Results 1 to 8 of 8

Thread: discovering source

  1. #1
    Senior Member
    Join Date
    Nov 2001
    Posts
    157

    Question discovering source

    2 Questions:
    1) How does one go about back tracking a virus outbreak to it's source?

    2) AV detects and cleans a "trapdoor.pif" and "netspy"....how does one go about determining how it got onto the machine?
    =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-==-=
    Noah built the ark BEFORE it rained.


    http://ld.net/?rn
    =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-==-=

  2. #2
    What kind of virus are you referring to? You can get a virus all kinds of ways. If you mean one of the common e-mail worms that are going around you track it to the person that sent it to you(e-mail host) then to the person that sent it to them ...and so on and so on until you get to the last e-mail host on the list..you then track it to the account that sent it to the last host(by IP)
    If you are referring to a boot sector virus or something of that nature...it has to be physically loaded(there are exceptions as you will see in the following posts I'm sure) either by a program you downloaded or a disk you booted from. The best way is to report the virus to the proper authorities....hehe they will track it down if its a new one and is deemed a sufficent threat.

  3. #3
    Senior Member
    Join Date
    Oct 2001
    Posts
    872

    Lightbulb Sniffer

    I'm not to good with AntiViral Kits...but I suppose the people at [Norton; McAfee] the labs infect their own set up PC with the virus. And they run a 'sniffer' of some sort to track it's movements. When they see what it can do and what it does. They just make a patch for their product to scan for a 'signiture' of the virus.

    And for tracking it down to it's source...you've bogged me.
    ...This Space For Rent.

    -[WebCarnage]

  4. #4
    Junior Member
    Join Date
    Dec 2001
    Posts
    6
    ************************************************'
    * Warning: This is speculation
    *************************************************
    I have heard that some virus's are actually developed by the anit-virus companies and Universities. Not for malicious purpose of course, rather the study of virus writing. Ocassionally these projects get released into the wild. As for tracking down a virus to it's source, I am sure that the FBI knows, and there has to be some person or company that has expertise and has probably witten a paper on it.
    unNamed-Player

  5. #5
    Junior Member
    Join Date
    Nov 2001
    Posts
    2
    Antihaxor definitely has the right idea. Insofaras checking to see which file brought in the virus, most AV programs have a quarantine option. Use this, then determine which one of the programs came to your computer through an outside source. It's not really that hard. Your local FBI division can be quite helpful in bringing the original culprit to justice. It looks good for them, too.

  6. #6

    Talking When the Whole Net Is Out To Get You, Paranoid Is Good Thinking!

    My Brethren!

    Trust no one: especially where there is money involved.

    Being a conspiracy theorist from way, way back, I have this ever insatiable, nagging feeling that all of the anti-virus companies and The New World Order are somehow up to their collective asses in keeping the consumer needing to buy unending anti-virus patches, upgrades, and pattern files!!

  7. #7
    Senior Member
    Join Date
    Nov 2001
    Posts
    4,785
    Once again the question is not, are you paranoid, but are you paranoid enough?
    Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”

  8. #8
    Now, RFC Compliant! Noia's Avatar
    Join Date
    Jan 2002
    Posts
    1,210

    Exclamation Oregin of Viral codes

    Viruses are usualy writen by children who simply get a kick oout of it, how ever, these rarely infect more that 300 systems.
    A dedicated coder would use PGP internal Encryption (which is practicaly imposible to decode)
    and use a Command-wrapper to make shure it wouldent get traced.

    One fatal mistake of almost every coder is tht the virus lingers after haveing deliverd the
    Pay-load/War-head, this makes it possible to obtain the source and produce an "anti-code" if you will
    With all the subtlety of an artillery barrage / Follow blindly, for the true path is sketchy at best. .:Bring OS X to x86!:.
    Og ingen kan minnast dei linne drag i dronningas andlet den fagre dag Då landet her kvilte i heilag fred og alle hadde kjærleik å elske med.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •