BHack

I still don't see how he actually "pushed" the rootkit on your PC.

He had to exploit some kind of vulnerability to do that. Are you keeping windows udpated?

It just seems odd that, without the help of some kind of virus/trojan/spyware that you somehow installed on your computer, he was just able to brute force into it.

Are you fervent about the HiJackthis scans?

My computer is not very secure in the traditional sense, but I keep close tabs on my PC for any abnormal behavior using a multitude of tools including HiJackthis.

__________________

flux

I make sure I keep up to date on MS updates as well as software I use on a regular basis. I don't run HiJackThis but I do keep an eye on running processes with WhatsRunning. The problem with just watching services is rootkits are designed to hide themselves. The only way to see them running is to boot to a Console.

Keep in mind this was a machine I thought was behind my firewall so I did not close off ports that should not be exposed to the world. Of particular note NetBios shares including C$.

__________________
flux
[tg-c1]

Apophis

There are numerous exploits that have yet to be fixed in Windows XP. Keeping up to date on patches does not mean that you're secure from these exploits. It only means that you are secure against the more well-known exploits that Microsoft has chosen to fix.

__________________
Diplomacy is the art of saying "good doggie" while looking for a bigger stick.

flux

I just saw this article saying paypal is going to try out a password key-fob. I love this idea. You can bet after this mess I'll be grabbing one as soon as they are available.

__________________
flux
[tg-c1]

Apophis

Two-factor authentication is very common in the financial industry. Many of the clients we work with require both username/password combinations as well as one-time keys generated from devices such as RSA's SecurID. It's definitely a good step in preventing unauthorized access to whatever system it is applied to.

__________________
Diplomacy is the art of saying "good doggie" while looking for a bigger stick.

P8riot

For access controls the SecurID token system and were great, as a contractor, I was very comfortable using them. They used bioscan for general access and location monitoring and one-time key codes for entry, it kept me from wandering into areas I shouldn't be in without an escort- That may sound simple, but in some places I went, you couldn't always be sure you weren't in a 'top secret' zone.

Translating one-time keys to to establish secure transactions would be very desireable IMO.

__________________


Dungeons and Dragons Online; Thorgaard, Thaumiel and Mahblung
EVE Online Captain Thorgaard OHern; skipper of the Battlecruiser "Jane Says.."
Pirates of the Burning Sea; Pirate Thorgaard O'Hern
Age of Conan Cimmeria; Tharashk, Thaumiel, guild Ars Tactika

Sirusblk

I don't know why Microsoft can't switch over to the Darwin, the Unix-based, open sourced, that the Mac OS uses. It's got a great track record with protection and it's time to switch battlefields. Microsoft has been fighting an up hill battle for too long, IMHO.

-Sirusblk

__________________

Apophis

Are you seriously asking why Microsoft doesn't ditch its own OS and switch over to BSD/UNIX instead? That's kind of asking why Mercedes doesn't start selling BMW's instead of making their own vehicles.

__________________
Diplomacy is the art of saying "good doggie" while looking for a bigger stick.

CingularDuality

FYI, there's a company called Zander Insurance that is reputable and offers ID theft insurance. All I know about it is that Dave Ramsey says that Zander will fix everything for you if you're ever a victim.

Check it out for yourself if you want: http://www.zanderins.com/idtheft/idtheft.aspx

__________________

Become a supporting member! -- Shop at the Tactical Market!

Take the world's smallest political quiz! "I was touched by His Noodly Appendage."
TacticalGamer TX LAN/BBQ Veteran:

Sirusblk

No I'm just saying, they should try to transition it over, Try to translate the code over to a Unix based system. I believe apple did it. I mean is anybody happy with the current security? I don't like having to download and install 50 different protection programs all not natively installed on Windows. I'm just saying windows needs a better solution.

__________________

Apophis

You do need to realize that attackers generally go after the most popular system. Windows is the most popular system, and as such gets all the focused attacks. No matter what Microsoft transitioned to, even if it involved them throwing away their entire core operating system to move over to another, that would just shift the attacks over to the new system.

There does need to be a better solution, but that needs to be addressed through proper coding and testing guidelines prior to release as well as consumer acceptance. The biggest hurdles companies have are in the user acceptance arena when it comes to security. Security gets in the way, it's intrusive, it stops you from being able to do things quickly and easily.

You shouldn't need to download 50 programs anyway. You should have a network based hardware firewall in place, and a solid AntiVirus scanner. You have the Microsoft Windows XP firewall already installed for local protection as well as Defender to deal with other attack vectors.

Provided you use the tools that are part of your operating system and have a hardware firewall to protect your network, the only thing you would need to download or install third party would be a good Antivirus package like Kaspersky.

__________________
Diplomacy is the art of saying "good doggie" while looking for a bigger stick.

Dick Blonov

I'm trying to locate the info source (think it was sans.org), but at one point last year, 80% of compromised systems were caused by what I like to call «operator head spacing»: failure to patch, no firewall, no AV, and questionnable on-line habits (including replying to fishing emails, downloading hacked software, keys, use of P2P to download iffy material, etc).

I'll try to dig up the info and post back.

In the meantime, the 2006 top 20 targets.




DB

__________________
|TG-6th|Blonov

Sirusblk

I relize that PCs are the most popular platform. In fact I realize that there are viruses out there for Macs. I was probably throwing around the idea of switching their core OS, speaking without after thought I guess. The thing is the most successive virus for the Mac OS had you having to do 6 different specific things, all having to have a restart in between. I guess what I'm trying to say is that Microsoft needs to step up, instead of being behind the ball, they need to get ahead of the game. There's obviously something to be said about protection on a Mac as apposed to the PC. I believe that Microsoft has the power to get ahead of the game but due to whatever reasons, aren't.

Before I had reinstalled Windows, I had just all of a sudden lost Windows Firewall. I tried reinstalling it but it seemed Windows just wished to abandon me. I lost automatic updates and everything. I had to find the manual files and everything. In short I don't have too great of a time with Windows.

-Sirusblk

__________________