Re: [Full-Disclosure] Rootkit For Spyware? Hide your adware from all Adware removers and Anti-viruses

From: Harlan Carvey (keydet89_at_yahoo.com)
Date: 09/23/04

  • Next message: Luigi Auriemma: "[Full-Disclosure] Multiple vulnerabilities in ActivePost Standard 3.1"
    To: full-disclosure@lists.netsys.com
    Date: Thu, 23 Sep 2004 10:18:29 -0700 (PDT)
    
    

    > Windows is likely the most susceptible to such an
    > attack due to the
    > limited amount of people that fully understand the
    > kernel and "flow
    > chart" of processes. (Or those that don't put 2 and
    > 2 together, like myself.)

    I realize that this is purely speculation on your
    part, but I'd be careful about saying things like
    this. The reason is that understanding "the kernel
    and flow chart of processes" isn't really the issue.

    As with other computer systems, Windows is susceptible
    to malware/rootkit infections due to poor user and
    administrator practices, lack of management and
    configuration control, etc.

    After all, rootkits were first spawned in *nix
    systems. Even the term "rootkit" comes from the *nix
    world.

    And just out of curiousity, what is the "flow chart of
    processes"? Are you referring to mapping child
    processes back to their parent processes? I ask, b/c
    I'm not familiar with the term. A flow chart is
    generally a graphical depiction of a process, with
    decision points illustrated along the way...and I
    don't see how that relates to processes on a Windows
    system.

    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.netsys.com/full-disclosure-charter.html


  • Next message: Luigi Auriemma: "[Full-Disclosure] Multiple vulnerabilities in ActivePost Standard 3.1"

    Relevant Pages

    • Re: Connect OpenVMS Partner Webcast Recordings and Presentations now available
      ... Supervisor / Executive / Kernel) but didn't know that both LINUX and ... Windows only employed two (Supervisor and User) even though most ... SUPER is used for DCL - shells are not a special case in *nix and Windows like in VMS ...
      (comp.os.vms)
    • Re: Hello Everyone!
      ... Since Vista is a version of MICROS~1 Wintendo and MICROS~1 Wintendo is ... the worst possible operating system on the planet (and most likely in ... Windows on the other hand is a GUI'ed and ... Wintendo also requires regular reboots and its kernel still contains ...
      (comp.os.linux.misc)
    • Re: Hello Everyone!
      ... is the worst possible operating system on the planet (and most likely ... Windows on the other hand is a GUI'ed and ... Wintendo also requires regular reboots and its kernel still contains ...
      (comp.os.linux.misc)
    • EEYE: Windows VDM TIB Local Privilege Escalation
      ... Windows VDM TIB Local Privilege Escalation ... Medium (Local Privilege Escalation to Kernel) ...
      (NT-Bugtraq)
    • [Full-Disclosure] EEYE: Windows VDM TIB Local Privilege Escalation
      ... Windows VDM TIB Local Privilege Escalation ... Medium (Local Privilege Escalation to Kernel) ...
      (Full-Disclosure)