Welcome, Guest. Please login or register.
Forums
« previous next »
Pages: [1]   Go Down

Author Topic: IE7  (Read 9014 times)

Description:

0 Members and 1 Guest are viewing this topic.

Offline koaftder

  • Hero Member
  • *****
  • Join Date: Apr 2004
  • Posts: 2116
    • Show all replies
    • http://koft.net
Re: IE7
« on: January 20, 2006, 09:46:07 PM »
You would have to be crazy to install that binary. I'm not saying that blobrana has evil intentions, but who knows what the intentions are of the guy who put up that file. Every site on the planet works with the current up to date released version of IE from MS. If you like, ive got a binary right here, just for you, cmon, run it.  :lol:  
Logged
 

Offline koaftder

  • Hero Member
  • *****
  • Join Date: Apr 2004
  • Posts: 2116
    • Show all replies
    • http://koft.net
Re: IE7
« Reply #1 on: January 20, 2006, 11:02:30 PM »
Quote

blobrana wrote:
Hum,
yeah i am wary of any binary,
But this one was virus scanned and internet traffic watched.


Virus scanners mean nothing, as they usually only flag things on definition. Change around the code on a trojan a little, and they miss it. Most checks are based on checksums or md5.

If one wanted to transmit some data to another host on the net, you would think the virus suite you are running would check this? Sure, if it opens it own socket for the io. But what if it used the html rendering library via com to send the data? Trick a trusted process to send your data, and you slip by the av software.

So you are watching the traffic, and with what? Ethereal, tcpdump? So what, if i were to write something malicious, i would make it communicate very rarely, maybe only onece a week, maybe more, maybe less. Did you check to see which registry keys it was accessing? Did you check to see what files it was playing with? Are you anal enough about what processes are running to notice? Do you know what all of the running processes you have are?

You cant watch your system 100% of the time with 100% detial. 80% of security problems could be solved with just an ounce of education.
Logged
 

Offline koaftder

  • Hero Member
  • *****
  • Join Date: Apr 2004
  • Posts: 2116
    • Show all replies
    • http://koft.net
Re: IE7
« Reply #2 on: January 20, 2006, 11:12:44 PM »
Quote

Vincent wrote:
@koaftder

I don't think you realise who you are talking to here ;-)


All i know is it's somebody with 4000 posts and they run windows. That and he's trying to convince people to run an unknown binary from a questionable source.

Logged
 

Offline koaftder

  • Hero Member
  • *****
  • Join Date: Apr 2004
  • Posts: 2116
    • Show all replies
    • http://koft.net
Re: IE7
« Reply #3 on: January 20, 2006, 11:25:25 PM »
Quote

blobrana wrote:
@koaftder
Hum,
Well it`s not a 100%

But i guess that is the risk with anything you install, even from MS.

you could always block it totally with a firewall just to test - afterall it is a beta anyway.

The real thing is just a few months away.


A firewall is just another thin layer of security. A firewall knows nothing about the state of things on your machine. All it knows is blah packet is coming from blah address and wants to goto blah machine at blah address at blah port. It then looks at it's rule set and either drops the packet on the floor or sends it on its merry way.

Any trojan worth anything sends it's data out to where ever over 80 looking like ie. How are you supposed to filter that on your network hardware?
Logged
 
Pages: [1]   Go Up
« previous next »