funsec mailing list archives
Re: ram scraper
From: The Security Community <thesecuritycommunity () gmail com>
Date: Thu, 10 Dec 2009 12:34:23 -0500
Considering "...The RAM scraper dumped the contents of the server’s live memory into a file named dumper.dll in the Windows system subdirectories..." it (the scraper) must have had at least local admin access, if not system access, in order to write a file there (unless security was thoroughly hosed on the system in the first place). Wouldn't simply zeroing out the buffer that held the data mitigate something like this? Is that too easy? I know security-savvy programmers are rare but it seems like an easy win. On Thu, Dec 10, 2009 at 11:17 AM, RandallM <randallm () fidmail com> wrote:
what is the types of processes to protect from RAM pilfering? I have to admit I never thought this one. http://www.theregister.co.uk/2009/12/09/ram_scraper_credit_card_theft/ -- been great, thanks a.k.a System _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- ram scraper RandallM (Dec 10)
- Re: ram scraper Valdis . Kletnieks (Dec 10)
- Re: ram scraper Larry Seltzer (Dec 10)
- Re: ram scraper RandallM (Dec 10)
- Re: ram scraper The Security Community (Dec 10)
- Re: ram scraper Michael Collins (Dec 10)
- Re: ram scraper Larry Seltzer (Dec 10)
- Re: ram scraper The Security Community (Dec 10)
- Re: ram scraper Young, Keith (Dec 10)
- Re: ram scraper Valdis . Kletnieks (Dec 10)