Security Basics
Bad Antivirus Jan 29 2013 03:30PM
sec melis gmail com (3 replies)
Re: Bad Antivirus Jan 30 2013 03:50PM
Michael Peppard (mpeppard impole com) (2 replies)
Running AV via SSH? (Was: Re: Bad Antivirus) Feb 02 2013 08:21PM
Alois Mahdal (alois mahdal 1-ndmail zxcvb cz) (1 replies)
Re: Running AV via SSH? (Was: Re: Bad Antivirus) Feb 04 2013 02:13PM
Michael Peppard (mpeppard impole com) (3 replies)
Re: Running AV via SSH? (Was: Re: Bad Antivirus) Feb 09 2013 12:41AM
Alois Mahdal (alois mahdal 1-ndmail zxcvb cz) (1 replies)
Re: Running AV via SSH? (Was: Re: Bad Antivirus) Feb 09 2013 10:07PM
Terrence O'Connor (terrence oconnor gmail com) (1 replies)
Re: Running AV via SSH? (Was: Re: Bad Antivirus) Feb 11 2013 08:08PM
Michael Peppard (mpeppard impole com) (1 replies)
Re: Running AV via SSH? (Was: Re: Bad Antivirus) Feb 13 2013 04:31PM
Tracy Reed (treed ultraviolet org) (1 replies)
Re: Running AV via SSH? (Was: Re: Bad Antivirus) Feb 14 2013 02:26PM
Michael Peppard (mpeppard impole com) (1 replies)
Re: Running AV via SSH? (Was: Re: Bad Antivirus) Feb 16 2013 11:59PM
Tracy Reed (treed ultraviolet org) (1 replies)
Re: Running AV via SSH? (Was: Re: Bad Antivirus) Feb 18 2013 08:59PM
Michael Peppard (mpeppard impole com) (1 replies)
Re: Running AV via SSH? (Was: Re: Bad Antivirus) Feb 18 2013 10:06PM
Jeffrey Walton (noloader gmail com)
Re: Running AV via SSH? (Was: Re: Bad Antivirus) Feb 04 2013 05:38PM
!s3grim (persephane gmx eu)
Re: Running AV via SSH? (Was: Re: Bad Antivirus) Feb 04 2013 02:40PM
Rob (synja synfulvisions com)
Re: Bad Antivirus Feb 01 2013 12:09PM
sec milis (sec melis gmail com)
Re: Bad Antivirus Jan 30 2013 07:27AM
Andre Silaghi (andre silaghi googlemail com)
Re: Bad Antivirus Jan 30 2013 06:08AM
iamherevivek gmail com (2 replies)
Re: Bad Antivirus Jan 30 2013 07:24AM
Adam Pal (carpathin wolf gmx net)
Hi,

might be off-topic but:
it is the meaning of a mailing list to discuss things in here, i am realy upset when i read in a list or a forum things like "PM for more details" or "send you the answer via PM", i mean are we here to share knowledge or to keep it secret?!

BR
Adam Pal

-------- Original-Nachricht --------
> Datum: Wed, 30 Jan 2013 06:08:07 +0000
> Von: iamherevivek (at) gmail (dot) com [email concealed]
> An: drmarkabaiter (at) gmail (dot) com [email concealed], security-basics (at) securityfocus (dot) com [email concealed]
> Betreff: Re: Bad Antivirus

> Hello,
>
> You can compare the actual (safe) exe with the infected ones with
> something like windiff.
>
> I would recommend removing the infected exe, if u have a backup, and put
> the infected in a sandbox and run tests.
>
> If I was in ur situation, I would track each action performed by the
> infected exe by tracking network activity, processes called and so on.
>
> Please PM me, if you need any personalized guidance.
>
> Deadbrain.
> I though I would change the world, but they wouldn't give me the source
> code.
> So I ended up hacking it!
> Sent from BlackBerry® on Airtel
>
> -----Original Message-----
> From: sec.melis (at) gmail (dot) com [email concealed]
> Sender: listbounce (at) securityfocus (dot) com [email concealed]
> Date: Tue, 29 Jan 2013 15:30:55
> To: <security-basics (at) securityfocus (dot) com [email concealed]>
> Reply-To: drmarkabaiter (at) gmail (dot) com [email concealed]
> Subject: Bad Antivirus
>
> Dear folks,
>
> I have 3 W2K3 servers, each are running same software binary exe files.
> One month ago, they infected with some rootkits and viruses which later on I
> know from antivirus detection this malware called sality, ipz, etc.
> After installing a new antivirus and revealed the malware, some of my
> software seems not running as expected. At the moment, I suspect that the
> malware still there because the AV may not capable to clean them all. I tried
> using 3 or 4 most popular AV, but all were claimed the servers are clean
> while my software couldn't run smoothly. In fact, some of exe files has been
> changed in size while I am not sure whether this changed made by viruses or
> 'bad' AV I just installed.
> If I try to proof that my exe files has been changed by this 'bad' AV,
> does anyone know how to proof this things ? By reversing this exe files, is it
> possible to get which part of the files has changed ?
>
> Thank's
>
> Ibha ID
> Sent from my BlackBerry® smartphone from Sinyal Bagus XL, Nyambung
> Teruuusss...!
>
> --
>
> ---
> You received this message because you are subscribed to the Google Groups
> "securityfocus2" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to securityfocus2+unsubscribe (at) googlegroups (dot) com. [email concealed]
> For more options, visit https://groups.google.com/groups/opt_out.
>
>

------------------------------------------------------------------------

Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442
f727d1
------------------------------------------------------------------------

[ reply ]
Re: Bad Antivirus Jan 30 2013 07:10AM
Melissa Augustine (missy augustine gmail com)


 

Privacy Statement
Copyright 2010, SecurityFocus