funsec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: ram scraper

From: The Security Community <thesecuritycommunity () gmail com>
Date: Thu, 10 Dec 2009 12:34:23 -0500
Considering "...The RAM scraper dumped the contents of the server’s
live memory into a file named dumper.dll in the Windows system
subdirectories..." it (the scraper) must have had at least local admin
access, if not system access, in order to write a file there (unless
security was thoroughly hosed on the system in the first place).

Wouldn't simply zeroing out the buffer that held the data mitigate
something like this?  Is that too easy?  I know security-savvy
programmers are rare but it seems like an easy win.

On Thu, Dec 10, 2009 at 11:17 AM, RandallM <randallm () fidmail com> wrote:

what is the types of processes to protect from RAM pilfering? I have to
admit I never thought this one.

http://www.theregister.co.uk/2009/12/09/ram_scraper_credit_card_theft/

--
been great, thanks
a.k.a System

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.



_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.
Previous By Date Next
Previous By Thread Next

Current thread: