mutterc - Slashdot User

Comment Re:Does rtkhunter... (Score 1) 219

by mutterc on Friday August 24, 2007 @04:11PM (#20347643) Attached to: Forensics On a Cracked Linux Server

There's an interesting third approach, used by Sysinternals's (now part of MS) RootkitRevealer for Windows.

Basically, enumerate all the files on the system using the usual OS APIs. Then, scan the entire raw disk, and enumerate all the files on the system by manually interpreting the directory structures stored on-disk. Any files whose directory entries exist on-disk, but don't show up in the OS's API (with a few standard system exceptions) are being hidden from the OS API layer by a rootkit.

It's certainly theoretically possible to fool, by having your rootkit hook the APIs used to read the raw disk, and returning innocuous values, but that's a good bit harder to do than the other stuff rootkits usually do. Some rootkits fooled it by not hiding their files if the process trying to look them up was named RootkitRevealer.exe, so the tool took to making a randomly-named copy of itself and executing that.

Submission + - Will Vista Run Your Games: The Final Word

Submitted by Sexy Commando on Tuesday February 06, 2007 @08:35PM

Sexy Commando writes: extremetech.com has an article on testing the compatibility of games on Windows Vista. They tested varieties of Steam-based games and OpenGL-base games like Doom3, and even some games that involves anti-cheating programs like PunkBuster and the dreaded copy-protection software, StarForce. Most games runs smoothly except some video driver hiccups. Notable quotes: 'Prey worked fine in a window, with the Aero glass effects still going on, Flip3D still worked, etc. So much for all those conspiracy theories about Vista somehow killing off OpenGL.' 'So let's break it down: Has Vista got game? The basic answer is that yes, Vista is a pretty great OS for gamers. Great, but not perfect.'

Submission + - Gift Guide for your Nerdy Valentine

Submitted by

TonyB

on Tuesday February 06, 2007 @08:13PM

TonyB writes: "about a guide for purchasing "Nerdy" gifts for your "Nerdy" valentine... Sapphire runs down ThinkGeek, JinX, and more for various gift ideas for valentines day. If you haven't got him/her something already — you might want to take a peak, or setup the pullout."

Submission + - Verizons Math

Submitted by Anonymous Coward on Tuesday February 06, 2007 @07:39PM

An anonymous reader writes: Verizon charged the customer $0.002 after quoting 0.002 cents . This is a hilarious account of verizons response and its excellent customer service. Ofcourse the checkthe customer sent.

Submission + - Salami Slicing comes of Age

Submitted by

Shimes

on Tuesday February 06, 2007 @07:39PM

Shimes writes: "A UK Bank has come of age and we finally have a salami slice system worthy of geeks everywhere (or at least in the good ol' UK).

Lloyds TSB are proposing a new saving's account where every transaction is rounded upto the next pound, and the resultant pennies are dropped into a savings account — and its all legal. Richard Pryor eat your heart our!"

Submission + - US RoHS

Submitted by

Renee Micheals

on Tuesday February 06, 2007 @07:17PM

Renee Micheals writes: "In "U.S. RoHS: To be or not to be?" the case is made for a U.S. version of the EU's Restriction on Hazardous Substances directive. A version here would be very controversial, as it would force all US electronics makers and anyone who ships electronics to teh US to change the way they make electronics. See: http://www.edn.com/blog/570000257/post/120006812.h tml"

Submission + - WinHlp32.exe still deprocated

Submitted by wombatmobile on Tuesday February 06, 2007 @06:47PM

wombatmobile writes: Windows Vista doesn't allow existing programs to display their help files.

Microsoft said they would provide a download fix "in time for the consumer release of Windows Vista", but they haven't!

http://support.microsoft.com/kb/917607

How can consumers use existing programs on the new Vista if their help files don't work?

How can software publishers help their customers if Microsoft prohibits them from distributing the old help system and provides no alternative?

Journal Journal: RIAA to Pay Debbie Foster's Attorneys Fees

Journal by NewYorkCountryLawyer on Tuesday February 06, 2007 @06:38PM

In an Oklahoma case, Capitol Records v. Debbie Foster, the Court has granted the defendant's motion for attorneys fees to be imposed against the RIAA, holding that Ms. Foster is to receive her "reasonable attorney's fees". Judge Lee R. West, in his

Submission + - Hard Drive Loss

Submitted by CommiNazi on Tuesday January 30, 2007 @06:32PM

CommiNazi writes: I've run into a little bit of a curiosity. Mostly concerning the loss of hard drive space on a newly formatted internal hard-drive. On a brand new 200 GB SATA hard drive once formatted shows 188 GB's. This is to be expected. However, my secondary HD of the same make and model once formatted shows as 192 GB's. A third hard drive completely different brand, a 250GB SATA shows up 233 GB's. All are NTFS So my question is; Is there any rhyme or reason to the amount of loss on these drives? I fully understand that a hard drive never has full use of the available space because of the file system, however, why the discrepancies?

Submission + - Net Neutrality Act Once Again on the Agenda

Submitted by

blue234

on Tuesday January 30, 2007 @05:27PM

blue234 writes: "On January 9th, Republican Senator Olympia Snowe and Democrat Byron Dorgan reintroduced the Internet Freedom Preservation act to the Senate. Better known as the Net Neutrality Act, the bill was killed by the Senate last year in a vote split down party lines (Democrats yea, Republicans nay), with the exception of Senator Snowe. With the Democrats having a slight majority in the Senate, the bill certainly has a better chance this time around, but it still needs 60 votes to prevent a Republican filibuster. url: http://www.abcarticledirectory.com/Article/Net-Neu trality-Act-Once-Again-on-the-Agenda/31886"

Submission + - Barbara Boxer Wants Opinions on Global Warming

Submitted by

fistfullast33l

on Tuesday January 30, 2007 @05:25PM

fistfullast33l writes: "Barbara Boxer(D-CA) wants to know how you would legislate environmental issues in the 110th Congress. She has posted a survey asking you to rank 9 items that Congress can do to limit the effects of Global Warming. The Congresswoman is currently Chair of Environment and Public Works Committee in the United States Senate and plans to put your input to good use."

Submission + - Vista Monoculture In Our Future?

Submitted by

anorlunda

on Tuesday January 30, 2007 @04:00PM

anorlunda writes: "This is pure speculation. I notice that experts seem to be increasingly concerned with zombie PCs on the web and all the damage that they can do. There will come a day when an injured party sues the zombie's host ISP claiming negligence. A natural reaction to that could be for the ISPs to insist that their PC customers use the most hacker resistant, yet ubiquitous OS around — namely Vista.

I can hear the screams of anger now from millions of users who don't want to switch. On the other hand, few or none of them would stop using the net or even switch ISPs. Most would probably grumble, then switch to Vista. Hardware and third party software vendors and congressmen would back the ISPs because it would trigger the biggest mass upgrade since Y2K and create a surge of thousands of jobs.

The security debate to be acted out before congressional committees would be entertaining. We would pit the antimonoculturalists on one side versus the ban-those-Win95-skeletons proponents on the other side. It would also make the perfect opportunity to advocate the mobile browser plus net apps as the non-PC alternative architecture.

Could a major ISP successfully refuse Mac and Linux customers? I see no legal impediment. They can argue security and simplfied support as their motives. Once again, most aggrieved Mac and Linux customers would scream, but they would rather switch than go back to dial-up. Therefore, relatively few customers would actually defect.

I hate bringing up such an ugly speculation. I can see the flames coming my way now. But, the simplicity and rationality of a Vista-only future from the point of view of the ISPs and others seems too powerful to ignore. Perhaps the question should be, what would stop it from happening?"

Submission + - Top Predictions of our Techno-Utopian Future

Submitted by

HeroicLife

on Monday January 29, 2007 @06:52PM

HeroicLife writes: "Killer (medicine-eating) robots, nuclear apocalypse, nano goo, mass starvation, class warfare or climate hell — is this our future? Or can we look forward to a technological utopia that fulfills our every whim but bores us to death? Here's an unusually positive outlook that answers the most common doomsday scenarios and offers some things to look forward to. "The sum of all these innovations will gradually change the way we define ourselves. Our consciousness becomes the central processing unit of a complex system, with external storage and sensor facilities spread across the world and to other people. As human-computer interfaces improve, our sense of self will evolve to include our digital memories as well as those of others...""

Submission + - Communicating with companies like Verizon?

Submitted by

chaoskitty

on Monday January 29, 2007 @06:07PM

chaoskitty writes: "Ok — so you run a mail server or 10, and you've gotten all of the bugs ironed out. You are confident that your email delivery and reception are working perfectly — after all, you pass hundreds of thousands of legitimate email a day. Then, one of your users contacts you telling you that mail from your server is not getting delivered. You ask for a copy of the error report so you can see what's going on, and you see something like this:

(reason: 550 You are not allowed to send mail:sv25.verizon.net)

So you look in the mail logs, and it's clear that the problem is on Verizon's end:

... Jan 29 12:12:25 bigtime sm-mta[17704]: l0TJwls8005690: to=, ctladdr= (10001/10000), delay=00:13:38, xdelay=00:00:01, mailer=esmtp, pri=213168, relay=relay.verizon.net. [206.46.232.11], dsn=4.0.0, stat=Deferred: 450 Requested mail action not taken-Try later:sv18pub.verizon.net
Jan 29 12:22:41 bigtime sm-mta[6426]: l0TJwls8005690: to=, ctladdr= (10001/10000), delay=00:23:54, xdelay=00:00:12, mailer=esmtp, pri=303168, relay=relay.verizon.net. [206.46.232.11], dsn=5.0.0, stat=Service unavailable Jan 29 12:22:41 bigtime sm-mta[6426]: l0TJwls8005690: l0TKMRb4006426: DSN: Service unavailable

So you decide to contact Verizon. But email to postmaster@verizon.net and support@verizon.net aren't answered. You try to call the numbers in the WHOIS, and you get shuffled to Verizon Support, who obviously won't help you because you don't have a Verizon account regardless of how patiently you try to explain that the problem is on their end.

You look up 550 errors and Verizon in Google, and you see that LOTS of other people are having the same problems. But nobody knows why Verizon is randomly rejecting email. It's not even consistent, as your user corresponds with the same Verizon accounts all the time.

What do you do now? Is there a way to get a company like Verizon to respond to seemingly ongoing mail server problems on their end? How do you get someone at Yahoo to read the email you send them to tell them that they're registering and hosting phishing sites and phishing-collecting email addresses?

What do YOU do when that huge company offers no way to communicate? Is it time to start advising people to AVOID email accounts from large providers?"

Submission + - Should Apple license their OS to Dell?

Submitted by

feranick

on Monday January 29, 2007 @05:08PM

feranick writes: "The Inquirer is running an editorial suggesting Apple to license OSX. It's not the first time this topic is brought up. However the Inquirer is picking Dell as the perfect candidate as the licensee. From the article:

"Why Dell? Dell is one of the few companies that could actually make the marriage work. They make quality hardware, know how to squeeze every last penny out of manufacturing, and wouldn’t/shouldn’t break a sweat supporting Mac OS. If anything, Mac OS should actually CUT their support costs because they won't get so many odd-ball calls about Windows XP/Vista issues.
Apple could position the move as "Dell is so cool, we had to do a deal with them." Underlying that is "Let's face facts, with the exception of a pretty case, and a couple of hardware features, we're an Intel box all the same." (I know I'm going to get foaming rabid Mac owners that say the bits under the hood of their machines are especially selected by Zen Master Craftsmen and assembled by virgins in a far off land with blessed incense burning on a 24x7 basis, but it just ain't so).
What has Apple got to lose? Zero.
What does Apple have to gain? More market share, shaking/breaking the monopoly of Microsoft on the desktop for "The Rest of Us" (Enough with the Linux already, too many steps to make it work for The Rest of Us)".

What do you (honestly) think?"

Slashdot Top Deals