lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <40AB4F00.60100@yahoo.es>
From: adolfohermosin at yahoo.es (A.H.)
Subject: I Got Hacked. Now What Do I Do?

By Jesper M. Johansson, Ph.D., CISSP, MCSE, MCP+I
Security Program Manager
Microsoft Corporation:

> You can?t clean a compromised system by using some ?vulnerability 
> remover.? Let?s say you had a system hit by Blaster. A number of 
> vendors (including Microsoft) published vulnerability removers for 
> Blaster. Can you trust a system that had Blaster after the tool is 
> run? I wouldn?t. If the system was vulnerable to Blaster, it was also
>  vulnerable to a number of other attacks. Can you guarantee that none
>  of those have been run against it? I didn?t think so.

> You can?t trust any data copied from a compromised system. Once an
> attacker gets into a system, all the data on it may be modified. In
> the best-case scenario, copying data off a compromised system and
> putting it on a clean system will give you potentially untrustworthy
> data. In the worst-case scenario, you may actually have copied a back
> door hidden in the data.


http://www.microsoft.com/technet/community/columns/secmgmt/sm0504.mspx
http://www.vsantivirus.com/derribar-reconstruir.htm

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ