TIP: Click on subject to list as thread!

ANSI

echo:	nthelp
to:	Rich
from:	Geo
date:	2005-09-16 06:18:56
subject:	Re: what to do when malware already has administrative control
From: "Geo" This is a multi-part message in MIME format. ------=_NextPart_000_007D_01C5BA86.849AF920 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable No rich, I don't start with that premise I start with the premise that = you might have some limited way to get at scripting which might make it = possible to change a plain text setting but would be infinitely more = difficult to write a decryption engine in... Geo. "Rich" wrote in message news:432a598e{at}w3.nls.net... You still miss the point as your whole complicated scenario is = pointless. You start with the premise that the computer is already = under the control of the malware. Your attempts to make the scenario = sillier or more complex don't change anything. Pointless encryption = doesn't change anything either. Rich "Geo" wrote in message news:432a29e5{at}w3.nls.net... "Rich" wrote in message news:4329a65e{at}w3.nls.net... >> Encryption when the keys to encrypt and decrypt are available = is not encryption. Call it whatever you like, the fact that you have to get the key, = write a decryption/encryption routine, all mean that it's harder to do and = that it's more likely IDS and AV systems can key in on the exploit code. Or explain to me why NT doesn't store passwords in clear text in the registry? Geo. ------=_NextPart_000_007D_01C5BA86.849AF920 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable No rich, I don't start with that = premise I start=20 with the premise that you might have some limited way to get at = scripting which=20 might make it possible to change a plain text setting but would be = infinitely=20 more difficult to write a decryption engine in... Geo. "Rich" <{at}> wrote in message news:432a598e{at}w3.nls.net... You still miss the point = as your=20 whole complicated scenario is pointless. You start with the = premise that=20 the computer is already under the control of the malware. Your = attempts=20 to make the scenario sillier or more complex don't change = anything. =20 Pointless encryption doesn't change anything either. Rich "Geo" <georger{at}nls.net>=20">mailto:georger{at}nls.net">georger{at}nls.net>=20 wrote in message news:432a29e5{at}w3.nls.net..."R= ich"=20 <{at}> wrote in message news:4329a65e{at}w3.nls.net...= >> =20 Encryption when the keys to encrypt and decrypt are available is=20 notencryption.Call it whatever you like, the fact that = you have=20 to get the key, write adecryption/encryption routine, all mean = that it's=20 harder to do and that it'smore likely IDS and AV systems can key = in on=20 the exploit code.Or explain to me why NT doesn't store = passwords in=20 clear text in=20 theregistry?Geo.= ------=_NextPart_000_007D_01C5BA86.849AF920-- --- BBBS/NT v4.01 Flag-5 * Origin: Barktopia BBS Site http://HarborWebs.com:8081 (1:379/45) SEEN-BY: 633/267 270 5030/786 @PATH: 379/45 1 106/2000 633/267
SOURCE: echomail via fidonet.ozzmosis.com

Email questions or comments to sysop@ipingthereforeiam.com
All parts of this website painstakingly hand-crafted in the U.S.A.!
IPTIA BBS/MUD/Terminal/Game Server List, © 2025 IPTIA Consulting™.