On Thu, 24 Dec 2015 01:26:53 AM Douglas Ray via luv-main wrote: > We have a PC with firmware malware on - at least - both DVDs.
Do you have a reference for DVD firmware malware? > I don't know if it's worth recovering the system, but I definitely > want to find diagnostics for identifying infections and vectors > on the rest of the LAN. > > Booting a DVD live-image of ubuntu, invocations of > firefox are intercepted and come up as "JON recovery system" > or some such. The attack vector may have been the old XP > system on the harddrive, but equally it may have been one > of the ubuntu images. A google search on "JON recovery system" gives results about corrupted routers from D-Link. Apparently if your firmware is corrupted in such a router it will give you a "JON recovery system" web page to allow you to fix things. Why would someone go to the immense effort of creating malware that can either intercept filesystem access to give a different version of the application files or modify the OS kernel to change the application in memory and then do something obvious like give a bogus web site? Are you sure your dlink router isn't broken? -- My Main Blog http://etbe.coker.com.au/ My Documents Blog http://doc.coker.com.au/ _______________________________________________ luv-main mailing list [email protected] http://lists.luv.asn.au/listinfo/luv-main
