and here are some answers [was: Quarantine your infected users spreading malware]

• Previous message (by thread): and here are some answers [was: Quarantine your infected users spreading malware]
• Next message (by thread): and here are some answers [was: Quarantine your infected users spreading malware]
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Simon Waters wrote:
> I've seen 95% quoted - certainly my experience if you go looking for malware 
> in recent Windows desktop machines using IE and Outlook it is pretty much a 
> certainty you'll find it. Most of these tools I was using didn't detect the 
> Sony Rootkit, or other malware, so this will always be an underestimate of 
> the true extent of the problem, unless one uses fingerprinting and packet 
> inspection as the tools of choice for malware detection.
> 
> This is very much a Windows only problem, it doesn't affect desktop users of 
> other systems at all, possibly in part because they lack critical mass, but 
> also because they have more sensible security models. Largely it is an 
> Outlook and IE problem.
> 

Hi Simon, this is indeed a Windows problem due to Microsoft being a 
mono-culture in our desktop world. Still, there are botnets constructed 
from other OS's as well. Also, C&C servers are mostly *nix machines.

	Gadi.


-- 
http://blogs.securiteam.com/

"Out of the box is where I live".
	-- Cara "Starbuck" Thrace, Battlestar Galactica.

• Previous message (by thread): and here are some answers [was: Quarantine your infected users spreading malware]
• Next message (by thread): and here are some answers [was: Quarantine your infected users spreading malware]
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]