[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <C4A23568-A98F-11D8-BAE6-000A95C585F0@troelsbay.dk>
From: troelsbay at troelsbay.dk (Troels Bay)
Subject: I Got Hacked. Now What Do I Do?
Wow, that's pretty amazing.
Now one can't trust somewhat 50% of all Microsoft Computers.
That's rather fun, wouldn't you say?
On May 19, 2004, at 14:11, A.H. wrote:
> By Jesper M. Johansson, Ph.D., CISSP, MCSE, MCP+I
> Security Program Manager
> Microsoft Corporation:
>
>> You can?t clean a compromised system by using some ?vulnerability
>> remover.? Let?s say you had a system hit by Blaster. A number of
>> vendors (including Microsoft) published vulnerability removers for
>> Blaster. Can you trust a system that had Blaster after the tool is
>> run? I wouldn?t. If the system was vulnerable to Blaster, it was also
>> vulnerable to a number of other attacks. Can you guarantee that none
>> of those have been run against it? I didn?t think so.
>
>> You can?t trust any data copied from a compromised system. Once an
>> attacker gets into a system, all the data on it may be modified. In
>> the best-case scenario, copying data off a compromised system and
>> putting it on a clean system will give you potentially untrustworthy
>> data. In the worst-case scenario, you may actually have copied a back
>> door hidden in the data.
>
>
> http://www.microsoft.com/technet/community/columns/secmgmt/sm0504.mspx
> http://www.vsantivirus.com/derribar-reconstruir.htm
>
>
>
>
>
>
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
>
Powered by blists - more mailing lists