Re: Using only XP's firewall saves resources

From: K. Allard (noreply_at_here.org)
Date: 12/09/03


Date: Tue, 09 Dec 2003 17:14:55 GMT

Jari Lehtonen wrote:

> On Tue, 09 Dec 2003 07:06:00 GMT, "K. Allard" <noreply@here.org>
> wrote:
>
>> But what if you have a trojan and rootkit on your system, and don't
>> know it? A rootkit would replace netstat.exe with a hacked copy that
>> purposely hid the malware from your view.
>>
> I do scan my machine with several AV-produts and occasionally with
> anti-trojans too. I use Ad-Aware Spybit and spywareblaster. If there
> is a trojan on my hard disc it certainly is very cleverly hidden!

By the time you get around to scanning with those things, your private
data has already been sent out. So even if you catch it, the damage has
already been done.

-- 
Trustworthy Computing: You can trust us to continue making money.


Relevant Pages

  • Re: VM Rootkits: The Next Big Threat? (PC Magazine)
    ... Such close relationships with hardware allow the OS to be ... they were trojan backdoored unix binary executables offering ... remote root access to the attacker that installed them. ... actual hardware and the so-called "rootkit" act as the platform for it. ...
    (alt.comp.anti-virus)
  • Re: Rootkit viruses
    ... Alureon is a trojan and is a pseudonym for the TDSS Rootkit. ... Viruses self replicate. ... RootKits are kind of trojan that embed themselves in a very low level of the OS in or around the OS kernel giving themselves "root level" access. ...
    (microsoft.public.windowsxp.general)
  • Re: Sony DRM Rootkit
    ... > Sony, Rootkits and Digital Rights Management Gone Too Far ... "The Register reports on the first trojan using Sony's DRM rootkit. ... reputable business magazing requesting that the businessperson verify ...
    (alt.computer.security)
  • Rootkit or trojan
    ... Okay I am wondering if anyone has seen a rootkit or trojan with the ... /usr/bin/xntpx was created this program seems to be some icmp utility, ...
    (Incidents)
  • Re: hacktool.rootkit HELP
    ... also real time scanning. ... Once malware is active it has the potential to smack ... but may not if there's a rootkit altering the behavior ...
    (microsoft.public.security.virus)