|
|
|
|
|
Posted by Sebastian G. on April 10, 2008, 9:10 am
If you were Registered and logged in, you could reply and use other advanced thread options
Olicaca wrote:
> Why don't teach me how to check if a trojan stay on ur computer instead of
reasoning
Simply said, since I make sure there're no point to hook into, any malicious
software would have to appear as a separate process in the process list.
That's trivial to check.
> argueing, about the reason of bug on the PC..?
Well, that's the reason why I suggest to create an disk image of the
compromised system. Later on you may start analyzing what malware it is and
which security hole was exploited. It's pretty unlikely that it wasn't a
configuration or random problem, which is unlikely to occur again. You don't
have to the put the system online either.
> You really think antivirus can check out all trojan huh?
No. Analysis are normally conducted with serious tools.
> Do you hear that if you have trojan on source setup than it quite
> pass anti-shitwares check??
Well, that's pretty trivial.
> I'm acquainted with some friend and he declares that,if he write a
> trojan then no antivirus can detect, because his is not destroy
> anything and...
Well, although this is generally possible, the argument is bogus. The real
argument is that one can create malware that modifies itself in a way such
that no L0, L1 or L2 pattern signature could match it in every fashion, and
not even behaviour anaylsis would conclude anything.
> Virus and worm is easy to detect but trojan is not,specially it
> is the economic war.
They're only detectable by their defined behaviour, that is a virus does
modify other executables, and a worm modifies the behaviour of server processes.
> You say manything and about bandwidth but i need u teach how to detect
> trojan,bandwidth is no problem.
What I said is that bandwidth is a valueable resource that is definitely in
the interest of the attacker.
> Could you help?
How many more times do I have to ask you if you have flattened and rebuild
the system? Bring it back to a well-defined state first, since this is the
only reliable way to recover from a compromise.
> Ah,if you want teach me
> then please use English in the simple grammar,hornestly i'm idiotic in
> English maybe and i must try so much to understand.It is real(coz my
> country not use English and not join with the World soon).
"coz" is obviously not an English word.
|
|
Posted by Olicaca on April 10, 2008, 10:00 am
If you were Registered and logged in, you could reply and use other advanced thread options
> Olicaca wrote:
> > Why don't teach me how to check if a trojan stay on ur computer instead =
of reasoning
>
> Simply said, since I make sure there're no point to hook into, any malicio=
us
> software would have to appear as a separate process in the process list.
> That's trivial to check.
>
> =A0> argueing, about the reason of bug on the PC..?
>
> Well, that's the reason why I suggest to create an disk image of the
> compromised system. Later on you may start analyzing what malware it is an=
d
> which security hole was exploited. It's pretty unlikely that it wasn't a
> configuration or random problem, which is unlikely to occur again. You don=
't
> have to the put the system online either.
>
> =A0> You really think antivirus can check out all trojan huh?
>
> No. Analysis are normally conducted with serious tools.
>
> =A0> Do you hear that if you have trojan on source setup than it quite
>
> > pass anti-shitwares check??
>
> Well, that's pretty trivial.
>
> > I'm acquainted with some friend and he declares that,if he write a
> > trojan then no antivirus can detect, because his is not destroy
> > anything and...
>
> Well, although this is generally possible, the argument is bogus. The real=
> argument is that one can create malware that modifies itself in a way such=
> that no L0, L1 or L2 pattern signature could match it in every fashion, an=
d
> not even behaviour anaylsis would conclude anything.
>
> =A0> Virus and worm is easy to detect but trojan is not,specially it
>
> > is the economic war.
>
> They're only detectable by their defined behaviour, that is a virus does
> modify other executables, and a worm modifies the behaviour of server proc=
esses.
>
> =A0> You say manything and about bandwidth but i need u teach how to detec=
t
>
> > trojan,bandwidth is no problem.
>
> What I said is that bandwidth is a valueable resource that is definitely i=
n
> the interest of the attacker.
>
> =A0> Could you help?
>
> How many more times do I have to ask you if you have flattened and rebuild=
> the system? Bring it back to a well-defined state first, since this is the=
> only reliable way to recover from a compromise.
>
> =A0> Ah,if you want teach me
>
> > then please use English in the simple grammar,hornestly i'm idiotic in
> > English maybe and i must try so much to understand.It is real(coz my
> > country not use English and not join with the World soon).
>
> "coz" is obviously not an English word.
-------------------------------------------------------------
Ok,now we begin have the common voice.I reinstall OS and creat backup
image but nothing resolved.Because right here,most of us use
unofficial CD to install OS.I just want check my resource.So let help
me check hooked module and handle...,really i don't know how to check
it,and the open port too.I want get some files to send out to
analysis.If my CD is dirty then certainly i will buy one but first
must bring everything to light.Could u help?Ok,and notice that i'm a
home user,not a networking man,so i was wrong when didnt read the
"about this group".Maybe you not a security agent to treat malware :
((.Maybe i will go to bitdefenden forum better use google group.Bye
bye.
"Coz" =3D because and "brb"=3Dbe right back ja.I'm just using familiar
chatting English,not know formal language,forgive me.
|
|
Posted by Sebastian G. on April 10, 2008, 10:26 am
If you were Registered and logged in, you could reply and use other advanced thread options
> Ok,now we begin have the common voice.I reinstall OS and creat backup
> image but nothing resolved.Because right here,most of us use
> unofficial CD to install OS.
Then you have a very serious problem. Without a trusted base, you're
essentially hosed.
> I just want check my resource.So let help
> me check hooked module and handle...
Maybe you should get familiar with the aspects of rootkits.
> and the open port too.
WTF? You don't even know how to handle the 'netstat' command?
> "Coz" = because and "brb"=be right back ja.I'm just using familiar
> chatting English,not know formal language,forgive me.
Which is considered inpolite, as it would be in any real-life discussion.
|
|
Posted by Todd H. on April 10, 2008, 12:13 pm
If you were Registered and logged in, you could reply and use other advanced thread options
> -------------------------------------------------------------
> Ok,now we begin have the common voice.I reinstall OS and creat backup
> image but nothing resolved.Because right here,most of us use
> unofficial CD
Stolen software? I will not help you with that.
> to install OS.I just want check my resource.So let help me check
> hooked module and handle...,really i don't know how to check it,and
> the open port too.I want get some files to send out to analysis.If
> my CD is dirty then certainly i will buy one but first must bring
> everything to light.Could u help?Ok,and notice that i'm a home
> user,not a networking man,so i was wrong when didnt read the "about
> this group".Maybe you not a security agent to treat malware :
> ((.Maybe i will go to bitdefenden forum better use google group.Bye
> bye. "Coz" = because and "brb"=be right back ja.I'm just using
> familiar chatting English,not know formal language,forgive me.
Security is hard enough to explain to a native speaker of a language.
Your poor English makes the task nearly impossible I'm afraid.
Yes, by all means, go to a google group. Preferably in your native
language. And quit stealing American software, okay?
--
Todd H.
http://www.toddh.net/
|
|
Posted by Olicaca on April 11, 2008, 1:17 am
If you were Registered and logged in, you could reply and use other advanced thread options
> > -------------------------------------------------------------
> > Ok,now we begin have the common voice.I reinstall OS and creat backup
> > image but nothing resolved.Because right here,most of us use
> > unofficial CD
>
> Stolen software? =A0 I will not help you with that.
>
> > to install OS.I just want check my resource.So let help me check
> > hooked module and handle...,really i don't know how to check it,and
> > the open port too.I want get some files to send out to analysis.If
> > my CD is dirty then certainly i will buy one but first must bring
> > everything to light.Could u help?Ok,and notice that i'm a home
> > user,not a networking man,so i was wrong when didnt read the "about
> > this group".Maybe you not a security agent to treat malware :
> > ((.Maybe i will go to bitdefenden forum better use google group.Bye
> > bye. =A0"Coz" =3D because and "brb"=3Dbe right back ja.I'm just using
> > familiar chatting English,not know formal language,forgive me.
>
> Security is hard enough to explain to a native speaker of a language.
> Your poor English makes the task nearly impossible I'm afraid.
>
> Yes, by all means, go to a google group. Preferably in your native
> language. =A0And quit stealing American software, okay?
>
> --
> Todd H.http://www.toddh.net/
Sorry Todd,i'm not stealing American software,most of us use computer
of Intel,Dell from USA,you really think that Intel,Dell,IBM,Compact
can sell their product to our country with out OS.We just the
student,and most of our family just have the incoming about 1500 USD/
year(parent+children...).I'm not stealing software,because i really
have not enought the aptitude to do that...,let think is lighter way
that American have a part in helping humen improve the
cilivization,and not all of humen turn the back on them,at least
Del,IBM,Intel and other get the large sum of money from selling
hardware.And not all person on world steal your software.Believe me,we
not use your software for the trading,we just home user,try to improve
our cilivization,all of trading company in my place,they must buy ur
product in the serious way.And belive me that,i commit to you that
when i have the better life,by improve my knowledge,have good job,i
will buy ur software in the straight way,because i know that just only
do that then i must have the surpport,the safe...No one give any one a
thing without ask a thing,we use unofficial product then we must pay
the penalty (for the hacker,etc...,do you understand).In the world,i
think no anything is absolute,don't think that we just receive from
you not pay you anything.Why don't think you grow up the civilization
will become grow up the needs in the future.Not at all of the world
use the unoficial software then it is ok,but if you want all of the
world use the official software then believe me,you will not sell any
things to the third world,as us.Dont be egoistic,we alway feel
grateful to you for the dedicating the world.I come for the
friendship,i dont have the behaviour to give lesson you and you not
too.If you teach me about IT then OK,the world be more
beautiful,contrary,the world till be the world,nothing else.(I did
think that American be richer because in the past,they did steal many
thing of many one and many country,but just the think,not important,we
are go on, and here,in Google group,i don't want we make the fire
again.If you not agree with me then maybe better i go,no thing and no
one for me ..
----------
I don't know "netstat",could i use any software instead of command
line?
|
| Similar Threads | Posted | | IT Risk Management | June 20, 2004, 1:50 pm |
| risk management | April 14, 2008, 7:37 am |
| Is there any security risk using WebEx? | May 26, 2004, 8:49 pm |
| NAT routers - is IP spoofing a risk? | November 20, 2005, 9:38 am |
| Trust and Risk in the Workplace | August 16, 2006, 4:25 pm |
| Trust and Risk in the Workplace | August 15, 2006, 8:59 pm |
| ** Risk Assessment / C&A consulting | August 22, 2006, 6:04 pm |
| IE Flaw Puts Windows XP SP2 At Risk | September 17, 2005, 5:35 pm |
| Operational Risk Management, May 22-24 2006, Boston, MA | April 21, 2006, 3:59 pm |
| BS7799-3 Security Risk Management Standard Released Today | March 16, 2006, 7:44 am |
|
|
|
XML site map