IPS and Sony BMG Root Kit

From: Genjii (genjii_at_gmail.com)
Date: 11/25/05

  • Next message: Alex Krycek: "Re: Sans GIAC GSEC exam"
    Date: Fri, 25 Nov 2005 10:49:17 +0900
    To: security-basics@securityfocus.com

    Does anyone have any factual reports of any host based IPS
    detecting/preventing the Sony BMG rootkit before it was widely known?

  • Next message: Alex Krycek: "Re: Sans GIAC GSEC exam"

    Relevant Pages

    • Re: Change SSH port? why does this seem to be safer?
      ... >> I also run portsentry, which blocks out IPs that try to do port scans. ... >> Once a host has scanned a few ports, that host gets added to my ... reason to take interest in it. ...
    • Re: DNS port flooding
      ... implemented some very basic ACLs to block the offending IPs as they hit us. ... I've blocked 6 or 8 IPs now and am looking for a better long term solution. ... access-list 101 deny udp host x.x.x.x any eq domain ...
    • Re: Butterball Blobbie (Righturdia, Middle School Wanker, Suckular Subhuman) gets Buster-BUSTED
      ... Host: newsfeed.aioe.org ... No, RETARD, all THREE are REGISTERED in the Netherlands. ... Aioe.org stuffs ONE of their server IPs into EVERY usenet ... User (poster) IPs are in the ...
    • Re: host-based ips ?
      ... a good host based IPS need a secureOS to support it. ... a frame work named LSMis very useful to implement a secure Linux OS which already in kernel 2.5.x. ... > LIDS secure linux kernel ...
    • Re: host-based ips ?
      ... > host based ips. ... General solutions are often easier on a host than the traditional ... "detect and stop known attack" of the Network IPS world. ... INTRUSION PREVENTION: READY FOR PRIME TIME? ...