Network Security: Detailed info on MacOSX worm

Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.

Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.

Network Security Focus-Virus

[Top] [All Lists]

MacOSX worm

from [H Carvey] Network Security

[Permanent Link]

Subject:	MacOSX worm
Date:	26 Oct 2004 16:09:06 -0000



SF has a Register article about Opener/Renepo-A.  The article describes this as 
a "rootkit" (the term is, in fact, used in the title of the article), yet 
Sophos (linked in the article) classifies it as a worm.  Neither the Register 
article nor the Sophos write up describe any rootkit-like capabilities.

Here's the Symantec writeup:
http://www.sarc.com/avcenter/venc/data/macos.renepo.b.html

The Register article calls the "rootkit" "destructive", yet doesn't describe 
any destructive capabilities.  However, the Symantec writeup does.

So...what's the real deal?  Is the media spreading FUD, or is the A/V community 
downplaying the effectiveness of this bit of malware?

Thanks,

Harlan Carvey
"Windows Forensics and Incident Recovery"
http://www.windows-ir.com

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
MacOSX worm, H Carvey <= Re: MacOSX worm, Bruce Walker Re: {BAD-DATE} MacOSX worm, "D. HÃhn" RE: MacOSX worm, Steven Trewick RE: MacOSX worm, Kevin O'Brien Re: MacOSX worm, John Hansen RE: MacOSX worm, David Gillett Re: MacOSX worm, John Hansen RE: MacOSX worm, Stuart Staniford RE: MacOSX worm, M. Shirk RE: MacOSX worm, Steven Hay

Previous by Date:	Re: Virus On Network, Kern, Tom
Next by Date:	RE: MacOSX worm, Steven Trewick
Previous by Thread:	Virus On Network, Joe Cervantes
Next by Thread:	Re: MacOSX worm, Bruce Walker
Indexes:	[Date] [Thread] [Top] [All Lists]