Fw: Is it still good practice to reinstall everything after you are owned?

2017-11-03 Thread rooty 
Domain name:
cock.li

Holder of domain name:
Vincent Canfield
18 Monroe St
US-04330 Augusta
United States

Technical contact:
Vincent Canfield
18 Monroe St
US-04330 Augusta
United States

Registrar:
INWX AG

First registration date:
2003-12-26

DNSSEC:N

Name servers:
ns1.cock.li [185.10.68.10]
ns2.cock.li [198.167.223.92]

root@kali:~# whois nigge.rs
%
%This is the RNIDS Whois server.
%
% Date Format : DD.MM.
% Whois Server Version: 1.0.0
%
% Rights restricted by copyright.
% See http://www.rnids.rs/whois_en
%
%
%
% Ovo je odgovor od RNIDS Whois servera.
%
% Format datuma : DD.MM.
% Verzija Whois Servera : 1.0.0
%
% Sva prava zadrana. Za vie informacija.
% pogledajte http://www.rnids.rs/whois_s

 Original Message 
On Nov 2, 2017, 5:13 PM, rooty wrote:

>>  Original Message 
>> Subject: Is it still good practice to reinstall everything after you are 
>> owned?
>> Local Time: November 1, 2017 2:52 PM
>> UTC Time: November 1, 2017 9:52 PM
>> From: ro...@nigge.rs
>> To: cypherpunks@lists.cpunks.org, ad...@pilobilus.net
>>
>>> Steve Kinney admin at pilobilus.net
>>> Wed Nov 1 13:58:03 PDT 2017
>>
>>> User refusal is the principal barrier
>>> to security
>>
>> Bullshit.
>> User knowledge is.
>> And you don't seem to know much.
>>
>>> clueless lusers
>>
>> This shit attitude affirms my claim.
>>
>>> network security
>>
>> There is no such thing. This is an oxymoron.
>> You are familiar with the purpose of the internet.
>>
>>> threat model
>>> cost
>>
>> "I ain't doin' nuffin' worf loogin' at, sheeeit."
>> Useless.
>
> Summary
> 
> Emails   94
> Names18
> Hosts2
> Registered Domains   15
> Squatting5
> Subdomains   2
>
> Emails (94)
> 
> 556...@nigge.rs
> 566...@nigge.rs
> 6...@nigge.rs
> ap...@nigge.rs
> avesa...@nigge.rs
> ayyteamha...@nigge.rs
> aza...@nigge.rs
> b1n...@nigge.rs
> badfracti...@nigge.rs
> banan1...@nigge.rs
> b...@nigge.rs
> basketballameric...@nigge.rs
> b...@nigge.rs
> bigm...@nigge.rs
> bin...@nigge.rs
> bj...@nigge.rs
> bles...@nigge.rs
> canc...@nigge.rs
> c...@nigge.rs
> c...@nigge.rs
> co...@nigge.rs
> cont...@nigge.rs
> cr...@nigge.rs
> cybercrimi...@nigge.rs
> dasr...@nigge.rs
> da...@nigge.rs
> d...@nigge.rs
> d...@nigge.rs
> doxia...@nigge.rs
> drl...@nigge.rs
> edmck...@nigge.rs
> flare...@nigge.rs
> fuck...@nigge.rs
> g...@nigge.rs
> gojifrie...@nigge.rs
> greym...@nigge.rs
> hazelw...@nigge.rs
> he...@nigge.rs
> hitlerdidnothingwr...@nigge.rs
> id...@nigge.rs
> ily...@nigge.rs
> j3...@nigge.rs
> jer...@nigge.rs
> j...@nigge.rs
> justthisguyyouk...@nigge.rs
> kcr...@nigge.rs
> loli...@nigge.rs
> loli...@nigge.rs
> l...@nigge.rs
> m...@nigge.rs
> mar...@nigge.rs
> maxi...@nigge.rs
> mi...@nigge.rs
> mugg...@nigge.rs
> m...@nigge.rs
> na...@nigge.rs
> n...@nigge.rs
> no...@nigge.rs
> n...@nigge.rs
> noxaete...@nigge.rs
> nul...@nigge.rs
> oldblowto...@nigge.rs
> opisafaggot...@nigge.rs
> outofaw...@nigge.rs
> p...@nigge.rs
> peac...@nigge.rs
> pep...@nigge.rs
> p...@nigge.rs
> pissben...@nigge.rs
> pozmynegh...@nigge.rs
> retr0gr...@nigge.rs
> rznb...@nigge.rs
> seeked...@nigge.rs
> sin...@nigge.rs
> skiddied...@nigge.rs
> sla...@nigge.rs
> snig...@nigge.rs
> s...@nigge.rs
> stre...@nigge.rs
> sy...@nigge.rs
> thecook1...@nigge.rs
> th...@nigge.rs
> tjprivatem...@nigge.rs
> tom...@nigge.rs
> tort...@nigge.rs
> trackyoud...@nigge.rs
> tsum...@nigge.rs
> va...@nigge.rs
> vipqual...@nigge.rs
> whi...@nigge.rs
> wo...@nigge.rs
> woofwo...@nigge.rs
> x...@nigge.rs
> y...@nigge.rs
>
> Names (18)
> ==
> Carranza Adrian
> DeathNiko
> Elam Leah
> GoeringerDon
> HazelwoodGino
> Hungus   Karl
> Kokoko   Koko
> Master   Slave
> McKean   Ed
> Musterrdman  Max
> Nation   Savage
> Neghole  Pozzy
> PirloJose
> Pocket   Nigger
> Riccoche Jake
> SmokeBig
> Viviano  Tom
> Williams Denecia
>
> Hosts (2)
> 
> 52.216.226.114
> 185.100.85.212
>
> Registered Domains (15)
> ===

Fw: Re: Is it still good practice to reinstall everything after you are owned?

2017-11-02 Thread rooty 
[nigge.png]

>  Original Message 
> Subject: Re: Is it still good practice to reinstall everything after you are 
> owned?
> Local Time: November 2, 2017 5:13 PM
> UTC Time: November 3, 2017 12:13 AM
> From: arpsp...@protonmail.com
> To: cypherpunks@lists.cpunks.org <cypherpunks@lists.cpunks.org>
>
>>  Original Message ----
>> Subject: Is it still good practice to reinstall everything after you are 
>> owned?
>> Local Time: November 1, 2017 2:52 PM
>> UTC Time: November 1, 2017 9:52 PM
>> From: ro...@nigge.rs
>> To: cypherpunks@lists.cpunks.org, ad...@pilobilus.net
>>
>>> Steve Kinney admin at pilobilus.net
>>> Wed Nov 1 13:58:03 PDT 2017
>>
>>> User refusal is the principal barrier
>>> to security
>>
>> Bullshit.
>> User knowledge is.
>> And you don't seem to know much.
>>
>>> clueless lusers
>>
>> This shit attitude affirms my claim.
>>
>>> network security
>>
>> There is no such thing. This is an oxymoron.
>> You are familiar with the purpose of the internet.
>>
>>> threat model
>>> cost
>>
>> "I ain't doin' nuffin' worf loogin' at, sheeeit."
>> Useless.
>
> Summary
> 
> Emails   94
> Names18
> Hosts2
> Registered Domains   15
> Squatting5
> Subdomains   2
>
> Emails (94)
> 
> 556...@nigge.rs
> 566...@nigge.rs
> 6...@nigge.rs
> ap...@nigge.rs
> avesa...@nigge.rs
> ayyteamha...@nigge.rs
> aza...@nigge.rs
> b1n...@nigge.rs
> badfracti...@nigge.rs
> banan1...@nigge.rs
> b...@nigge.rs
> basketballameric...@nigge.rs
> b...@nigge.rs
> bigm...@nigge.rs
> bin...@nigge.rs
> bj...@nigge.rs
> bles...@nigge.rs
> canc...@nigge.rs
> c...@nigge.rs
> c...@nigge.rs
> co...@nigge.rs
> cont...@nigge.rs
> cr...@nigge.rs
> cybercrimi...@nigge.rs
> dasr...@nigge.rs
> da...@nigge.rs
> d...@nigge.rs
> d...@nigge.rs
> doxia...@nigge.rs
> drl...@nigge.rs
> edmck...@nigge.rs
> flare...@nigge.rs
> fuck...@nigge.rs
> g...@nigge.rs
> gojifrie...@nigge.rs
> greym...@nigge.rs
> hazelw...@nigge.rs
> he...@nigge.rs
> hitlerdidnothingwr...@nigge.rs
> id...@nigge.rs
> ily...@nigge.rs
> j3...@nigge.rs
> jer...@nigge.rs
> j...@nigge.rs
> justthisguyyouk...@nigge.rs
> kcr...@nigge.rs
> loli...@nigge.rs
> loli...@nigge.rs
> l...@nigge.rs
> m...@nigge.rs
> mar...@nigge.rs
> maxi...@nigge.rs
> mi...@nigge.rs
> mugg...@nigge.rs
> m...@nigge.rs
> na...@nigge.rs
> n...@nigge.rs
> no...@nigge.rs
> n...@nigge.rs
> noxaete...@nigge.rs
> nul...@nigge.rs
> oldblowto...@nigge.rs
> opisafaggot...@nigge.rs
> outofaw...@nigge.rs
> p...@nigge.rs
> peac...@nigge.rs
> pep...@nigge.rs
> p...@nigge.rs
> pissben...@nigge.rs
> pozmynegh...@nigge.rs
> retr0gr...@nigge.rs
> rznb...@nigge.rs
> seeked...@nigge.rs
> sin...@nigge.rs
> skiddied...@nigge.rs
> sla...@nigge.rs
> snig...@nigge.rs
> s...@nigge.rs
> stre...@nigge.rs
> sy...@nigge.rs
> thecook1...@nigge.rs
> th...@nigge.rs
> tjprivatem...@nigge.rs
> tom...@nigge.rs
> tort...@nigge.rs
> trackyoud...@nigge.rs
> tsum...@nigge.rs
> va...@nigge.rs
> vipqual...@nigge.rs
> whi...@nigge.rs
> wo...@nigge.rs
> woofwo...@nigge.rs
> x...@nigge.rs
> y...@nigge.rs
>
> Names (18)
> ==
> Carranza Adrian
> DeathNiko
> Elam Leah
> GoeringerDon
> HazelwoodGino
> Hungus   Karl
> Kokoko   Koko
> Master   Slave
> McKean   Ed
> Musterrdman  Max
> Nation   Savage
> Neghole  Pozzy
> PirloJose
> Pocket   Nigger
> Riccoche Jake
> SmokeBig
> Viviano  Tom
> Williams Denecia
>
> Hosts (2)
> 
> 52.216.226.114
> 185.100.85.212
>
> Registered Domains (15)
> ==
> DomainIP Address   Registration EmailRegistration Org 
>  Registrar
> 4check.info   93.170.104.242   author...@nigge.rsJapan consulting 
> INC  PDR Ltd. d/b/a PublicDomainRegistry.com
> 4flowers.biz   author...@nigge.rsJapan consulting 
> INC  PDR Ltd. d/b/a PublicDomainRegistry.com
> authorize.asia

Re: Is it still good practice to reinstall everything after you are owned?

2017-11-02 Thread rooty 
>  Original Message 
> Subject: Is it still good practice to reinstall everything after you are 
> owned?
> Local Time: November 1, 2017 2:52 PM
> UTC Time: November 1, 2017 9:52 PM
> From: ro...@nigge.rs
> To: cypherpunks@lists.cpunks.org, ad...@pilobilus.net
>
>> Steve Kinney admin at pilobilus.net
>> Wed Nov 1 13:58:03 PDT 2017
>
>> User refusal is the principal barrier
>> to security
>
> Bullshit.
> User knowledge is.
> And you don't seem to know much.
>
>> clueless lusers
>
> This shit attitude affirms my claim.
>
>> network security
>
> There is no such thing. This is an oxymoron.
> You are familiar with the purpose of the internet.
>
>> threat model
>> cost
>
> "I ain't doin' nuffin' worf loogin' at, sheeeit."
> Useless.

Summary

Emails   94
Names18
Hosts2
Registered Domains   15
Squatting5
Subdomains   2

Emails (94)

556...@nigge.rs
566...@nigge.rs
6...@nigge.rs
ap...@nigge.rs
avesa...@nigge.rs
ayyteamha...@nigge.rs
aza...@nigge.rs
b1n...@nigge.rs
badfracti...@nigge.rs
banan1...@nigge.rs
b...@nigge.rs
basketballameric...@nigge.rs
b...@nigge.rs
bigm...@nigge.rs
bin...@nigge.rs
bj...@nigge.rs
bles...@nigge.rs
canc...@nigge.rs
c...@nigge.rs
c...@nigge.rs
co...@nigge.rs
cont...@nigge.rs
cr...@nigge.rs
cybercrimi...@nigge.rs
dasr...@nigge.rs
da...@nigge.rs
d...@nigge.rs
d...@nigge.rs
doxia...@nigge.rs
drl...@nigge.rs
edmck...@nigge.rs
flare...@nigge.rs
fuck...@nigge.rs
g...@nigge.rs
gojifrie...@nigge.rs
greym...@nigge.rs
hazelw...@nigge.rs
he...@nigge.rs
hitlerdidnothingwr...@nigge.rs
id...@nigge.rs
ily...@nigge.rs
j3...@nigge.rs
jer...@nigge.rs
j...@nigge.rs
justthisguyyouk...@nigge.rs
kcr...@nigge.rs
loli...@nigge.rs
loli...@nigge.rs
l...@nigge.rs
m...@nigge.rs
mar...@nigge.rs
maxi...@nigge.rs
mi...@nigge.rs
mugg...@nigge.rs
m...@nigge.rs
na...@nigge.rs
n...@nigge.rs
no...@nigge.rs
n...@nigge.rs
noxaete...@nigge.rs
nul...@nigge.rs
oldblowto...@nigge.rs
opisafaggot...@nigge.rs
outofaw...@nigge.rs
p...@nigge.rs
peac...@nigge.rs
pep...@nigge.rs
p...@nigge.rs
pissben...@nigge.rs
pozmynegh...@nigge.rs
retr0gr...@nigge.rs
rznb...@nigge.rs
seeked...@nigge.rs
sin...@nigge.rs
skiddied...@nigge.rs
sla...@nigge.rs
snig...@nigge.rs
s...@nigge.rs
stre...@nigge.rs
sy...@nigge.rs
thecook1...@nigge.rs
th...@nigge.rs
tjprivatem...@nigge.rs
tom...@nigge.rs
tort...@nigge.rs
trackyoud...@nigge.rs
tsum...@nigge.rs
va...@nigge.rs
vipqual...@nigge.rs
whi...@nigge.rs
wo...@nigge.rs
woofwo...@nigge.rs
x...@nigge.rs
y...@nigge.rs

Names (18)
==
Carranza Adrian
DeathNiko
Elam Leah
GoeringerDon
HazelwoodGino
Hungus   Karl
Kokoko   Koko
Master   Slave
McKean   Ed
Musterrdman  Max
Nation   Savage
Neghole  Pozzy
PirloJose
Pocket   Nigger
Riccoche Jake
SmokeBig
Viviano  Tom
Williams Denecia

Hosts (2)

52.216.226.114
185.100.85.212

Registered Domains (15)
==
DomainIP Address   Registration EmailRegistration Org   
   Registrar
4check.info   93.170.104.242   author...@nigge.rsJapan consulting 
INC  PDR Ltd. d/b/a PublicDomainRegistry.com
4flowers.biz   author...@nigge.rsJapan consulting 
INC  PDR Ltd. d/b/a PublicDomainRegistry.com
authorize.asia93.170.104.33author...@nigge.rsJapan consulting 
INC  PDR Ltd. d/b/a PublicDomainRegistry.com
btrees.xyz
cemil.work
cosmicexe.xyz 104.31.86.93
degenerate.pics   164.132.190.162  riotga...@nigge.rsJoseph is a Cuck 
LLC  PDR Ltd.
embryo.gdn
ferdzo.xyz
kiffpaff.com  104.24.102.105   3179...@privacy-link.com 
   Uniregistrar Corp
nov8th.us 198.54.117.212   dankwebmas...@nigge.rs   
   NameCheap Inc.
regdesu.xyz   31.25.72.189
skullgrabber.xyz
swatted.us162.255.119.123  n...@nigge.rs
NameCheap Inc.
zura.gdn

Squatting (5)
==
Missing Dot   niggers.com  98.124.199.54  United States
Wrong TLD nigge.ch 213.239.208.18 Germany
mail.nigge.ch
Wrong TLD nigge.com81.169.145.157 Germany
smtp.rzone.de
Wrong TLD nigge.de 81.169.145.78  Germany
smtpin.rzone.de
Wrong TLD nigge.net89.107.184.60  Germany
mail.nigge.net

Subdomain

Is it still good practice to reinstall everything after you are owned?

2017-11-01 Thread How Rude ! 
> Steve Kinney admin at pilobilus.net
> Wed Nov 1 13:58:03 PDT 2017
>

> User refusal is the principal barrier
> to security
>

Bullshit.
User knowledge is.
And you don't seem to know much.

> clueless lusers
>

This shit attitude affirms my claim.

> network security
>

There is no such thing.  This is an oxymoron.
You are familiar with the purpose of the internet.

> threat model
> cost
>

"I ain't doin' nuffin' worf loogin' at, sheeeit."
Useless.

Re: Is it still good practice to reinstall everything after you are owned?

2017-11-01 Thread Steve Kinney 
On 11/01/2017 02:56 PM, How Rude ! wrote:

> Also:
> blackhat.com/eu-17/briefings/schedule/#how-to-hack-a-turned-off-computer-or-running-unsigned-code-in-intel-management-engine-8668
> 
> JS;DR:
> All computers are fucked.

Now that's music to every clueless luser's ears:  "Don't waste a moment
of time or give up an inch of convenience for security, because there is
no such thing as security."  Not only does this justify the lusers'
categorical refusal to spend a moment of time or give up an inch of
convenience, it also assures them that they are /smarter/ than people
who do give a damn about network security.

Whether any given computer is fucked on a given day depends on many
factors.  Network security begins with a threat model:  Who might want
to steal or destroy your data, what resources do they have, and if an
adversary is successful what do you stand to lose?  Next look at the
methods for locking those particular adversaries out, and the cost in $$
and time for doing so:  Compare the price of a solid defense to the
value of what you are defending:  When it costs more to defend an asset
than it is worth, you lose.  When it costs less to defend an asset than
it is worth, you win.

It is almost always orders of magnitude easier and cheaper to defend a
computer than to attack one - IF one starts with tools that CAN be
secured, which rules out Microsoft operating systems and software.
Where and as security fail is unavoidable - i.e. your shop needs a
commercial software package that will not run on anything but a
Microsoft OS - the value of the work product will justify the costs
(including minor personal inconvenience) of properly quarantining the
machine(s) it lives on.  If not, you don't really need that work product
and the problem solves itself the cheap way:  "We stopped using that."

As a bonus, defending digital assets from one's "most serious"
adversaries will automatically defend those assets from lesser beings.
Perfect or absolute security does not exist because it can not exist:
But almost anyone can afford a good enough security model to reduce the
odds of serious security incidents per decade from near certainty to a
low single digit percentage.

Network security axiom:  User refusal is the principal barrier to secure
networking.

:o/







signature.asc
Description: OpenPGP digital signature

Is it still good practice to reinstall everything after you are owned?

2017-11-01 Thread How Rude ! 
> rooty arfspoop at protonmail.com
> Wed Nov 1 09:15:16 PDT 2017
>

> winblows is a virus
>
Not true.  It is a botnet.

Also:
blackhat.com/eu-17/briefings/schedule/#how-to-hack-a-turned-off-computer-or-running-unsigned-code-in-intel-management-engine-8668

JS;DR:
All computers are fucked.

Re: Is it still good practice to reinstall everything after you are owned?

2017-11-01 Thread rooty 
hi hi Georgi - winblows is a virus get off the sauce

 Original Message 
On Sep 19, 2017, 4:37 AM, Georgi Guninski wrote:

> Is it still good practice to reinstall everything after you are owned?
>
> It used to be, but after reading about windows viruses I am not sure it
> is.

Re: Is it still good practice to reinstall everything after you are owned?

2017-09-25 Thread Travis Biehn 
On Mon, Sep 25, 2017 at 10:44 AM, Georgi Guninski 
wrote:

> On Tue, Sep 19, 2017 at 01:57:33PM -0400, Travis Biehn wrote:
> > Yes - in addition, since some attackers have been shown to compromise not
> > only UEFI firmware, but also blobs in peripheral devices, a re-flashing
> of
> > those components from HW land. In many cases, this type of recovery is
> > 'impossible'.
> >
> > Practically, individuals will take a stab on guessing attacker capability
> > between; zero sophisticated persistence and h/w re-install survivability
> > and act accordingly. It is difficult to get that right, if not
> impossible.
> >
>
> Thanks. I suppose it is safe guess that non-negligible part of the world
> is persistently owned?
>

Hey Georgi,

On prevalence I won't speculate - but my number would be pretty low. You
don't burn your fancy hardware persistence on just any target.

In somewhat-related news, the cat and mouse game is getting a bit more
interesting with Apple High Sierra's eficheck. While I don't expect it to
remain effective long, it promises to find some 'interesting' old samples.

-Travis

-- 
Twitter  | LinkedIn
 | GitHub 
| TravisBiehn.com  | Google Plus

Re: Is it still good practice to reinstall everything after you are owned?

2017-09-25 Thread Georgi Guninski 
On Tue, Sep 19, 2017 at 01:57:33PM -0400, Travis Biehn wrote:
> Yes - in addition, since some attackers have been shown to compromise not
> only UEFI firmware, but also blobs in peripheral devices, a re-flashing of
> those components from HW land. In many cases, this type of recovery is
> 'impossible'.
> 
> Practically, individuals will take a stab on guessing attacker capability
> between; zero sophisticated persistence and h/w re-install survivability
> and act accordingly. It is difficult to get that right, if not impossible.
>

Thanks. I suppose it is safe guess that non-negligible part of the world
is persistently owned?

Re: Is it still good practice to reinstall everything after you are owned?

2017-09-19 Thread Travis Biehn 
On Tue, Sep 19, 2017 at 1:41 PM, Steve Kinney <ad...@pilobilus.net> wrote:

>
>
> On 09/19/2017 07:37 AM, Georgi Guninski wrote:
> > Is it still good practice to reinstall everything after you are owned?
> >
> > It used to be, but after reading about windows viruses I am not sure it
> > is.
>
> Well if somebody who reads the CPunk list is "fixing" a failed Microsoft
> operating system, that implies that the computer in question belongs to
> somebody else who demands Microsoft.  In that case, industry best
> practice is to follow the most expensive path possible:  "It is morally
> wrong to allow a sucker to keep his money."  The more of a client or
> employer's money you spend, the more important your job appears to be
> and the more /you/ can charge.
>
> So you will want to go shopping, and buy any "upgrades" that are
> available.  Assure that the anti-virus and related tools installed are
> the very most expensive.  If possible replace hardware, not just
> software.  Explore the potential for adding firewall appliances etc. to
> the network the compromised system plugs into - every security incident
> is a window of sales opportunity and, thanks to the popular press and
> the efforts of Microsoft and other snake oil vendors, the sky is not
> necessarily the limit.  Start building a case to change out /everything/
> IT related at the shop in question for the most expensive and massively
> over-built infrastructure possible - where and as this becomes possible,
> it qualifies as a Total Win.
>
> Also bear in mind that once Microsoft has been specified, "security" is
> out the window and compliance with popular misconceptions and IT sales
> literature constitute due diligence on the security front.  As a
> practical security objective, you will want to see the largest number of
> security incidents your client or employer will tolerate going forward,
> as you play the part of a heroic warrior battling hordes of Evil Genius
> Super Hackers on their behalf.  Do this well, with a straight face and
> the assistance of talking points from your vendors, to meet the only
> security objective that matters:  Your job and retirement security.
>
> Remember that an occasional /real/ loss of important assets will assure
> that your client or employer values your services very highly.  If
> things get too quiet around the shop for too long, dropping a couple of
> anonymous tips on security issues at your shop in "hacking" forums -
> make them look like a disgruntled ex-employee looking for pay-back - can
> do wonders to boost your importance in the eyes of management.
>
> :o)
>
>
>
>
>
>
>
>
Georgi,

Yes - in addition, since some attackers have been shown to compromise not
only UEFI firmware, but also blobs in peripheral devices, a re-flashing of
those components from HW land. In many cases, this type of recovery is
'impossible'.

Practically, individuals will take a stab on guessing attacker capability
between; zero sophisticated persistence and h/w re-install survivability
and act accordingly. It is difficult to get that right, if not impossible.

Broadly, the types of activities you perform on various hardware would
dictate the appropriate response. For example, you might not go about
generating a root CA on the computer you routinely clean adware from, and
you might not consider that computer 'safe for the task' after a OS
reinstall, instead favoring fresh, network interface stripped, or purpose
built HW.

-Travis

-- 
Twitter <https://twitter.com/tbiehn> | LinkedIn
<http://www.linkedin.com/in/travisbiehn> | GitHub <http://github.com/tbiehn>
| TravisBiehn.com <http://www.travisbiehn.com> | Google Plus
<https://plus.google.com/+TravisBiehn>

Re: Is it still good practice to reinstall everything after you are owned?

2017-09-19 Thread Steve Kinney 


On 09/19/2017 07:37 AM, Georgi Guninski wrote:
> Is it still good practice to reinstall everything after you are owned?
> 
> It used to be, but after reading about windows viruses I am not sure it
> is.

Well if somebody who reads the CPunk list is "fixing" a failed Microsoft
operating system, that implies that the computer in question belongs to
somebody else who demands Microsoft.  In that case, industry best
practice is to follow the most expensive path possible:  "It is morally
wrong to allow a sucker to keep his money."  The more of a client or
employer's money you spend, the more important your job appears to be
and the more /you/ can charge.

So you will want to go shopping, and buy any "upgrades" that are
available.  Assure that the anti-virus and related tools installed are
the very most expensive.  If possible replace hardware, not just
software.  Explore the potential for adding firewall appliances etc. to
the network the compromised system plugs into - every security incident
is a window of sales opportunity and, thanks to the popular press and
the efforts of Microsoft and other snake oil vendors, the sky is not
necessarily the limit.  Start building a case to change out /everything/
IT related at the shop in question for the most expensive and massively
over-built infrastructure possible - where and as this becomes possible,
it qualifies as a Total Win.

Also bear in mind that once Microsoft has been specified, "security" is
out the window and compliance with popular misconceptions and IT sales
literature constitute due diligence on the security front.  As a
practical security objective, you will want to see the largest number of
security incidents your client or employer will tolerate going forward,
as you play the part of a heroic warrior battling hordes of Evil Genius
Super Hackers on their behalf.  Do this well, with a straight face and
the assistance of talking points from your vendors, to meet the only
security objective that matters:  Your job and retirement security.

Remember that an occasional /real/ loss of important assets will assure
that your client or employer values your services very highly.  If
things get too quiet around the shop for too long, dropping a couple of
anonymous tips on security issues at your shop in "hacking" forums -
make them look like a disgruntled ex-employee looking for pay-back - can
do wonders to boost your importance in the eyes of management.

:o)









signature.asc
Description: OpenPGP digital signature

Re: Is it still good practice to reinstall everything after you are owned?

2017-09-19 Thread Shawn K. Quinn 
On 09/19/2017 06:37 AM, Georgi Guninski wrote:
> Is it still good practice to reinstall everything after you are owned?
> 
> It used to be, but after reading about windows viruses I am not sure it
> is.

If you are running an OS besides Windows or MacOS, yes.

It is never a good idea to install Windows to begin with, let alone
reinstall it after it's been hacked once.

It's only a slightly better idea to install MacOS to begin with.

-- 
Shawn K. Quinn <skqu...@rushpost.com>
http://www.rantroulette.com
http://www.skqrecordquest.com

Re: Is it still good practice to reinstall everything after you are owned?

2017-09-19 Thread Umair Chachar 
Depends on what you're reinstalling.
I prefer Arch Linux or Slackware (because of security specific updates), once 
installed (the bare minimum system) I harden it by auditing the system itself, 
and then I keep an ever watchful eye on advisories. Windows is a virus itself 
tbh.

VR,
Umair

 Original Message 
On Sep 19, 2017, 07:37, Georgi Guninski wrote:

> Is it still good practice to reinstall everything after you are owned?
>
> It used to be, but after reading about windows viruses I am not sure it
> is.

Is it still good practice to reinstall everything after you are owned?

2017-09-19 Thread Georgi Guninski 
Is it still good practice to reinstall everything after you are owned?

It used to be, but after reading about windows viruses I am not sure it
is.