lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-Id: <79EDD069-9414-4EEA-BB6D-EF8E817632B2@bellsouth.net>
Date: Wed, 23 Sep 2009 18:19:59 -0400
From: Mary Landesman <marylande@...il.com>
To: full-disclosure@...ts.grok.org.uk,
 Jeff Kell <jeff-kell@....edu>
Subject: Re: Dumb question: Is Windows box behind a router
	safe ?

>
> The more appropriate question would be "Is a Windows box safe with a
> user behind it?" since today's threats require that you browse to the
> danger, or click an "OK" button first :-)


Shall we just ignore the thousands of variants of Virut which are  
extremely prevalent? Virut is a file infecting virus combined with an  
IRC backdoor. Or how about the Nirbot family, which is like Virut only  
it includes RPC and LSASS exploits for additional means of  
propagation. How about the ubiquitous autorun worms that propagate via  
removable, fixed, and shared drives? How about those that are a  
combination of all of the above?

As for "browse to the danger" do you mean open a browser window and  
perform a search using your favorite search engine? Or browsing to  
your favorite trusted news, sports, enterprise website that happens to  
work with advertising networks that happened to be infiltrated by a  
malicious ad run? Or browsing to any of the other millions of websites  
which happened to be compromised via SQLi, stolen credentials, poorly  
configured settings, or any number of means? All of the above are  
viable means of malware exposure, simply by opening the browser.

The malware problem is not user-driven (nor is it Windows-specific).

-- Mary



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ