funsec mailing list archives
Re: 'Vitriol' Rootkit to Demo at MS BlueHat Hacker Summit
From: Blue Boar <BlueBoar () thievco com>
Date: Wed, 18 Oct 2006 00:22:14 -0700
Dude VanWinkle wrote:
In the last thread about this we learned that turning off the VM capabilities on a machine will disable this payload. If it holds true for this one as well then it would seem this VM technology should only be enabled on machines that need it, while the rest of people should disable this feature, if it isnt disabled already (its turned off by default in Optiplexs' BIOS, not sure about other brands).
I believe having the VM software's hypervisor loaded will prevent other hypervisors from loading.
BB _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- 'Vitriol' Rootkit to Demo at MS BlueHat Hacker Summit Fergie (Oct 17)
- Re: 'Vitriol' Rootkit to Demo at MS BlueHat Hacker Summit Valdis . Kletnieks (Oct 17)
- Re: 'Vitriol' Rootkit to Demo at MS BlueHat Hacker Summit Dude VanWinkle (Oct 17)
- Re: 'Vitriol' Rootkit to Demo at MS BlueHat Hacker Summit Blue Boar (Oct 18)
- Re: 'Vitriol' Rootkit to Demo at MS BlueHat Hacker Summit Dude VanWinkle (Oct 17)
- RE: 'Vitriol' Rootkit to Demo at MS BlueHat Hacker Summit Larry Seltzer (Oct 17)
- Re: 'Vitriol' Rootkit to Demo at MS BlueHat Hacker Summit Blue Boar (Oct 18)
- Re: 'Vitriol' Rootkit to Demo at MS BlueHat Hacker Summit Dude VanWinkle (Oct 18)
- Re: 'Vitriol' Rootkit to Demo at MS BlueHat Hacker Summit Blue Boar (Oct 18)
- Re: 'Vitriol' Rootkit to Demo at MS BlueHat Hacker Summit Dude VanWinkle (Oct 18)
- RE: 'Vitriol' Rootkit to Demo at MS BlueHat Hacker Summit Larry Seltzer (Oct 17)
- <Possible follow-ups>
- RE: 'Vitriol' Rootkit to Demo at MS BlueHat Hacker Summit Larry Seltzer (Oct 17)
- RE: 'Vitriol' Rootkit to Demo at MS BlueHat Hacker Summit Fergie (Oct 17)