Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Computer Security > Need Security Help

Reply
Thread Tools

Need Security Help

 
 
Lumpjaw
Guest
Posts: n/a
 
      07-03-2007
Greetings,

I have a reason to believe my work computer has been compromised, i.e.
stealth software installed. Does anyone know of a good mechanisim to detect
hidden spy programs outside of adaware and spybot. Any suggestions would be
greatly appreciated. Thanks.


-lumpjaw


 
Reply With Quote
 
 
 
 
/Tx2
Guest
Posts: n/a
 
      07-03-2007
On Tue, 3 Jul 2007 15:58:38 -0400 Lumpjaw
from the village of http://www.velocityreviews.com/forums/(E-Mail Removed)
felt we might be interested in the following...


> Greetings,
>
> I have a reason to believe my work computer has been compromised, i.e.
> stealth software installed. Does anyone know of a good mechanisim to detect
> hidden spy programs outside of adaware and spybot. Any suggestions would be
> greatly appreciated. Thanks.


Hello, sorry to trouble you, but this is your personnel department -
please report to the office at 08:30 prompt so we can discuss this issue
with you.


--
My reply address is valid, but incoming mail is set to 'auto-delete'
so will not be seen. Please post replies to the group.
XPS M1710 / 2.16 GHz dual core / 2Gb DDR2 / nVidia GeForce 7950GTX
 
Reply With Quote
 
 
 
 
Todd H.
Guest
Posts: n/a
 
      07-03-2007
"Lumpjaw" <(E-Mail Removed)> writes:

> Greetings,
>
> I have a reason to believe my work computer has been compromised, i.e.
> stealth software installed. Does anyone know of a good mechanisim to detect
> hidden spy programs outside of adaware and spybot. Any suggestions would be
> greatly appreciated. Thanks.


http://www.microsoft.com/technet/sys...tRevealer.mspx


--
Todd H.
http://www.toddh.net/
 
Reply With Quote
 
Lumpjaw
Guest
Posts: n/a
 
      07-03-2007
Very Funny!

-L

"/Tx2" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed) T...
> On Tue, 3 Jul 2007 15:58:38 -0400 Lumpjaw
> from the village of (E-Mail Removed)
> felt we might be interested in the following...
>
>
>> Greetings,
>>
>> I have a reason to believe my work computer has been compromised, i.e.
>> stealth software installed. Does anyone know of a good mechanisim to
>> detect
>> hidden spy programs outside of adaware and spybot. Any suggestions would
>> be
>> greatly appreciated. Thanks.

>
> Hello, sorry to trouble you, but this is your personnel department -
> please report to the office at 08:30 prompt so we can discuss this issue
> with you.
>
>
> --
> My reply address is valid, but incoming mail is set to 'auto-delete'
> so will not be seen. Please post replies to the group.
> XPS M1710 / 2.16 GHz dual core / 2Gb DDR2 / nVidia GeForce 7950GTX



 
Reply With Quote
 
Sebastian G.
Guest
Posts: n/a
 
      07-03-2007
Lumpjaw wrote:


> I have a reason to believe my work computer has been compromised, i.e.
> stealth software installed.



Well, then flatten and rebuild it. Hey, you're abusing Outlook Express as a
newsreader, what else do you need to see that your system is an open
invitation to crap?

> Does anyone know of a good mechanisim to detect hidden spy programs outside


> of adaware and spybot.


Yes: about any, since these programs are useless.

Serious ones include verifying the integrity of all files, which is
something typically carried out by sha1sum, sort, uniq and xargs.


BTW, what about a fup2?
 
Reply With Quote
 
Lumpjaw
Guest
Posts: n/a
 
      07-03-2007
Hey S.

I was just asking a question, I am woking with windows, that is what I have,
period, I was not asking for an invitation to throw mud. The wolrd already
knows what guys like you think, better to take your 'know how?' and use it a
little more constructively. If you have nothing to say, ZIP IT!... just my
humble opinion. MAN YOU ARE ANNOYING!


-Lumpjaw



"Sebastian G." <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> Lumpjaw wrote:
>
>
>> I have a reason to believe my work computer has been compromised, i.e.
>> stealth software installed.

>
>
> Well, then flatten and rebuild it. Hey, you're abusing Outlook Express as
> a
> newsreader, what else do you need to see that your system is an open
> invitation to crap?
>
>> Does anyone know of a good mechanisim to detect hidden spy programs
>> outside

>
>> of adaware and spybot.

>
> Yes: about any, since these programs are useless.
>
> Serious ones include verifying the integrity of all files, which is
> something typically carried out by sha1sum, sort, uniq and xargs.
>
>
> BTW, what about a fup2?



 
Reply With Quote
 
Sebastian G.
Guest
Posts: n/a
 
      07-03-2007
Lumpjaw wrote:


> I was just asking a question, I am woking with windows, that is what I have,
> period,



You're talking nonsense. Just because Windows delivers Outlook Express
doesn't mean that you're supposed to abuse it for an operation that it might
work for but isn't supposed to work for. There's no problem with downloading
an actual newsreader like any non-stupid person would do.

> If you have nothing to say, ZIP IT!


Strange enough that I already said something very fruitful: COMPARE YOUR
SYSTEM BINARIES AGAINST THE CHECKSUM OF TRUSTED BACKUP! That's what every
serious person does. It's a trivial task involving trivial tools like
sha1sum, sort+uniq and xargs, or any specific tool that does the job.

And I disrgarded your utterly useless tools. How should AdAware or Spybot
find such a compromise? They're relying on the results of the compromised
system, and they're utterly broken, and their output is obviously nonsensical.

> MAN YOU ARE ANNOYING!


said the stupid guy who attached a quoting of the entire replied posting at
the end of his own posting, together with an attribution line actually
containing two lines full of useless information that is already available
in the header of his posting. You can hardly get any more annoying!
 
Reply With Quote
 
Lumpjaw
Guest
Posts: n/a
 
      07-03-2007
Whatever dude!

-l

"Sebastian G." <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> Lumpjaw wrote:
>
>
>> I was just asking a question, I am woking with windows, that is what I
>> have,
>> period,

>
>
> You're talking nonsense. Just because Windows delivers Outlook Express
> doesn't mean that you're supposed to abuse it for an operation that it
> might
> work for but isn't supposed to work for. There's no problem with
> downloading
> an actual newsreader like any non-stupid person would do.
>
>> If you have nothing to say, ZIP IT!

>
> Strange enough that I already said something very fruitful: COMPARE YOUR
> SYSTEM BINARIES AGAINST THE CHECKSUM OF TRUSTED BACKUP! That's what every
> serious person does. It's a trivial task involving trivial tools like
> sha1sum, sort+uniq and xargs, or any specific tool that does the job.
>
> And I disrgarded your utterly useless tools. How should AdAware or Spybot
> find such a compromise? They're relying on the results of the compromised
> system, and they're utterly broken, and their output is obviously
> nonsensical.
>
>> MAN YOU ARE ANNOYING!

>
> said the stupid guy who attached a quoting of the entire replied posting
> at
> the end of his own posting, together with an attribution line actually
> containing two lines full of useless information that is already available
> in the header of his posting. You can hardly get any more annoying!



 
Reply With Quote
 
/Tx2
Guest
Posts: n/a
 
      07-03-2007
On Tue, 3 Jul 2007 16:30:30 -0400 Lumpjaw
from the village of (E-Mail Removed)
felt we might be interested in the following...


> Very Funny!


Glad you took it in the spirit it was intended



--
My reply address is valid, but incoming mail is set to 'auto-delete'
so will not be seen. Please post replies to the group.
XPS M1710 / 2.16 GHz dual core / 2Gb DDR2 / nVidia GeForce 7950GTX
 
Reply With Quote
 
Todd H.
Guest
Posts: n/a
 
      07-03-2007
"Lumpjaw" <(E-Mail Removed)> writes:

> Hey S.
>
> I was just asking a question, I am woking with windows, that is what I have,
> period, I was not asking for an invitation to throw mud. The wolrd already
> knows what guys like you think, better to take your 'know how?' and use it a
> little more constructively. If you have nothing to say, ZIP IT!... just my
> humble opinion. MAN YOU ARE ANNOYING!


Yeah, he's not a very happy boy, best I can tell.

He's right about one thing though--if you have any question at all
about the integrity of your machine, flatten and rebuild from original
media is the only way to go.

And the only way you can be relatively sure you're okay is to have
something like tripwire being installed soon after your original
(trusted) build, doing file signature, so you know what's changed--and
which is what is more challenging--no what's supposed to change and
what's not.

Best Regards,
--
Todd H.
http://www.toddh.net/
 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
re_---need help Network Adapters!!!! NEED HELP!!!! hedayatniac@gmail.com Computer Support 4 08-13-2006 01:03 AM
Need help configuring security and role management settings for website Philipp Lenz ASP .Net 1 12-02-2005 04:04 AM
Going from higher security level interface to lower security interface- HELP!!! - AM Cisco 4 12-28-2004 09:52 PM
Need help w. Java Security Exception. Steve Burrus Java 2 05-09-2004 09:28 PM
IT-Security, Security, e-security COMSOLIT Messmer Computer Support 0 09-05-2003 08:34 AM



Advertisments