase new research into rootkits and stealthy >>> malware. In a standing-room-only presentation, she dismantled the new >>> driver-signing mechanism in Windows Vista to plant a rootkit on the >>> operating system <http://www.eweek.com/article2/0,1895,2078362,00.asp#> >>> and also introduced the world to "Blue Pill," a virtual machine rootkit >>> <http://www.eweek.com/article2/0,1895,1983037,00.asp> that remains "100 >>> percent undetectable," even on Windows Vista x64 systems. >>> >>> _______________________________________________ >>> FlexRadio mailing list >>> FlexRadio@flex-radio.biz >>> http://mail.flex-radio.biz/mailman/listinfo/flexradio_flex-radio.biz >>> Archive Link: http://www.mail-archive.com/flexradio%40flex-radio.biz/ >>> FlexRadio Homepage: http://www.flex-radio.com/ >>> >>> FlexRadio Knowledge Base: http://kb.flex-radio.com/ >> >> >> >
_______________________________________________ FlexRadio mailing list FlexRadio@flex-radio.biz http://mail.flex-radio.biz/mailman/listinfo/flexradio_flex-radio.biz Archive Link: http://www.mail-archive.com/flexradio%40flex-radio.biz/ FlexRadio Homepage: http://www.flex-radio.com/ FlexRadio Knowledge Base: http://kb.flex-radio.com/
