Re: [Full-Disclosure] Rootkit For Spyware? Hide your adware from all Adware removers and Anti-viruses

From: Harlan Carvey (keydet89_at_yahoo.com)
Date: 09/23/04

  • Next message: Luigi Auriemma: "[Full-Disclosure] Multiple vulnerabilities in ActivePost Standard 3.1"
    To: full-disclosure@lists.netsys.com
    Date: Thu, 23 Sep 2004 10:18:29 -0700 (PDT)
    
    

    > Windows is likely the most susceptible to such an
    > attack due to the
    > limited amount of people that fully understand the
    > kernel and "flow
    > chart" of processes. (Or those that don't put 2 and
    > 2 together, like myself.)

    I realize that this is purely speculation on your
    part, but I'd be careful about saying things like
    this. The reason is that understanding "the kernel
    and flow chart of processes" isn't really the issue.

    As with other computer systems, Windows is susceptible
    to malware/rootkit infections due to poor user and
    administrator practices, lack of management and
    configuration control, etc.

    After all, rootkits were first spawned in *nix
    systems. Even the term "rootkit" comes from the *nix
    world.

    And just out of curiousity, what is the "flow chart of
    processes"? Are you referring to mapping child
    processes back to their parent processes? I ask, b/c
    I'm not familiar with the term. A flow chart is
    generally a graphical depiction of a process, with
    decision points illustrated along the way...and I
    don't see how that relates to processes on a Windows
    system.

    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.netsys.com/full-disclosure-charter.html


  • Next message: Luigi Auriemma: "[Full-Disclosure] Multiple vulnerabilities in ActivePost Standard 3.1"