Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
Re: [Full-Disclosure] I Got Hacked. Now What Do I Do?
From: Paul Fraser (pjfrasernetspace.net.au)
Date: Wed May 19 2004 - 07:34:37 CDT
And written by a Microsoft employee, to boot.
On Wed, 19 May 2004 10:26 pm, Troels Bay wrote:
> Wow, that's pretty amazing.
> Now one can't trust somewhat 50% of all Microsoft Computers.
> That's rather fun, wouldn't you say?
> On May 19, 2004, at 14:11, A.H. wrote:
> > By Jesper M. Johansson, Ph.D., CISSP, MCSE, MCP+I
> > Security Program Manager
> > Microsoft Corporation:
> >> You canít clean a compromised system by using some ďvulnerability
> >> remover.Ē Letís say you had a system hit by Blaster. A number of
> >> vendors (including Microsoft) published vulnerability removers for
> >> Blaster. Can you trust a system that had Blaster after the tool is
> >> run? I wouldnít. If the system was vulnerable to Blaster, it was also
> >> vulnerable to a number of other attacks. Can you guarantee that none
> >> of those have been run against it? I didnít think so.
> >> You canít trust any data copied from a compromised system. Once an
> >> attacker gets into a system, all the data on it may be modified. In
> >> the best-case scenario, copying data off a compromised system and
> >> putting it on a clean system will give you potentially untrustworthy
> >> data. In the worst-case scenario, you may actually have copied a back
> >> door hidden in the data.
> > http://www.microsoft.com/technet/community/columns/secmgmt/sm0504.mspx
> > http://www.vsantivirus.com/derribar-reconstruir.htm
> > _______________________________________________
> > Full-Disclosure - We believe in it.
> > Charter: http://lists.netsys.com/full-disclosure-charter.html
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
Full-Disclosure - We believe in it.