funsec mailing list archives
RE: Point of No Return? Microsoft Says Recovery fromMalwareBecoming Impo ssible
From: "Larry Seltzer" <larry () larryseltzer com>
Date: Tue, 4 Apr 2006 16:44:09 -0400
Bart-PE is a great tool for forensics and some diagnostics, but running Windows that way? It's awfully slow. One thing I like about it is that since the system is offline I have a higher degree of confidence in malware scans. Ironically, the rootkit scanners, like the F-Secure and Sysinternals ones, are designed only to be run online and don't work in Bart-PE. Larry Seltzer eWEEK.com Security Center Editor <blocked::http://security.eweek.com/> http://security.eweek.com/ <http://blog.ziffdavis.com/seltzer> http://blog.ziffdavis.com/seltzer Contributing Editor, PC Magazine larryseltzer () ziffdavis com _____ From: funsec-bounces () linuxbox org [mailto:funsec-bounces () linuxbox org] On Behalf Of Brown, James Sent: Tuesday, April 04, 2006 4:34 PM To: funsec () linuxbox org Subject: RE: [funsec] Point of No Return? Microsoft Says Recovery fromMalwareBecoming Impo ssible I've used that. Not very functional- you only have a few Windows goodies. No room for Office Apps IIRC. Jim B. _____ From: funsec-bounces () linuxbox org on behalf of Blanchard_Michael () emc com Sent: Tue 4/4/2006 3:57 PM To: drsollyp () drsolly com; fergdawg () netzero net Cc: funsec () linuxbox org Subject: RE: [funsec] Point of No Return? Microsoft Says Recovery from MalwareBecoming Impo ssible Bart-PE does just that :-) It's like a windows based Knoppix :-) Michael P. Blanchard Antivirus / Security Engineer, CISSP, GCIH, CCSA-NGX, MCSE Office of Information Security & Risk Management EMC ² Corporation 4400 Computer Dr. Westboro, MA 01580 -----Original Message----- From: funsec-bounces () linuxbox org [mailto:funsec-bounces () linuxbox org] On Behalf Of Drsolly Sent: Tuesday, April 04, 2006 1:17 PM To: Fergie Cc: funsec () linuxbox org Subject: Re: [funsec] Point of No Return? Microsoft Says Recovery from Malware Becoming Impo ssible On Tue, 4 Apr 2006, Fergie wrote:
Interesting. Via eWeek. [snip] In a rare discussion on the severity of the Windows malware scourge, a Microsoft security official said businesses should consider investing in an automated process to wipe hard drives and reinstall malware-infested operating systems. "When you are dealing with rootkits and some advanced spyware programs, the only solution is to rebuild from scratch. In some cases, there really is no way to recover without nuking the systems from orbit," Mike Danseglio, program manager in the Security Solutions group at Microsoft, said in a presentation at the InfoSec World conference here.
Maybe MS should do "Windows for Grannies", along the lines of grannix. If all the software is on CD Rom and you can't install software on the hard disk, then you've moved quite a long way to hardeing the system. _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list. _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list. _____ Note: The information contained in this message may be privileged and confidential and protected from disclosure. If the reader of this message is not the intended recipient, or an employee or agent responsible for delivering this message to the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please notify us immediately by replying to the message and deleting it from your computer. Thank you. ThruPoint, Inc.
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- RE: Point of No Return? Microsoft Says Recovery from MalwareBecoming Impo ssible Brown, James (Apr 04)
- RE: Point of No Return? Microsoft Says Recovery fromMalwareBecoming Impo ssible Larry Seltzer (Apr 04)
- RE: Point of No Return? Microsoft Says Recovery from MalwareBecoming Impo ssible Nick FitzGerald (Apr 04)
- Re: Point of No Return? Microsoft Says Recovery from MalwareBecoming Impo ssible Dude VanWinkle (Apr 05)