Guest ArameFarpado Posted September 23, 2008 Posted September 23, 2008 Re: Viruses Em Terça, 23 de Setembro de 2008 01:31, David H. Lipman escreveu: > > The fact remains. > I posted... "as malware affects every OS." > And you replied... "Not true." > > What I posted were well known bits of malware and they affected the OS. > That's a fact. or tryed to... > > So I repeat emphatically... "malware affects every OS." > With the disclaimer... > "The only thing is some operating systems are targeted more than others". > > BTW: The Slapper had spread pretty well and caused financial loses. slapper atacked the apache web server and only it, not the OS... anyway, a patch was applied and that worm will never work again. an antivirus wasn't needed. > Since you mention Symbian... > http://www.f-secure.com/weblog/archives/00001368.html symbian have the same weekness regarding filename extentions... is easy to fool a system that uses filename extentions > Oh you also mention the MAC OS. OS/X had the OSX/Leap-A > i don't know much about Macs. tell me, does OSX/Leap-A still works in newer MacOS systems?
Guest ArameFarpado Posted September 23, 2008 Posted September 23, 2008 Re: Viruses Em Terça, 23 de Setembro de 2008 01:38, David H. Lipman escreveu: > From: "ArameFarpado" <a-farpado.spam@netcabo.pt> > > I forgot to mention... > > The RBN (before Atrivo was exposed) had begun to target MAC computers with > the same kind of Fake Codecs that were so prevalent in the distribution of > the ZLob trojans for Win32. > > http://www.theregister.co.uk/2008/03/12/mac_security_site_malware_infestation/ > > And I personnaly have seen the code that decides what OS you are using and > what file will be downloaded to the PC. > ""The site serving the fake codecs detects the user agent in a browser in order to distinguish between Mac and Windows PCs before delivering the appropriate malware,"" any web server can read the type of OS that the clients have... i do have access to web servers (i'm not a web designer), and we can see a lot about our clients: OS OS version browser name and version screen resolution color resolution system language .... etc... what this server did was dispatch the proper software for the visitor OS.
Guest ArameFarpado Posted September 23, 2008 Posted September 23, 2008 Re: Viruses Em Terça, 23 de Setembro de 2008 01:38, David H. Lipman escreveu: > From: "ArameFarpado" <a-farpado.spam@netcabo.pt> > > I forgot to mention... > > The RBN (before Atrivo was exposed) had begun to target MAC computers with > the same kind of Fake Codecs that were so prevalent in the distribution of > the ZLob trojans for Win32. why do you keep talking about win32? 64bit windows is vulnerable to malware too. i lost count of how many 64bit vista(s) i've seen infected...
Guest David H. Lipman Posted September 23, 2008 Posted September 23, 2008 Re: Viruses From: "ArameFarpado" <a-farpado.spam@netcabo.pt> | Em Terça, 23 de Setembro de 2008 01:31, David H. Lipman escreveu: >> The fact remains. >> I posted... "as malware affects every OS." >> And you replied... "Not true." >> What I posted were well known bits of malware and they affected the OS. >> That's a fact. | or tryed to... >> So I repeat emphatically... "malware affects every OS." >> With the disclaimer... >> "The only thing is some operating systems are targeted more than others". >> BTW: The Slapper had spread pretty well and caused financial loses. | slapper atacked the apache web server and only it, not the OS... | anyway, a patch was applied and that worm will never work again. | an antivirus wasn't needed. >> Since you mention Symbian... >> http://www.f-secure.com/weblog/archives/00001368.html | symbian have the same weekness regarding filename extentions... is easy to | fool a system that uses filename extentions >> Oh you also mention the MAC OS. OS/X had the OSX/Leap-A | i don't know much about Macs. tell me, does OSX/Leap-A still works in newer | MacOS systems? OSX/Leap-A affects Macintosh OS X 10.4 and was bad enough for MITRE to give it the Common Malware Enumerator (CME) value of CME-4. I believe MAC OS X is at 10.5 now and is slated for 10.6 in '09. Getting back to the Slapper, if anti virus was installed and was up to date, its dessmination would have been greatly dimminshed. But this is NOT about installing anti virus software as you seem to want to keep moving to. It is and was about the sheer fact that every OS is targeted for malware. It doesn't matter if it attacks the OS or a software installed on the OS. If there is a exploit it will be targeted. If there is montary gain as in in the Fake Codec/ZLob Trojan the platform will be a target. It doesn't have to be just a software vulnerability/exploit vector it can be Social Engineering which is the most effective way to get past security software. -- Dave http://www.claymania.com/removal-trojan-adware.html Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp
Guest David H. Lipman Posted September 23, 2008 Posted September 23, 2008 Re: Viruses From: "ArameFarpado" <a-farpado.spam@netcabo.pt> | Em Terça, 23 de Setembro de 2008 01:38, David H. Lipman escreveu: >> From: "ArameFarpado" <a-farpado.spam@netcabo.pt> >> I forgot to mention... >> The RBN (before Atrivo was exposed) had begun to target MAC computers with >> the same kind of Fake Codecs that were so prevalent in the distribution of >> the ZLob trojans for Win32. | http://www.theregister.co.uk/2008/03/12/mac_security_site_malware_infestation/ >> And I personnaly have seen the code that decides what OS you are using and >> what file will be downloaded to the PC. | ""The site serving the fake codecs detects the user agent in a browser in | order to distinguish between Mac and Windows PCs before delivering the | appropriate malware,"" | any web server can read the type of OS that the clients have... | i do have access to web servers (i'm not a web designer), and we can see a | lot about our clients: | OS | OS version | browser name and version | screen resolution | color resolution | system language | ... etc... | what this server did was dispatch the proper software for the visitor OS. Right, and through Social Engineering the MAC was trageted for non-viral malware. -- Dave http://www.claymania.com/removal-trojan-adware.html Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp
Guest David H. Lipman Posted September 23, 2008 Posted September 23, 2008 Re: Viruses From: "ArameFarpado" <a-farpado.spam@netcabo.pt> | Em Terça, 23 de Setembro de 2008 01:38, David H. Lipman escreveu: >> From: "ArameFarpado" <a-farpado.spam@netcabo.pt> >> I forgot to mention... >> The RBN (before Atrivo was exposed) had begun to target MAC computers with >> the same kind of Fake Codecs that were so prevalent in the distribution of >> the ZLob trojans for Win32. | why do you keep talking about win32? | 64bit windows is vulnerable to malware too. | i lost count of how many 64bit vista(s) i've seen infected... Ha, ha... You said it not me :-) The fact is there are a perponderance of Win32 coded malware and some Win64 coded malware but, Win64 is a traget and that's the point. I think I have made my case. Every OS is a target of malware. It all depends on the infection vector, the authors intent, the payload and the author's desires. Yesterday is was bragging rights. Today it is monetary gain. -- Dave http://www.claymania.com/removal-trojan-adware.html Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp
Guest Unknown Posted September 23, 2008 Posted September 23, 2008 Re: Viruses After all that, you now agree it is OK to post malware posts in this newsgroup? "David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote in message news:%23Fo2KzRHJHA.1160@TK2MSFTNGP05.phx.gbl... > From: "ArameFarpado" <a-farpado.spam@netcabo.pt> > > | Em Terça, 23 de Setembro de 2008 01:38, David H. Lipman escreveu: > >>> From: "ArameFarpado" <a-farpado.spam@netcabo.pt> > >>> I forgot to mention... > >>> The RBN (before Atrivo was exposed) had begun to target MAC computers >>> with >>> the same kind of Fake Codecs that were so prevalent in the distribution >>> of >>> the ZLob trojans for Win32. > > | why do you keep talking about win32? > | 64bit windows is vulnerable to malware too. > > | i lost count of how many 64bit vista(s) i've seen infected... > > > Ha, ha... > > You said it not me :-) > > The fact is there are a perponderance of Win32 coded malware and some > Win64 coded malware > but, Win64 is a traget and that's the point. > > I think I have made my case. Every OS is a target of malware. It all > depends on the > infection vector, the authors intent, the payload and the author's > desires. Yesterday is > was bragging rights. Today it is monetary gain. > > -- > Dave > http://www.claymania.com/removal-trojan-adware.html > Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp > >
Guest David H. Lipman Posted September 23, 2008 Posted September 23, 2008 Re: Viruses From: "Unknown" <unknown@unknown.kom> | After all that, you now agree it is OK to post malware posts in this | newsgroup? No! -- Dave http://www.claymania.com/removal-trojan-adware.html Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp
Guest Unknown Posted September 24, 2008 Posted September 24, 2008 Re: Viruses If you see any then, simply ignore them. "David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote in message news:uZEwsxbHJHA.4232@TK2MSFTNGP03.phx.gbl... > From: "Unknown" <unknown@unknown.kom> > > | After all that, you now agree it is OK to post malware posts in this > | newsgroup? > > No! > > -- > Dave > http://www.claymania.com/removal-trojan-adware.html > Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp > >
Guest David H. Lipman Posted September 24, 2008 Posted September 24, 2008 Re: Viruses From: "Unknown" <unknown@unknown.kom> | If you see any then, simply ignore them. Again... No ! -- Dave http://www.claymania.com/removal-trojan-adware.html Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp
Guest Unknown Posted September 25, 2008 Posted September 25, 2008 Re: Viruses You must agree that you're a puzzle. First you respond to posts concerning malware and then you in effect tell the poster to post elsewhere. Are you getting up in age? "David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote in message news:ezIsY1oHJHA.1308@TK2MSFTNGP02.phx.gbl... > From: "Unknown" <unknown@unknown.kom> > > | If you see any then, simply ignore them. > > Again... > > No ! > > -- > Dave > http://www.claymania.com/removal-trojan-adware.html > Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp > >
Guest David H. Lipman Posted September 25, 2008 Posted September 25, 2008 Re: Viruses From: "Unknown" <unknown@unknown.kom> | You must agree that you're a puzzle. First you respond to posts concerning | malware and then you in effect tell | the poster to post elsewhere. Are you getting up in age? LOL I someone posts a malware related query I'll reply if possible. If I can guide them to post in a more targeted subject matter related news group I will. This includes scripting, MS Office products, etc. You'll note that I helped Patty first and then I staed... "In the future, please post malware related problems in a virus related news group such as; microsoft.public.security.virus" EOD -- Dave http://www.claymania.com/removal-trojan-adware.html Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp
Recommended Posts