Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: I Got Hacked. Now What Do I Do?
From: Paul Fraser <pjfraser () netspace net au>
Date: Wed, 19 May 2004 22:34:37 +1000

And written by a Microsoft employee, to boot.

On Wed, 19 May 2004 10:26 pm, Troels Bay wrote:
Wow, that's pretty amazing.

Now one can't trust somewhat 50% of all Microsoft Computers.

That's rather fun, wouldn't you say?

On May 19, 2004, at 14:11, A.H. wrote:
By Jesper M. Johansson, Ph.D., CISSP, MCSE, MCP+I
Security Program Manager

Microsoft Corporation:
You can’t clean a compromised system by using some “vulnerability
remover.” Let’s say you had a system hit by Blaster. A number of
vendors (including Microsoft) published vulnerability removers for
Blaster. Can you trust a system that had Blaster after the tool is
run? I wouldn’t. If the system was vulnerable to Blaster, it was also
 vulnerable to a number of other attacks. Can you guarantee that none
 of those have been run against it? I didn’t think so.

You can’t trust any data copied from a compromised system. Once an
attacker gets into a system, all the data on it may be modified. In
the best-case scenario, copying data off a compromised system and
putting it on a clean system will give you potentially untrustworthy
data. In the worst-case scenario, you may actually have copied a back
door hidden in the data.

http://www.microsoft.com/technet/community/columns/secmgmt/sm0504.mspx
http://www.vsantivirus.com/derribar-reconstruir.htm








_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]