You didn't tell us how you cracked the full disc encryption. (There
are
ways around controls, but that is why we have multiple security
layers.)
With a bootkit, of course. (That is why we have multiple tools.)
___
Full-Disclosure - We
All secured/regulated systems as required by most certifications/standards/best
practices.
On Jul 13, 2013, at 8:52 PM, valdis.kletni...@vt.edu wrote:
On Sat, 13 Jul 2013 13:23:18 +0200, Alex said:
This one is a classic, but it will fail integrity checks of
tripwire/ossec/whatever you use.
My response was to how many system implement such controls.
You could however (since u have access) disconnect the network cable, replace
magnify wt cmd etc. add admin, replace the cmd back and reconnect.
Solved?? :)
On Jul 13, 2013, at 11:49 PM, valdis.kletni...@vt.edu wrote:
On Sat, 13 Jul
And dont forget the logs/audits etc...
On Jul 14, 2013, at 9:27 AM, Moshe Israel moshe.isr...@grsee.co.il wrote:
My response was to how many system implement such controls.
You could however (since u have access) disconnect the network cable, replace
magnify wt cmd etc. add admin, replace
Discussion is drifting away. It is a nice discovery but nothing with big
impact.
Am 14. Juli 2013 08:27:23 schrieb Moshe Israel moshe.isr...@grsee.co.il:
My response was to how many system implement such controls.
You could however (since u have access) disconnect the network cable,
Mcafee KB 66153
Am 14. Juli 2013 06:40:57 schrieb whizzb...@hush.ai:
You didn't tell us how you cracked the full disc encryption. (There
are ways around controls, but that is why we have multiple security
layers.)
With a bootkit, of course. (That is why we have multiple tools.)
Genius !
Both McAfee RootKit Detective
(http://vil.nai.com/vil/stinger/rkstinger.aspx) and SysInternals
RootKitRevealer
(http://technet.microsoft.com/en-us/sysinternals/bb897445.aspx), as
well as others provide tools to do exactly this kind of detection,
and of course, with a reputable
Ruxcon 2013 Final Call For Papers
Melbourne, Australia, October 26th-27th
CQ Function Centre
http://www.ruxcon.org.au/call-for-papers/
The Ruxcon team is pleased to announce the final call for papers for Ruxcon.
This year the conference will take place over the weekend of the 26th and 27th
of