Brian Eckman <[EMAIL PROTECTED]> wrote: > What is a secure environment? If it was a secure environment, the > machine would not have been compromised. Period.
As we all know nothing is 100% secure, so it can be compromised if in a high secure environment or not. > That might be a threat for those still running Office 97 or earlier. > Unless it's a signed macro from a trusted source. Unless I'm missing > something, Macros haven't been much of a threat since Office 2000 came > out (That was roughly four years ago if you aren't counting). That was one of a million possible ways for the attacker to modify any data to become malicious in a way or two. > Regardless, is anyone reading Microsoft Word docs using Microsoft Office > on a system that is *that* critical that you absolutely cannot risk it > getting compromised again regardless of cost? If so, perhaps you need to > keep that machine off of a network. If the compromised box was for example a FTP-Server holding many .doc, .mped, .avi,... files? The attacker could made the trojan general, so any workstation that will execute any of the "backup" files could get compromised. > For example, if it would take hundreds of hours to check the integrity > of all of the data or recreate it, that had better be one mission > critical database we're talking about, or else anybody in their right > mind won't think twice about accepting the risk of copying that data > back where it came from. Security isn't always ideal circumstances. Your > company still needs to make a profit. I agree. I did not claim this to be possible for every environment. -- Gino Thomas | mailto: [EMAIL PROTECTED] | http://nux-acid.org GPG: E6EA9145 | 4578 F871 893E 1FEC 31FC 5B5E 8A46 4CC8 E6EA 9145 _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
