Re: Unable change firewall settings




"Chappy" <Chappy@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message news:F0DB430D-0F4E-41DD-9B31-E3EDCCC14998@xxxxxxxxxxxxxxxx

Mr Arnold

I'm a HijackThis teacher and an Independent Malware tester for new & unknown
varients.
I was awarded a Lifetime membership to Virus Bulletin for my work. In case
you don't know what Virus Bulletin is...well, if you don't know then that
says it all about your security knowledge.

Ooo we, I am happy for you.

I have personally tested and written solutions for over 1000 Windows
Security Vulnerabilities. I currently have over 750 Trojans and Virus in my
testbed machine that I've fully decompiled and written signature files
for...what's your security experience? Running an AV scan weekly?
I also was a Beta tester for Eset with their Eset Security suite (Firewall
mostly), and Comodo V3 Firewall for 64bit.

I am happy for you.

Before you go shooting your wad again, maybe you should stop & think that
there are True security experts out there.

I don't think you're one off them, and if you must show your wares, then I think I could beat you if I choose to do so.

And I am a programmer, and I have been doing it since 1980, and I came to the MS platform in 1996. Everything you're talking about, I could probably beat it. All it takes is the user with the happy fingers that will point and click on everything under Sun, which is not that hard to do.

http://www.foxnews.com/story/0,2933,274314,00.html

Detection software using signature files must know about the signature that it must detect. If the signature is unknown, then the signature file is useless on zero day exploits. And on top of that, a serious malware threat is going to hide itself and most likely have itself hosted by a legitimate process running on the machine such as SVChost.exe or DLLhost.exe.

I had a poster come into the FW and Security NG talking about the small company she was consulting at had an exploit running on the MS O/S Small Business server that was affecting IIS that circumvented all that stuff you're talking about, which even the experts were indicating to toss at it, and she tossed the kitchen sink at it and could find nothing. I gave her the proper tools and showed her how to find the exploit when even the security experts in the NG couldn't do it, which was because of my programming expertise that I could help her.

It was due to the knowledge I passed on how to find it, and the ability to use the proper tools and go look.

<http://www.windowsecurity.com/articles/Hidden_Backdoors_Trojan_Horses_and_Rootkit_Tools_in_a_Windows_Environment.html>

But if I had known what I do now, I would just told her to flatten the drive. If the O/S can be fooled then anything that runs with the O/S like detection software that you're harping about can be fooled to with exploits still left undetected on the machine.

http://technet.microsoft.com/en-us/library/cc512587.aspx

I use Eset, and if you have anything to do with Eset, then I might be kicking Eset to the curb and finding something else.



.