Re: [NTLK] [OT] Root Kits on Mac?

From: Ed Kummel (tech_ed_at_yahoo.com)
Date: Thu Nov 10 2005 - 13:23:58 PST


I've been quieter on this list lately than I would like...new job and new house, in the last year, creates instances where time travel becomes the preferred method of travel (although unatainable, you can still prefer it...) I'm still here...like you...and like you, a acting behind the scenes.
Glad to see that you didn't drop off the face of the earth as well.
I've been working on my pkg download site and developing an automated mailer for notifying those who want to know when I upload stuff to my site..
Ed
web/gadget guru
Download Newton packages directly onto your Newton: http://newton.tek-ed.com

Laurent Daudelin <laurent.daudelin_at_verizon.net> wrote:
on 10/11/05 00:40, Ed Kummel at tech_ed_at_yahoo.com wrote:

> Sony's root kit was rather inoccuous...it really didn't do anything dangerious
> in and of it's self to a computer...What makes it insidious is that it was
> written so that *ANY* file that was prefixed with $sys$ would be hidden from
> any attempts to discover it. This could allow a hacker to perhaps convince you
> to click on a download that installed $sys$keylogger.exe onto your machine and
> you would never know and no tools would detect it...Essentially, what sony did
> was 99% of the work that crackers would have had to have done to create a
> stealth virus. That's what's bad about Sony's rootkit (and not to mention,
> improper removal could render certain devices no longer functional)
> I agree with the sentiment below. I first heard of rootkits in connection with
> *nix machines, hence the term "root", since root is the holy grail of any *nix
> cracker attempt. Any while I have heard of other rootkits in the wild for
> Windows machines, this is probalby the most pervasive and the easiest for any
> baddie to take advantage of.
> Most *nix users claim that their machines are hardened against such attacks,
> but with so many applications requiring root access or sudo to install, it
> doesn't take much to slip in a rootkit under the guise of a Pamela Anderson
> Strip Poker game to lose all control of your *nix machine...

Ed, glad to see that you're still around!

-Laurent.

-- 
============================================================================
Laurent Daudelin AIM/iChat: LaurentDaudelin 
Logiciels Nemesys Software mailto:laurent.daudelin_at_verizon.net
copy protection n.: A class of methods for preventing incompetent pirates
from stealing software and legitimate customers from using it. Considered
silly. 
-- 
This is the NewtonTalk list - http://www.newtontalk.net/ for all inquiries
Official Newton FAQ: http://www.chuma.org/newton/faq/
WikiWikiNewt for all kinds of articles: http://tools.unna.org/wikiwikinewt/
"I'm not an expert, but I *did* stay at a Holiday Inn Express once..."
     --Holiday Inn Commercial
		
---------------------------------
 Yahoo! FareChase - Search multiple travel sites in one click.  
-- 
This is the NewtonTalk list - http://www.newtontalk.net/ for all inquiries
Official Newton FAQ: http://www.chuma.org/newton/faq/
WikiWikiNewt for all kinds of articles: http://tools.unna.org/wikiwikinewt/


This archive was generated by hypermail 2.1.5 : Thu Nov 10 2005 - 14:00:03 PST