Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Basics
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Fwd: SF new column announcement: Microsoft Anti-Spyware?

from [Caeser Augustus] Network Security [Permanent Link]
Subject: Fwd: SF new column announcement: Microsoft Anti-Spyware?
Date: Mon, 10 Jan 2005 10:35:02 +0530 
Here's my 2 cents:
Nothing really is unexploitable if you try hard enough.
If by some real chance an average user in the world was using Linux,
you can be sure that people who make spyware would have made it for
that platform as well. It's just isn't plain business sense to do that
as of now.

And really, I heard so much hohum about MS's security record. OK I
understand that MS maybe not into security that much till very
recently. But when they did (SP2) this is what I see happened:
1) The average user : feels good about security but is confronted by a
learning curve. Whatever it is, but I'm sure that an information bar
is easier to configure than a hosts file.
2) The IT guys shout: "Don't install it".
   - It breaks stuff.
   - It's got security issues( My companies IT policy )
   - Not stable.
I'd say Hello. Wake up. Just because you're incompetent enough not to
know about it, you term something bad. I mean a sheer amount of IT
staff that I've knows is just point and click types. Boot off the CD
Press enter thrice, click next next next, when you get password box,
type admin or password and lo behold, you have Windows 2003 running.
I'm not saying all are like that. There are serious professionals(btw,
i'm not) who DO this job. Bust most aren't.
3) The crackers: It's got holes: it's exploitable. I think: off
course. Everything is. Including the Linux Kernel. That's what makes
this field fun.

I'm sure, given enough motivation (read money), you can have as many
spyware as you want for Linux/Unix/Freebsd whatever. It's just that
not most of  supridentdents/Operations
Managers/Nurses/Clerks/Executives/Sales Executives/Accountants who
sits at his office/SOHO desk reading mail, does it on Konquror (even
though it's free). So, no spyware.

And oh, all this may be localised to India only, I dunno. But I have
worked for an International Support Center, catering to THE average
and the Admin level american/uk computer user. And that was the
impression I got.


On Fri, 07 Jan 2005 13:47:55 -0700, Kelly Martin <kel@securityfocus.com> wrote:

Matvei Kliuchnikov wrote:


From the article:

"because it's holes in Microsoft's operating system that built the
entire spyware industry to begin with"

That's just plain wrong. Spyware, by it's nature, is installed along
with other applications that the user manually installs. Download
KaZaa, for example, and you'll find that several other "spyware" apps
are installed along with it. This has nothing to do with security
vulnerabilites.



You should really do a bit more reading before making such a definitive
statement. Only a portion of spyware is installed this way. Most of the
time the inclusion of spyware along with a legitimate application is
clearly indicated in the user agreement, but these click-through
agreements are rarely read and thus, the users gets a little more than
he is expecting.

A huge amount of spyware gets installed in an entirely different way,
however, and has everything to do with vulnerabilities and/or unpatched
machines. I'm referring to bits of code that are installed without a
user's permission, just by visiting a website -- via security problems
with ActiveX, Javascript, JAVA, and unpatched vulnerabilities in
Internet Explorer. There are many, many examples of this. Have you never
seen a .DLL downloaded while visiting a website using IE? What about the
users that you support? It's pretty hard to surf the web nowadays using
IE without getting some kind of spyware.

Things to watch for:
- has your browser's homepage been hijacked?
- do you see any unwanted toolbars in IE?
- do you see unwanted pop-up windows when you start IE?
- are you unable to reach Google.com or Yahoo.com, and get redirected to
another search engine instead?
- is there a trojan or keylogger reporting statistics about you back to
another location
- [the list goes on, and on...]


Obviously, Microsoft has a shoddy record of security problems, but
don't confuse the issue and continue spreading FUD.




I can recommend that you read up on CoolWebSearch as an excellent
example of nasty spyware that is *not* user-installed, and does in fact
attempt to exploit vulnerabilities. There are many others.

Regards,

Kelly Martin
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Source Port 0 Host Sweep, JM
Next by Date:  Re: Newbie Hacker Tools, Spigga
Previous by Thread:  Re: SF new column announcement: Microsoft Anti-Spyware?, Edward J. Weinberg
Next by Thread:  (WAS: Re: Fwd: SF new column announcement: Microsoft Anti-Spyware?), Sebastian
Indexes:  [Date] [Thread] [Top] [All Lists]