CIPAV Detection
Results 1 to 10 of 10

Thread: CIPAV Detection

  1. #1
    Junior Member
    Join Date
    Jan 2009
    Posts
    4

    CIPAV Detection

    I am interested in possible techniques for detecting CIPAV. I believe that my system may have been infected with this tool. Is there any method to detect and possibly isolate it?

  2. #2
    AOs Resident Troll
    Join Date
    Nov 2003
    Posts
    3,152
    Why do you think that???

    anyhoo...to be absolutely sure to rid of any system compromise

    backup your data and format reinstall your OS

    MLF
    How people treat you is their karma- how you react is yours-Wayne Dyer

  3. #3
    Junior Member
    Join Date
    Jan 2009
    Posts
    4
    I am interested in detecting it.

    Why do I think I have it? I just got my system back from the evidence warehouse.

  4. #4
    AOs Resident Troll
    Join Date
    Nov 2003
    Posts
    3,152
    You just got your system back from where???

    I still suggest a format and reinstall.....cause if you will never know what has been placed on your machine...

    MLF
    How people treat you is their karma- how you react is yours-Wayne Dyer

  5. #5
    Junior Member
    Join Date
    Jan 2009
    Posts
    4
    My system was sitting in a federal evidence repository for quite some time and I just got it back. I plan on doing a clean install but before I do so I am slightly curious about analyzing this program if it is present. I figure so little is known about it that it wouldn't hurt to poke around.

  6. #6
    AOs Resident Troll
    Join Date
    Nov 2003
    Posts
    3,152
    A simple google search will give you info...

    http://en.wikipedia.org/wiki/Compute...dress_Verifier

    MLF
    How people treat you is their karma- how you react is yours-Wayne Dyer

  7. #7
    Super Moderator: GMT Zone nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,191
    C'mon pal............

    You don't get away with that crap here............. what do you think we are? a bloody confessional in a Roman Catholic Church?

    Why was your computer impounded? (if it ever was)

    Are you some sort of nonce, kiddie fiddler, drug dealer, terrorist, paedo?

    You are high on the radar son.............. believe it!

    Just blow the bloody thing up and steal another...............like a proper criminal would.

    Or fill out one of those FBI expense forms and go buy one?

    Nice try agent whoever, but we are NOT that sort of site and we DO NOT appreciate the insult to our collective intelligences.

    At this point the "keyboard fascist" flips the safety off the red button.
    If you cannot do someone any good: don't do them any harm....
    As long as you did this to one of these, the least of my little ones............you did it unto Me.
    What profiteth a man if he gains the entire World at the expense of his immortal soul?

  8. #8
    Junior Member
    Join Date
    Jan 2009
    Posts
    4
    I can understand your skepticism. It was wrongly seized in connection with a major event in the United States. I've already filled out one of those expense forms for my front door being breached... (I can submit viable proof if interested)

    I was just curious about the method in beginning to find it. Is it illegal to poke around my own system?

  9. #9
    Banned
    Join Date
    Aug 2001
    Location
    Yes
    Posts
    4,429
    If it would be possible for people like you to detect it, I'm sure they would have upgraded to more sophisticated stuff by now...

  10. #10
    Super Moderator: GMT Zone nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,191
    wmaximus

    Please think about this carefully, as this time I am not taking the piss

    You won't be able to detect it, or it would be no damn good? just as Negative has already implied.

    If it was just software hidden somewhere on your hard drive then you could get rid of it easily.

    OK, get Darik's Boot & Nuke and overwrite the whole drive then reinstall your operating system and software.

    Better still, get a new hard drive and install your software on that. Wipe the old one and lose it in some deep water.

    My expectation is that it actually resides somewhere in your firmware, where you cannot access it without considerable knowledge and the right tools.

    Is it illegal to poke around my own system?
    From what I have seen of American law, nothing would surprise me.

    If you are at all worried, just dump the thing on e-bay and buy a new one.

    EDIT:

    You might find this interesting:

    http://www.infiltrated.net/cipav.pimp

    However, as I have said elsewhere:

    I don't know what it is or how it works, but if I were developing something like that I would want it to hide in firmware, rather than the hard drive.

    I would also need the collusion of the ISP (not difficult I would imagine?) so that I could disguise the "phoning home" as normal traffic that would be allowed through the firewall and not seem particularly unusual?
    Last edited by nihil; January 31st, 2009 at 11:21 AM.
    If you cannot do someone any good: don't do them any harm....
    As long as you did this to one of these, the least of my little ones............you did it unto Me.
    What profiteth a man if he gains the entire World at the expense of his immortal soul?

Similar Threads

  1. Nmap 4.0
    By Irongeek in forum Security News
    Replies: 9
    Last Post: January 31st, 2006, 09:24 PM
  2. A look into IDS/Snort Whole thing by QoD
    By qod in forum The Security Tutorials Forum
    Replies: 6
    Last Post: February 27th, 2004, 02:03 AM
  3. A look into IDS/Snort part 1 of 3
    By qod in forum The Security Tutorials Forum
    Replies: 18
    Last Post: January 5th, 2004, 01:30 PM
  4. Error Detection Techniques(Parity Bit)
    By w0lverine in forum Other Tutorials Forum
    Replies: 2
    Last Post: December 19th, 2003, 07:58 PM
  5. Introduction to IDS
    By micael in forum IDS & Scanner Discussions
    Replies: 3
    Last Post: February 23rd, 2002, 09:05 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides