LOL! Don't think so.
Duncan
On 05/27/2011 21:43, [email protected] wrote:
Duncan, your next pc will be a mac that only gets the MacApp store, so apple
can lock out all other means of installing applications.
Sent via BlackBerry by AT&T
-----Original Message-----
From: DSinc<[email protected]>
Sender: [email protected]
Date: Fri, 27 May 2011 21:42:35
To:<[email protected]>
Reply-To: [email protected]
Subject: Re: [H] TrojanDownloader:Win32.Mesmer.A - writeup
Soren,
Nice share. But, still you continue to paint a very bleak picture.
I'd like to think I have some grasp of this, but, I do not.
I feel incapable of constructing most of your suggestions.
Any/all reformats suck! I get this one.
Again, nice share........ :)
If I was much smarter, I might suspect that you might be a
Gray-Hat sorta folk. JMHO.
Live well. You scare me.
Duncan
On 05/28/2011 03:14, Soren wrote:
Hello,
A few words about the effects of virus infections.
First, the viruses of today very often contain hidden backdoors.
Back in 'the good old days', a virus was terminated completely by a
reformat. Not so anymore, unfortunately. These days, a complete HDD
wipe is mandatory.
Please, beware that the wipe schemes in proggies like dBan, and so
forth, only follows a wipe standard that conforms to portable media,
like USB pendrives. The Gutman 35x wipe is still the only secure wipe
of a HDD. Also, the drive has to be connected directly to a HDD
controller, and not only via USB. Always check drive situation with
fdisk.
Today most vira also contains either a rootkit or a backdoor trojan,
or both. Say hello to exploits of the NTFS/ext3+ secondary data
streams in combination with Hyper Threading (that transport excactly
secondary data streams). An almost ideal environment for a virus
programmer.
A *very* good way to avoid most Windows vira, is to set up a *nix
gateway containing a web proxy. This form of gateway will filter out
about 95-99 pct. of all Windows malware, vira, rootkits, and other
unwanted stuff. Some *nix gateways also include an option for a full
IPS (Intrusion Prevention System), if one has the hardware to match.
The system for installing such an appliance, is very much one of the
cheap Atom solutions, with Hyper Threading DISabled, that is. There's
still a few Asus/AsRock boards with both ATA and SATA available
(future upgrades), and with a built-in GPU, NIC, and two different
controllers, all for the price of a 4GB RAM stick...
Some of these appliances can run from an SD card (mechanical write
protection!), or from a USB pendrive, even as boot. This enables a
fairly noisefree environment, if combined with a mini-itx case with a
passive PSU - a US company produces some pretty awsome passive PSU's.
hth
