RE: [SLUG] Sony-BM Rootkit:

• Next message: Levi Bard: "[SLUG] Re: capturing a Real Audio stream"
• Previous message: Richard Smoot: "Re: [SLUG] Fedora, OpenSuSE, & Mandrake."
• In reply to: jeff: "Re: [SLUG] Sony-BM Rootkit:"
• Next in thread: Mavrick: "Re: [SLUG] Sony-BM Rootkit:"
• Reply: Mavrick: "Re: [SLUG] Sony-BM Rootkit:"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

>> True, but if a Mac is rooted, wouldn't it blindly obey remote commands
the same as a rooted Windows pc? Or am I missing something here?

_IF_ the Mac was rooted, then yes, it would obey remote commands, much like
a Windows box.

But in this case, the company that wrote the Windows root kit is not the
same one that wrote the OS X root kit. I suspect the 'holes' will be
different, and a virus that works on one, won't work on the other.

It would be possible to write two different viruses that could obey the same
command set, thus causing both Win and OS X machines to obey the same
master. An example would be a program that launched a "syn flood attack" by
waiting for a target IP address to appear on a web site.

Ken Elliott

=====================
-----Original Message-----
From: slug@nks.net [mailto:slug@nks.net] On Behalf Of jeff
Sent: Sunday, November 13, 2005 3:49 PM
To: slug@nks.net
Subject: Re: [SLUG] Sony-BM Rootkit:

On Sunday 13 November 2005 03:29 pm, Ken Elliott wrote:
> >>Short answer is yes. There is already a virus in the wild...
>
> For Windows, yes. For BSD, no.
>
> The scenario described was on a BSD (OS X) system, and its my
> understanding that no virus exists...yet....
>

True, but if a Mac is rooted, wouldn't it blindly obey remote commands the
same as a rooted Windows pc? Or am I missing something here?

Jeff
-----------------------------------------------------------------------
This list is provided as an unmoderated internet service by Networked
Knowledge Systems (NKS). Views and opinions expressed in messages posted
are those of the author and do not necessarily reflect the official policy
or position of NKS or any of its employees.

-----------------------------------------------------------------------
This list is provided as an unmoderated internet service by Networked
Knowledge Systems (NKS). Views and opinions expressed in messages
posted are those of the author and do not necessarily reflect the
official policy or position of NKS or any of its employees.

• Next message: Levi Bard: "[SLUG] Re: capturing a Real Audio stream"
• Previous message: Richard Smoot: "Re: [SLUG] Fedora, OpenSuSE, & Mandrake."
• In reply to: jeff: "Re: [SLUG] Sony-BM Rootkit:"
• Next in thread: Mavrick: "Re: [SLUG] Sony-BM Rootkit:"
• Reply: Mavrick: "Re: [SLUG] Sony-BM Rootkit:"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 20:02:49 EDT