funsec mailing list archives
Re: Security Vendor Bypasses Microsoft's Vista PatchGuard
From: "Dude VanWinkle" <dudevanwinkle () gmail com>
Date: Wed, 25 Oct 2006 15:58:00 -0400
On 10/25/06, Blue Boar <BlueBoar () thievco com> wrote:
Dude VanWinkle wrote: > How come sophos isnt concerned about not having access to the kernel? It appears that their product doesn't rely on kernel hooks, and so they are capitalizing on that for their marketing. Symantec broken? No problem! Just buy our stuff instead... Based on Sophos' description, they do static analysis at load time for their hips functionality. http://www.sophos.com/pressoffice/news/articles/2006/10/sophos-vista.html
Sounds to me like Sophos has a point, even if its made for marketing purposes. Patchguard, while not stopping the most wily attackers, would stop the rootkits that are available today from being a valid payload. Isnt that worth something? -JP _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Re: Security Vendor Bypasses Microsoft's Vista PatchGuard, (continued)
- Re: Security Vendor Bypasses Microsoft's Vista PatchGuard Blue Boar (Oct 25)
- Re: Security Vendor Bypasses Microsoft's Vista PatchGuard Dude VanWinkle (Oct 25)
- RE: Security Vendor Bypasses Microsoft's Vista PatchGuard Larry Seltzer (Oct 25)
- Re: Security Vendor Bypasses Microsoft's Vista PatchGuard John LaCour (Oct 25)
- RE: Security Vendor Bypasses Microsoft's Vista PatchGuard Larry Seltzer (Oct 25)
- Re: Security Vendor Bypasses Microsoft's Vista PatchGuard Blue Boar (Oct 25)
- Re: Security Vendor Bypasses Microsoft's Vista PatchGuard Drsolly (Oct 25)
- RE: Security Vendor Bypasses Microsoft's Vista PatchGuard Larry Seltzer (Oct 25)
- Re: Security Vendor Bypasses Microsoft's Vista PatchGuard Blue Boar (Oct 25)
- Re: Security Vendor Bypasses Microsoft's Vista PatchGuard Blue Boar (Oct 25)
- Re: Security Vendor Bypasses Microsoft's Vista PatchGuard Dude VanWinkle (Oct 25)
- Re: Security Vendor Bypasses Microsoft's Vista PatchGuard Blue Boar (Oct 25)
- Re: Security Vendor Bypasses Microsoft's Vista PatchGuard Nick FitzGerald (Oct 25)
- Re: Security Vendor Bypasses Microsoft's Vista PatchGuard Dude VanWinkle (Oct 25)
- Re: Security Vendor Bypasses Microsoft's Vista PatchGuard Nick FitzGerald (Oct 25)
- Re: Security Vendor Bypasses Microsoft's Vista PatchGuard Blue Boar (Oct 25)
- Re: Security Vendor Bypasses Microsoft's Vista PatchGuard Ron Bowes (Oct 25)