Reply to thread

Message

Re: Unable change firewall settings

"Chappy" <Chappy@discussions.microsoft.com> wrote in message
news:F0DB430D-0F4E-41DD-9B31-E3EDCCC14998@microsoft.com...
>
> Mr Arnold
>
> I'm a HijackThis teacher and an Independent Malware tester for new &
> unknown
> varients.
> I was awarded a Lifetime membership to Virus Bulletin for my work. In case
> you don't know what Virus Bulletin is...well, if you don't know then that
> says it all about your security knowledge.
>
Ooo we, I am happy for you.

> I have personally tested and written solutions for over 1000 Windows
> Security Vulnerabilities. I currently have over 750 Trojans and Virus in
> my
> testbed machine that I've fully decompiled and written signature files
> for...what's your security experience? Running an AV scan weekly?
> I also was a Beta tester for Eset with their Eset Security suite (Firewall
> mostly), and Comodo V3 Firewall for 64bit.

I am happy for you.
>
> Before you go shooting your wad again, maybe you should stop & think that
> there are True security experts out there.

I don't think you're one off them, and if you must show your wares, then I
think I could beat you if I choose to do so.

And I am a programmer, and I have been doing it since 1980, and I came to
the MS platform in 1996. Everything you're talking about, I could probably
beat it. All it takes is the user with the happy fingers that will point and
click on everything under Sun, which is not that hard to do.

http://www.foxnews.com/story/0,2933,274314,00.html

Detection software using signature files must know about the signature that
it must detect. If the signature is unknown, then the signature file is
useless on zero day exploits. And on top of that, a serious malware threat
is going to hide itself and most likely have itself hosted by a legitimate
process running on the machine such as SVChost.exe or DLLhost.exe.

I had a poster come into the FW and Security NG talking about the small
company she was consulting at had an exploit running on the MS O/S Small
Business server that was affecting IIS that circumvented all that stuff
you're talking about, which even the experts were indicating to toss at it,
and she tossed the kitchen sink at it and could find nothing. I gave her
the proper tools and showed her how to find the exploit when even the
security experts in the NG couldn't do it, which was because of my
programming expertise that I could help her.

It was due to the knowledge I passed on how to find it, and the ability to
use the proper tools and go look.

<http://www.windowsecurity.com/articles/Hidden_Backdoors_Trojan_Horses_and_Rootkit_Tools_in_a_Windows_Environment.html>

But if I had known what I do now, I would just told her to flatten the
drive. If the O/S can be fooled then anything that runs with the O/S like
detection software that you're harping about can be fooled to with exploits
still left undetected on the machine.

http://technet.microsoft.com/en-us/library/cc512587.aspx

I use Eset, and if you have anything to do with Eset, then I might be
kicking Eset to the curb and finding something else.

<blockquote data-quote="Mr. Arnold" data-source="post: 465007">Re: Unable change firewall settings&quot;Chappy&quot; &lt;Chappy@discussions.microsoft.com&gt; wrote in message news:F0DB430D-0F4E-41DD-9B31-E3EDCCC14998@microsoft.com...&gt;&gt; Mr Arnold&gt;&gt; I&#039;m a HijackThis teacher and an Independent Malware tester for new &amp; &gt; unknown&gt; varients.&gt; I was awarded a Lifetime membership to Virus Bulletin for my work. In case&gt; you don&#039;t know what Virus Bulletin is...well, if you don&#039;t know then that&gt; says it all about your security knowledge.&gt;Ooo we, I am happy for you.&gt; I have personally tested and written solutions for over 1000 Windows&gt; Security Vulnerabilities. I currently have over 750 Trojans and Virus in &gt; my&gt; testbed machine that I&#039;ve fully decompiled and written signature files&gt; for...what&#039;s your security experience? Running an AV scan weekly?&gt; I also was a Beta tester for Eset with their Eset Security suite (Firewall&gt; mostly), and Comodo V3 Firewall for 64bit.I am happy for you.&gt;&gt; Before you go shooting your wad again, maybe you should stop &amp; think that&gt; there are True security experts out there.I don&#039;t think you&#039;re one off them,&nbsp; and if you must show your wares, then I think&nbsp; I could beat you if I choose to do so.And I am a programmer,&nbsp; and I have been doing it since 1980,&nbsp; and I came to the MS platform in 1996. Everything you&#039;re talking about, I could probably beat it. All it takes is the user with the happy fingers that will point and click on everything under Sun, which is not that hard to do.<a href="http://www.foxnews.com/story/0,2933,274314,00.html" target="_blank">http://www.foxnews.com/story/0,2933,274314,00.html</a>Detection software using signature files must know about the signature that it must detect.&nbsp; If the signature is unknown, then the signature file is useless on zero day exploits. And on top of that, a serious malware threat is going to hide itself and most likely have&nbsp; itself hosted by a legitimate process running on the machine such as SVChost.exe or DLLhost.exe.I had a poster come into the FW and Security NG talking about the small company she was consulting at had an exploit running on the MS O/S Small Business server that was affecting IIS that circumvented all that stuff you&#039;re talking about, which even the experts were indicating to toss at it, and she tossed the kitchen sink at it and could find nothing.&nbsp; I gave her the proper tools and showed her how to find the exploit when even the security experts in the NG couldn&#039;t do it, which was because of my programming expertise that I could help her.It was due to the knowledge I passed on how to find it, and the ability to use the proper tools and go look.&lt;http://www.windowsecurity.com/articles/Hidden_Backdoors_Trojan_Horses_and_Rootkit_Tools_in_a_Windows_Environment.html&gt;But if I had known what I do now, I would just told her to flatten the drive. If the O/S can be fooled then anything that runs with the O/S like detection software that you&#039;re harping about can be fooled to with exploits still left undetected on the machine.<a href="http://technet.microsoft.com/en-us/library/cc512587.aspx" target="_blank">http://technet.microsoft.com/en-us/library/cc512587.aspx</a>I use Eset, and if you have anything to do with Eset, then I might be kicking Eset to the curb and finding something else.</blockquote>

[QUOTE="Mr. Arnold, post: 465007"] Re: Unable change firewall settings "Chappy" <Chappy@discussions.microsoft.com> wrote in message news:F0DB430D-0F4E-41DD-9B31-E3EDCCC14998@microsoft.com...[color=blue] > > Mr Arnold > > I'm a HijackThis teacher and an Independent Malware tester for new & > unknown > varients. > I was awarded a Lifetime membership to Virus Bulletin for my work. In case > you don't know what Virus Bulletin is...well, if you don't know then that > says it all about your security knowledge. >[/color] Ooo we, I am happy for you. [color=blue] > I have personally tested and written solutions for over 1000 Windows > Security Vulnerabilities. I currently have over 750 Trojans and Virus in > my > testbed machine that I've fully decompiled and written signature files > for...what's your security experience? Running an AV scan weekly? > I also was a Beta tester for Eset with their Eset Security suite (Firewall > mostly), and Comodo V3 Firewall for 64bit.[/color] I am happy for you.[color=blue] > > Before you go shooting your wad again, maybe you should stop & think that > there are True security experts out there.[/color] I don't think you're one off them, and if you must show your wares, then I think I could beat you if I choose to do so. And I am a programmer, and I have been doing it since 1980, and I came to the MS platform in 1996. Everything you're talking about, I could probably beat it. All it takes is the user with the happy fingers that will point and click on everything under Sun, which is not that hard to do. [url]http://www.foxnews.com/story/0,2933,274314,00.html[/url] Detection software using signature files must know about the signature that it must detect. If the signature is unknown, then the signature file is useless on zero day exploits. And on top of that, a serious malware threat is going to hide itself and most likely have itself hosted by a legitimate process running on the machine such as SVChost.exe or DLLhost.exe. I had a poster come into the FW and Security NG talking about the small company she was consulting at had an exploit running on the MS O/S Small Business server that was affecting IIS that circumvented all that stuff you're talking about, which even the experts were indicating to toss at it, and she tossed the kitchen sink at it and could find nothing. I gave her the proper tools and showed her how to find the exploit when even the security experts in the NG couldn't do it, which was because of my programming expertise that I could help her. It was due to the knowledge I passed on how to find it, and the ability to use the proper tools and go look. <http://www.windowsecurity.com/articles/Hidden_Backdoors_Trojan_Horses_and_Rootkit_Tools_in_a_Windows_Environment.html> But if I had known what I do now, I would just told her to flatten the drive. If the O/S can be fooled then anything that runs with the O/S like detection software that you're harping about can be fooled to with exploits still left undetected on the machine. [url]http://technet.microsoft.com/en-us/library/cc512587.aspx[/url] I use Eset, and if you have anything to do with Eset, then I might be kicking Eset to the curb and finding something else. [/QUOTE]

Verification

This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
By continuing to use this site, you are consenting to our use of cookies.

Accept Learn more…

Back

Top