On our network...

IWETHEY v. 0.3.0 | TODO

1,095 registered users | 0 active users | 0 LpH | Statistics
Login | Create New User

Welcome to IWETHEY!

Post #198,826

by Steven A S

3/15/05 4:18:20 PM

On our network...

all computers have had their administrator account name changed, administrator accounts have been locked down with strong passwords, and full administrative rights have been disabled on normal users (work group managers and LAN administrators have full rights still of course).

But still we find this kind of adware on computers where the user has browsed the wrong places and clicked the wrong ads. To make things worse, some of these can only be removed by logging into that administrator account even though the user couldn't have been signed into that account.

Tell me that's anywhere near as secure as a Unix box.

~~~)-Steven----

"I want you to remember that no bastard ever won a war by dying for his country.
He won it by making the other poor dumb bastard die for his country..."

General George S. Patton

Undetectable VX2!!!!!! - (Andrew Grygus) - (39) - March 13, 2005, 12:25:13 PM EST

Maybe because it isn't the traditional one? - (folkert) - (3) - March 13, 2005, 05:07:21 PM EST

This one was real VX2 . . - (Andrew Grygus) - (2) - March 13, 2005, 05:32:16 PM EST

Is there even room to fit one more nail? ;-) -NT - (n3jja) - (1) - March 13, 2005, 05:33:05 PM EST

Depends on how many infections a given machine has. -NT - (ben_tilly) - March 13, 2005, 05:58:44 PM EST

Re: Undetectable VX2!!!!!! - (andread) - (3) - March 14, 2005, 09:39:16 AM EST

Of course. -NT - (Andrew Grygus) - (2) - March 14, 2005, 11:52:52 AM EST

Yeap, just like that. - (folkert) - (1) - March 14, 2005, 02:26:02 PM EST

My root post for this thread did refer to . . - (Andrew Grygus) - March 14, 2005, 03:30:07 PM EST

Assuming that I am a complete dolt, - (Arkadiy) - (29) - March 14, 2005, 04:29:37 PM EST

Rootkit worms for windows abound - (jake123) - March 14, 2005, 05:09:26 PM EST

Well, just for starters . . - (Andrew Grygus) - (8) - March 14, 2005, 05:18:45 PM EST

Apart from the first point - (Arkadiy) - (7) - March 14, 2005, 05:31:55 PM EST

Let's see, point #3 - (jake123) - (5) - March 14, 2005, 06:13:07 PM EST

Sounds like the OS/2 WPS (ducks, runs) -NT - (altmann) - (2) - March 14, 2005, 06:32:48 PM EST

Nah, Office has users. - (pwhysall) - March 14, 2005, 06:33:17 PM EST

:) - (jake123) - March 15, 2005, 01:45:00 PM EST

Sounds like Gnome - (Arkadiy) - (1) - March 14, 2005, 07:35:05 PM EST

No, another disagreement here. - (folkert) - March 14, 2005, 09:48:51 PM EST

On our network... - (Steven A S) - March 15, 2005, 04:18:20 PM EST

Win32 message service - (inthane-chan) - (18) - March 14, 2005, 05:23:59 PM EST

If you're not an admin, you don't have - (Arkadiy) - (17) - March 14, 2005, 05:34:23 PM EST

Nope. I have a machine at work. - (folkert) - (16) - March 14, 2005, 06:48:52 PM EST

I don't know :( - (Arkadiy) - (13) - March 14, 2005, 07:41:31 PM EST

I don't agree with your assessment. - (folkert) - (12) - March 14, 2005, 09:29:10 PM EST

That I don't understand - (Arkadiy) - (11) - March 15, 2005, 11:10:03 AM EST

That's where messaging comes in. - (inthane-chan) - March 15, 2005, 01:09:32 PM EST

Not like Windows... - (folkert) - (6) - March 15, 2005, 04:41:09 PM EST

It was quite helpful - (Arkadiy) - (5) - March 15, 2005, 05:05:47 PM EST

It isn't documneted the way you'd think. - (folkert) - (4) - March 15, 2005, 09:34:49 PM EST

Well, the only things that grant access to file system - (Arkadiy) - (3) - March 16, 2005, 09:52:25 AM EST

Then how do you explain the fact that it happens? - (folkert) - (2) - March 16, 2005, 11:35:43 AM EST

I have no explanation that I am sure of. - (Arkadiy) - (1) - March 16, 2005, 11:36:22 AM EST

Thank you. (new thread) - (folkert) - March 16, 2005, 11:43:24 AM EST

Re: That I don't understand - (andread) - (2) - March 16, 2005, 09:51:34 AM EST

Are they members of other groups? - (Arkadiy) - (1) - March 16, 2005, 09:53:35 AM EST

Domain Users -NT - (andread) - March 16, 2005, 03:35:33 PM EST

There is a way. - (static) - (1) - March 14, 2005, 08:54:09 PM EST

It's LocalSystem - (Arkadiy) - March 15, 2005, 11:26:57 AM EST

VX2 on 2 servers - (andread) - March 31, 2005, 12:31:50 PM EST

iwethey.org

Closed-captioned for the hearing impaired.
189 ms