Re: stupid question again

[Randall M <randallm () fidmail com>]

From: Randy

It's an iPhone Thang!

On Dec 11, 2009, at 9:26 PM, Tim <tim-security () sentinelchicken org>  
wrote:

> > i am so sorry. I just don't understand this. Computer is infected.  
> > user has
> > DNS redirects to any and all site for help. Why can't the good guys  
> > use some
> > type of fast flux or url obfuscation to hide help standalone  
> > software to
> > down load and use? you know, maybe I am just so damn ignorant that  
> > what I
> > think is a simple idea to use for Mcafee, F-secure and such to  
> > offer help is
> > why its not used. I mean really, bad guys hide C&C and download  
> > server
> > through such means, why can't the good guys? Someone just get right  
> > down and
> > explain this crap to me. I am so adamant that this type of idea,  
> > though not
> > fully fool proof, can't work.
>
>
> Hi RandallM,
>
> The answer is:  Once you're infected, you shouldn't be trying to clean
> things.  Reinstall.
>
> Need files off of that box first?  Mount the drive under another OS,
> or better yet, use the sleuthkit to get them off.
>
> cheers,
> tim


Tim!!!!!!!

NO!! Not the answer. Average user won't and don't know how and usually  
don't recieve install disks

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/