Security Basics mailing list archives
Re: computer with rootkit?
From: "Jamie Ivanov" <jamie.ivanov () gmail com>
Date: Thu, 29 Sep 2011 22:00:41 +0000
Do what you will and I will continue reverse engineering and fixing them. Ignore the fact that they can be fixed and it's not that difficult for seasoned malware specialists. In the end, not my problem, but the companies I work for will continue to reap the benefits of my work. :) Jamie Ivanov / KC9LFD m.608.399.4252 Blackberry: 32DD619E http://www.linkedin.com/in/jamieivanov -- -- -- -- -- -- -- -- -- -- -- -- This transmission (including any attachments) may contain confidential information, privileged material (including material protected by the solicitor-client or other applicable privileges), or constitute non-public information. Any use of this information by anyone other than the intended recipient is prohibited. If you have received this transmission in error, please immediately reply to the sender and delete this information from your system. Use, dissemination, distribution, or reproduction of this transmission by unintended recipients is not authorized and may be unlawful. Sent from my BlackBerry -----Original Message----- From: "Joe DeMarco" <demarcoj () comcast net> Sender: listbounce () securityfocus com Date: Thu, 29 Sep 2011 17:47:35 To: 'Dan Lynch'<DLynch () placer ca gov>; 'security basics'<security-basics () securityfocus com> Subject: RE: computer with rootkit? Dan you are exactly right. I have spent the better half of ten years learning and cleaning all types of malware/virus's but in the end I don't have the luxury nor do my customers, of the time it takes to remove rootkit issues. My experience is that there are always issues afterwards therefore wipe and start fresh. I can rebuild any PC back to near state with no issues to worry about in about 1.5 hours. -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Dan Lynch Sent: Thursday, September 29, 2011 2:34 PM To: security basics Subject: RE: computer with rootkit?
Repairing a rootkit infection is not that difficult. I've been reverse engineering them for years. Those who have suggested a reinstall should be ashamed.
Really? It would take at least a few hours to clean as you described, more for someone unfamiliar with the tools and procedures. While the process may be educational, the result is not entirely reliable. Re-imaging a machine to a standard install can be done in 15 minutes. Unless the system is highly customized, or a standard image isn't available, cleaning off an advanced rootkit is nearly always a waste of time. Dan Lynch, CISSP Information Technology Analyst County of Placer Auburn, CA
-----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Jamie Ivanov Sent: Thursday, September 29, 2011 9:36 AM To: Brian Rogalski; listbounce () securityfocus com; security basics Subject: Re: computer with rootkit?
------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727 d1 ------------------------------------------------------------------------ ----- No virus found in this message. Checked by AVG - www.avg.com Version: 10.0.1410 / Virus Database: 1520/3926 - Release Date: 09/29/11 ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- Re: computer with rootkit?, (continued)
- Re: computer with rootkit? Francois Yang (Sep 28)
- RE: computer with rootkit? Steven Marco (Modern Compliance Solutions) (Sep 29)
- Re: computer with rootkit? Francois Yang (Sep 28)
- Re: computer with rootkit? Jamie Ivanov (Sep 28)
- RE: computer with rootkit? Brian Rogalski (Sep 29)
- Re: computer with rootkit? Jamie Ivanov (Sep 29)
- Re[2]: computer with rootkit? Adam Pal (Sep 29)
- Re: Re[2]: computer with rootkit? Jamie Ivanov (Sep 29)
- RE: computer with rootkit? Dan Lynch (Sep 29)
- Re: computer with rootkit? Jamie Ivanov (Sep 29)
- RE: computer with rootkit? Joe DeMarco (Sep 29)
- Re: computer with rootkit? Jamie Ivanov (Sep 29)
- RE: computer with rootkit? Dan Lynch (Sep 30)
- Re: computer with rootkit? Security (Sep 30)
- Re: computer with rootkit? Jeff Stebelton (Sep 30)
- Re: computer with rootkit? Jamie Ivanov (Sep 29)
- Re: computer with rootkit? Ansgar Wiechers (Sep 29)
- Re: computer with rootkit? Jamie Ivanov (Sep 29)
- Re: computer with rootkit? Ansgar Wiechers (Sep 29)
- RE: computer with rootkit? Mikesch, David A (Sep 30)
- Re: computer with rootkit? Francois Yang (Sep 29)
- Re: computer with rootkit? rogue5 (Sep 29)