Penetration Testing mailing list archives
RE: [lists] Re: Rootkits
From: "Curt Purdy" <purdy () tecman com>
Date: Fri, 10 Mar 2006 07:21:44 -0500
Better yet, install SuSE Linux, VMWare GSX Server, various Windoze virtual machines on a dual-proc, dual-core AMD Opteron w/16gb RAM, turn the worm lose on your virtual lab, and watch the fun. Then throw everything away and restore from you Acronis True-Image Server backup and you are back up and running in less than hour. A side benefit is when Windoze blue-screens like it inevitably will, just throw it away and restore from Acronis, and you are back up in 10-15 minutes. Have not had to re-install Windoze for three years. Curt Purdy CISSP, GSNA, GSEC, CNE, MCSE+I, CCDA Information Security Officer If you spend more on coffee than on IT security, you will be hacked. What's more, you deserve to be hacked. -- former White House cybersecurity czar Richard Clarke
-----Original Message----- From: Max [mailto:Reply.to.list () acme com] Sent: Wednesday, March 08, 2006 6:20 AM Cc: pen-test () securityfocus com Subject: [lists] Re: Rootkits 1. Ghost your machine 2. Do your thing with the rootkit 3. Restore your machine. That's the safest and easiest way M@x Craig Wright wrote:"I'd appreciate it if you could also point out resources toeliminate them completely."So would a lot of people - not possible or at least not feasible. Regards, Craig -----Original Message----- From: ankur jindal [mailto:ankurjn113 () hotmail com] Sent: Wed 8/03/2006 1:25 PM To: pen-test () securityfocus com Cc: Subject: Rootkits Liability limited by a scheme approved under ProfessionalStandards Legislation in respect of matters arising within those States and Territories of Australia where such legislation exists.DISCLAIMER The information contained in this email and any attachmentsis confidential. If you are not the intended recipient, you must not use or disclose the information. If you have received this email in error, please inform us promptly by reply email or by telephoning +61 2 9286 5555. Please delete the email and destroy any printed copy.Any views expressed in this message are those of theindividual sender. You may not rely on this message as advice unless it has been electronically signed by a Partner of BDO or it is subsequently confirmed by letter or fax signed by a Partner of BDO.BDO accepts no liability for any damage caused by thisemail or its attachments due to viruses, interference, interception, corruption or unauthorised access.-------------------------------------------------------------- ---------------- This List Sponsored by: Cenzic Concerned about Web Application Security? As attacks through web applications continue to rise, you need to proactively protect your applications from hackers. Cenzic has the most comprehensive solutions to meet your application security penetration testing and vulnerability management needs. You have an option to go with a managed service (Cenzic ClickToSecure) or an enterprise software (Cenzic Hailstorm). Download FREE whitepaper on how a managed service can help you: http://www.cenzic.com/news_events/wpappsec.php And, now for a limited time we can do a FREE audit for you to confirm your results from other product. Contact us at request () cenzic com -------------------------------------------------------------- ----------------
------------------------------------------------------------------------------ This List Sponsored by: Cenzic Concerned about Web Application Security? As attacks through web applications continue to rise, you need to proactively protect your applications from hackers. Cenzic has the most comprehensive solutions to meet your application security penetration testing and vulnerability management needs. You have an option to go with a managed service (Cenzic ClickToSecure) or an enterprise software (Cenzic Hailstorm). Download FREE whitepaper on how a managed service can help you: http://www.cenzic.com/news_events/wpappsec.php And, now for a limited time we can do a FREE audit for you to confirm your results from other product. Contact us at request () cenzic com ------------------------------------------------------------------------------
Current thread:
- Rootkits ankur jindal (Mar 08)
- Re: Rootkits Ivan . (Mar 08)
- Re: Rootkits Dotzero (Mar 08)
- RE: Rootkits Sahir Hidayatullah (Mar 08)
- <Possible follow-ups>
- RE: Rootkits Craig Wright (Mar 08)
- Re: Rootkits Max (Mar 08)
- Message not available
- Re: Rootkits Idan Deshe (Mar 09)
- Re: Rootkits Bojan Zdrnja (Mar 09)
- Re: Rootkits circut (Mar 09)
- Re: Rootkits Max (Mar 08)
- RE: [lists] Re: Rootkits Curt Purdy (Mar 10)
- Re: Rootkits Pablo Fernandez (Mar 08)
- RE: Rootkits Adrian Floarea (Mar 09)