Comments on: Rootkit May Be Culprit in Recent Windows Crashes http://krebsonsecurity.com/2010/02/rootkit-may-be-culprit-in-recent-windows-crashes/ In-depth security news and investigation Wed, 23 May 2012 04:43:41 +0000 hourly 1 http://wordpress.org/?v=3.3.2 By: Jim http://krebsonsecurity.com/2010/02/rootkit-may-be-culprit-in-recent-windows-crashes/comment-page-2/#comment-12523 Jim Tue, 16 Nov 2010 02:18:08 +0000 http://www.krebsonsecurity.com/?p=1061#comment-12523 It's good to know that rootkits are harder to detect. It’s good to know that rootkits are harder to detect.

Like or Dislike: Thumb up 1 Thumb down 0
]]> By: mrmnemo http://krebsonsecurity.com/2010/02/rootkit-may-be-culprit-in-recent-windows-crashes/comment-page-2/#comment-4423 mrmnemo Wed, 24 Mar 2010 04:47:34 +0000 http://www.krebsonsecurity.com/?p=1061#comment-4423 almost forgot. any install of linux can put denyhosts on it as well....i am sure windows has the same thing but you might have to buy the triple ultimate black box win 7 galactica version to get it. f*ing marketing and repackaging with MS. lol almost forgot. any install of linux can put denyhosts on it as well….i am sure windows has the same thing but you might have to buy the triple ultimate black box win 7 galactica version to get it.

f*ing marketing and repackaging with MS. lol

Like or Dislike: Thumb up 1 Thumb down 0
]]> By: mrmnemo http://krebsonsecurity.com/2010/02/rootkit-may-be-culprit-in-recent-windows-crashes/comment-page-2/#comment-4422 mrmnemo Wed, 24 Mar 2010 04:45:53 +0000 http://www.krebsonsecurity.com/?p=1061#comment-4422 hehe, You know...I dual boot. Win and Linux ( openBSD until i started talking to myself over it). I can say this....linux is secure due to the file permission structure, the firewall can be set up to be a little more inclusive( i said little lol..) using the iptables or netfilter . However, when a linux box does get rooted IT GETS ROOTED. Also, windows is not so much a bad OS, as its just a overly simplfied OS. What I mean is MS tried to remove to much of the configuration from the user. I think what this did was cause MS coders to have to make a compromise. They either made it PnP all the way and didnt get negative press or not make it plug and play and change end user perception from " The internet stopped" to " hey maybe i should check and see if its plugged in". As to linux being a "nich" OS...what rock on what planet have you been living on? I am about to take my LPIC not due to geekieness and self-righteous banter, but cause its real. Many local govs are switching to it. kids in many countries get laptops with it ( for free by the way), A few european auto makers are switching over right now,if you look on distrowatch.com at the hits perday on assorted ditros that should also tell you that its on the rise. However, Linux has been compromised by a worm recently. I dont have the link but you can google it. I personally have always thought that windows gets bugs cause zealots write them sometimes....just kidding. both linux and windows have advantages. a a properly secured linux box is SSECURE to the extent a pc connected to the net can be. a windows box properly set up is just getting lucky until the next round of flaws is found in PnP active x oxml or whatever. also consider the tools made available for "script kiddies". many of the m turn the script kid into a zombie anyways. my foodstamps worth hehe,
You know…I dual boot. Win and Linux ( openBSD until i started talking to myself over it). I can say this….linux is secure due to the file permission structure, the firewall can be set up to be a little more inclusive( i said little lol..) using the iptables or netfilter . However, when a linux box does get rooted IT GETS ROOTED. Also, windows is not so much a bad OS, as its just a overly simplfied OS. What I mean is MS tried to remove to much of the configuration from the user. I think what this did was cause MS coders to have to make a compromise. They either made it PnP all the way and didnt get negative press or not make it plug and play and change end user perception from ” The internet stopped” to ” hey maybe i should check and see if its plugged in”.
As to linux being a “nich” OS…what rock on what planet have you been living on? I am about to take my LPIC not due to geekieness and self-righteous banter, but cause its real. Many local govs are switching to it. kids in many countries get laptops with it ( for free by the way), A few european auto makers are switching over right now,if you look on distrowatch.com at the hits perday on assorted ditros that should also tell you that its on the rise.

However, Linux has been compromised by a worm recently. I dont have the link but you can google it. I personally have always thought that windows gets bugs cause zealots write them sometimes….just kidding. both linux and windows have advantages. a a properly secured linux box is SSECURE to the extent a pc connected to the net can be. a windows box properly set up is just getting lucky until the next round of flaws is found in PnP active x oxml or whatever. also consider the tools made available for “script kiddies”. many of the m turn the script kid into a zombie anyways.
my foodstamps worth

Like or Dislike: Thumb up 0 Thumb down 0
]]> By: Pauper http://krebsonsecurity.com/2010/02/rootkit-may-be-culprit-in-recent-windows-crashes/comment-page-2/#comment-3448 Pauper Tue, 09 Mar 2010 11:28:45 +0000 http://www.krebsonsecurity.com/?p=1061#comment-3448 Say what you will about the different OSs out there, but rootkits are here to stay! Antivirus can't detect them since they boot before the OS does, so the solution lies in a boot CD that can scan for them on a remote (same machine) drive. Since windows machines seem to be the popular target, and without going into discussion as to why, having a database of the system32 files popularly used, as well as CRCs and MD5s of the files would help, especially when comparing live files with their cached versions. Possibly a rip on the sysinternals system which connects directly to the MS website to check file integrity and provide file descriptions? The market is wide open for such a tool - people would pay big bucks for such a headache reliever - does anyone out there have the programming savvy to write it? Say what you will about the different OSs out there, but rootkits are here to stay! Antivirus can’t detect them since they boot before the OS does, so the solution lies in a boot CD that can scan for them on a remote (same machine) drive.

Since windows machines seem to be the popular target, and without going into discussion as to why, having a database of the system32 files popularly used, as well as CRCs and MD5s of the files would help, especially when comparing live files with their cached versions.

Possibly a rip on the sysinternals system which connects directly to the MS website to check file integrity and provide file descriptions?

The market is wide open for such a tool – people would pay big bucks for such a headache reliever – does anyone out there have the programming savvy to write it?

Like or Dislike: Thumb up 1 Thumb down 0
]]> By: Turkey should pause before a mirror http://krebsonsecurity.com/2010/02/rootkit-may-be-culprit-in-recent-windows-crashes/comment-page-2/#comment-3439 Turkey should pause before a mirror Tue, 09 Mar 2010 08:03:40 +0000 http://www.krebsonsecurity.com/?p=1061#comment-3439 [...] Rootkit May Be Culprit in Recent Windows Crashes — Krebs on Security Tags: congressmen, culprit [...] [...] Rootkit May Be Culprit in Recent Windows Crashes — Krebs on Security Tags: congressmen, culprit [...]

Like or Dislike: Thumb up 0 Thumb down 0
]]> By: Microsoft Resorts to Blame Games (Against Exploiters of Microsoft’s Own Flaws and Against Google) | Boycott Novell http://krebsonsecurity.com/2010/02/rootkit-may-be-culprit-in-recent-windows-crashes/comment-page-2/#comment-2503 Microsoft Resorts to Blame Games (Against Exploiters of Microsoft’s Own Flaws and Against Google) | Boycott Novell Mon, 22 Feb 2010 12:32:34 +0000 http://www.krebsonsecurity.com/?p=1061#comment-2503 [...] those machines are already compromised. It means that the discussion has been completely warped [1, 2] and Microsoft’s blame-shifting game has worked effectively (with help from Amarillo). [...] [...] those machines are already compromised. It means that the discussion has been completely warped [1, 2] and Microsoft’s blame-shifting game has worked effectively (with help from Amarillo). [...]

Like or Dislike: Thumb up 0 Thumb down 0
]]> By: AlphaCentauri http://krebsonsecurity.com/2010/02/rootkit-may-be-culprit-in-recent-windows-crashes/comment-page-1/#comment-2410 AlphaCentauri Fri, 19 Feb 2010 13:46:45 +0000 http://www.krebsonsecurity.com/?p=1061#comment-2410 Don't conflate Internet Explorer with the Windows operating system. The people here who have been using Windows without incident probably never use IE. It's an abomination. Some websites require IE, and some of them are sites that business users have no choice but to interact with. MS is under pressure to continue the current insecure default configuration of IE in order to avoid "breaking" those websites. I wish someone at MS would grow a pair and tell those websites that ActiveX will no longer be enabled by default, give them a decent interval to rewrite their websites, then do what they know they need to do to make the default configuration of IE more secure for naive users.

Don’t conflate Internet Explorer with the Windows operating system. The people here who have been using Windows without incident probably never use IE. It’s an abomination.

Some websites require IE, and some of them are sites that business users have no choice but to interact with. MS is under pressure to continue the current insecure default configuration of IE in order to avoid “breaking” those websites. I wish someone at MS would grow a pair and tell those websites that ActiveX will no longer be enabled by default, give them a decent interval to rewrite their websites, then do what they know they need to do to make the default configuration of IE more secure for naive users.

Well-loved. Like or Dislike: Thumb up 5 Thumb down 1
]]> By: pks4» Blog Archive » WinXP reboots caused when patch meets malware http://krebsonsecurity.com/2010/02/rootkit-may-be-culprit-in-recent-windows-crashes/comment-page-2/#comment-2384 pks4» Blog Archive » WinXP reboots caused when patch meets malware Fri, 19 Feb 2010 03:04:03 +0000 http://www.krebsonsecurity.com/?p=1061#comment-2384 [...] writer Brian Krebs reported hearing from a computer tech who had discovered a common factor in all the affected systems he’d seen – the presence of a nasty piece of malware hidden [...] [...] writer Brian Krebs reported hearing from a computer tech who had discovered a common factor in all the affected systems he’d seen – the presence of a nasty piece of malware hidden [...]

Like or Dislike: Thumb up 0 Thumb down 0
]]> By: Microsoft: Got Bluescreen? Check for Rootkits — Krebs on Security http://krebsonsecurity.com/2010/02/rootkit-may-be-culprit-in-recent-windows-crashes/comment-page-1/#comment-2334 Microsoft: Got Bluescreen? Check for Rootkits — Krebs on Security Thu, 18 Feb 2010 19:18:44 +0000 http://www.krebsonsecurity.com/?p=1061#comment-2334 [...] as I noted in a post earlier this week, Alureon is among the Top 10 threats that Microsoft’s various security technologies — including [...] [...] as I noted in a post earlier this week, Alureon is among the Top 10 threats that Microsoft’s various security technologies — including [...]

Like or Dislike: Thumb up 0 Thumb down 0
]]> By: xAdmin http://krebsonsecurity.com/2010/02/rootkit-may-be-culprit-in-recent-windows-crashes/comment-page-1/#comment-2123 xAdmin Wed, 17 Feb 2010 03:25:42 +0000 http://www.krebsonsecurity.com/?p=1061#comment-2123 Granted, *nix OS's are configured more secure out of the box. But, it's not difficult to properly secure a Windows system that equals or surpasses that config using defense in depth techniques. As to these "dangerous" technologies, how is it I've used them since 1995 and haven't been compromised in any way? It's not so much about the technology, but about how you configure and use it! It's about risk management. I really have no qualms with any non-Microsoft OS or whether someone wishes to use them. I just don't agree with the mentality that Windows or various other Microsoft products are inherently insecure or dangerous. So, I don't subscribe to denigrating them and touting alternatives as any real solution to the general public. To do so is just disingenuous. Granted, *nix OS’s are configured more secure out of the box. But, it’s not difficult to properly secure a Windows system that equals or surpasses that config using defense in depth techniques.

As to these “dangerous” technologies, how is it I’ve used them since 1995 and haven’t been compromised in any way? It’s not so much about the technology, but about how you configure and use it! It’s about risk management.

I really have no qualms with any non-Microsoft OS or whether someone wishes to use them. I just don’t agree with the mentality that Windows or various other Microsoft products are inherently insecure or dangerous. So, I don’t subscribe to denigrating them and touting alternatives as any real solution to the general public. To do so is just disingenuous.

Like or Dislike: Thumb up 1 Thumb down 1
]]>