| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 5 Jan 2006 04:18:23 -0800 From: InfoSecBOFH <infosecbofh@...il.com> To: Pierre Vandevenne <pierre@...arescue.com> Cc: "FunSec \[List\]" <funsec@...uxbox.org>, bugtraq@...urityfocus.com, "full-disclosure@...ts.grok.org.uk" <full-disclosure@...ts.grok.org.uk> Subject: Re: Re[2]: [funsec] WMF round-up, updates and de-mystification Oh come on Pierre.. you are talking to a reporter here... it is as much of a rootkit as Metasploit is a virus. Again... you are talking to a reporter so it is about as usefull (especially in this case) as talking to you morning dump before you flush. On 1/3/06, Pierre Vandevenne <pierre@...arescue.com> wrote: > Good Day, > > Tuesday, January 3, 2006, 12:59:22 PM, you wrote: > > GE>> The "patch" by Ilfak Guilfanov works, but by disabling a DLL in Windows. > PV>> I wouldn't say it does that. If you really want to simplify it in the > LS> extreme, it hides the vulnerable function. > > LS> Think of it as a "White Hat Rootkit" > > Or merely a TSR hooking an interrupt vector. It doesn't hide itself. > It doesn't allow any kind of remote access to anything. > > I can't see how it could even be remotely described as a rootkit. > > > -- > Best regards, > Pierre mailto:pierre@...arescue.com > > _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists