Considering "...The RAM scraper dumped the contents of the server’s live memory into a file named dumper.dll in the Windows system subdirectories..." it (the scraper) must have had at least local admin access, if not system access, in order to write a file there (unless security was thoroughly hosed on the system in the first place).
Wouldn't simply zeroing out the buffer that held the data mitigate something like this? Is that too easy? I know security-savvy programmers are rare but it seems like an easy win. On Thu, Dec 10, 2009 at 11:17 AM, RandallM <[email protected]> wrote: > what is the types of processes to protect from RAM pilfering? I have to > admit I never thought this one. > > http://www.theregister.co.uk/2009/12/09/ram_scraper_credit_card_theft/ > > -- > been great, thanks > a.k.a System > > _______________________________________________ > Fun and Misc security discussion for OT posts. > https://linuxbox.org/cgi-bin/mailman/listinfo/funsec > Note: funsec is a public and open mailing list. > _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
