-
July 25th, 2004, 11:32 PM
#1
Questions about the new bagle varient...
Reading about the new bagle varient in the the article here:
http://www.enterpriseitplanet.com/se...le.php/3385611
I was left with a few questions. It states that it attempts to shutdown your AV and your firewall applications. Which leads to my question and that is if the virus can shutdown the firewall applications, can it also shut down firewalls built into routers??
-
July 26th, 2004, 12:09 AM
#2
Uber Duck,
I am not an expert in this field but I believe that attacking a router (a hardware device) is far more complex than just looking for the known running processes of AV and firewall software, and shutting them down.
AFAIK, routers can be compromised, but it is pretty rare.
just my thoughts
-
July 26th, 2004, 12:16 AM
#3
This variant goes after desktop/server client based AV solutions, not appliance/HW firewalls or AV scanners.
--TH13
Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden
-
July 26th, 2004, 12:35 AM
#4
most virus/worms that do this incluse a kill command to terminate processes. they loop threw a list of av process names using that command. the only way this could affect a hardware f/w or router is if it somehow got into its os and if the box supported the method.
Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”
-
July 26th, 2004, 12:57 AM
#5
Thanks for the replies!
How can a virus get into the OS of a HW firewall/router? Can you even reach the OS of it? Or is it just ran from some HW chip that you can't configure? I know you can configure routers but that's from a GUI in windows...
-
July 26th, 2004, 01:44 AM
#6
exactly my point!
even if it were written as a flash up-date to the routers os it would still require someone to execute it on the inside and know the user name and password for the router. as long as you keep your router updated i dont think there's much to worry about (now watch a 0day come out for routers)
Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”
-
July 26th, 2004, 04:05 AM
#7
And it doesn't touch anything that does remote IDS or remote AV scanning...
We the willing, led by the unknowing, have been doing the impossible for the ungrateful. We have done so much with so little for so long that we are now qualified to do just about anything with almost nothing.
-
July 26th, 2004, 03:05 PM
#8
Ok, now I understand . Thanks for the help!
-
July 26th, 2004, 10:26 PM
#9
Banned
There is lots of variants of bagle.
plain
wheat
multi-grain
pizza
with lox
jalepeno
sesame seed
sour dough
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|