|
Poslao: 23 Sep 2003 09:24
|
offline
- Pridružio: 22 Avg 2003
- Poruke: 787
- Gde živiš: Beograd
|
hehe...NOD32 
Njima se i ovakve stvari desavaju 
A vulnerability has been discovered in NOD32 for the Unix and Linux operating systems. The problem occurs when scanning a directory path of excessive length. When the malicious path is processed sensitive locations in memory may be corrupted.
An attacker could exploit this issue by creating a malicious directory containing a name of excessive length. This issue can be triggered by coaxing a user to scan the location with NOD32. By exploiting this issue to execute code it is possible run arbitrary commands with the privileges of the user running NOD32.
This issue affects NOD32 versions 1.012 and earlier.
E sad, na tom hr sajtu videh da su izbacili verziju 2 koja je valjda to resila
|
|
|
|
|
Registruj se da bi učestvovao u diskusiji. Registrovanim korisnicima se NE prikazuju reklame unutar poruka.
|
|
|
Poslao: 23 Sep 2003 09:36
|
offline
- Pridružio: 22 Avg 2003
- Poruke: 787
- Gde živiš: Beograd
|
A evo jos jedne pikanterije...o ovakvim stvarima nema reci po testovima, a verujem da su jako bitne za zakljucak o pouzdanosti AV softvera
Symantec Norton AntiVirus Device Driver Memory Overwrite Vulnerability
published Aug 02, 2003
It has been reported that a memory corruption vulnerability affects the Symantec Norton AntiVirus Device Driver. According to the report, one of the device control operation handlers attempts to write data to an address offset from a pointer parameter passed to DeviceIoControl(). There is no validation on the parameter supplied or the address written to. This vulnerability can be exploited by unprivileged userland programs to crash the affected host or potentially elevate privileges.
The vendor has reported that a fix for this issue is pending release.
Currently we are not aware of any vendor-supplied patches for this issue
vulnerable Symantec AntiVirus Corporate Edition 8.0 1
Symantec AntiVirus Corporate Edition 8.1
Symantec Norton AntiVirus 2002
- Microsoft Windows 2000 Professional
- Microsoft Windows 2000 Professional SP1
- Microsoft Windows 2000 Professional SP2
- Microsoft Windows 98
- Microsoft Windows ME
- Microsoft Windows NT Workstation 4.0
- Microsoft Windows NT Workstation 4.0 SP1
- Microsoft Windows NT Workstation 4.0 SP2
- Microsoft Windows NT Workstation 4.0 SP3
- Microsoft Windows NT Workstation 4.0 SP4
- Microsoft Windows NT Workstation 4.0 SP5
- Microsoft Windows NT Workstation 4.0 SP6
- Microsoft Windows NT Workstation 4.0 SP6a
- Microsoft Windows XP Home
- Microsoft Windows XP Professional
Symantec Norton Antivirus 2003
- Microsoft Windows 2000 Professional
- Microsoft Windows 2000 Professional SP1
- Microsoft Windows 2000 Professional SP2
- Microsoft Windows 2000 Professional SP3
- Microsoft Windows 98
- Microsoft Windows 98SE
- Microsoft Windows ME
- Microsoft Windows XP Home
- Microsoft Windows XP Home SP1
- Microsoft Windows XP Professional
- Microsoft Windows XP Professional SP1
Dakle...nije sve u brzini - ima nesto i u pouzdanosti
|
|
|
|
|
|
|
Poslao: 23 Sep 2003 11:01
|
offline
- Pridružio: 14 Sep 2003
- Poruke: 124
|
Ma znam ja da je KAV dobar, samo kažem da mi se NOD dopada jer vrši posao i džaba je. Ima vrlo malu bazu podataka, ispod 4000. To znači da mu je heuristika glavna snaga. Nadam se!
Koliko vidim na tvom prodajnom sajtu KAV košta 50 eura.
Ja sam skinuo zadnju verziju i radilo je samo Control Centar, monitor i update. Da li treba ključ za pokretanje svih ostalih funkcija na 30 probnih dana?
Ima li popusta za one koji žive od državne plate?
Može li se dobiti za manje pare neki ključ koji traje samo određeno vreme, recimo 6 meseci (dok ne dođe verzija 5)?
|
|
|
|
|
|
|
Poslao: 23 Sep 2003 15:15
|
offline
- Goran
- Prof.Mr.Dr.Sci. Traumatologije
- Pridružio: 05 Maj 2003
- Poruke: 9977
- Gde živiš: Singidunum
|
To ti je kao da tražiš da voziš Mercedes za džabe uz konstataciju "Ma samo malo da ga vozim, neću ići brzo".  Šalu na stranu i bez uvrede, imaš od KAV-a probni ključ na mesec dana i to je sve, ne postoji socijalna cena.
|
|
|
|
|
|
|
Poslao: 24 Sep 2003 02:31
|
offline
- offman
- Legendarni građanin
- Pridružio: 13 Avg 2003
- Poruke: 3525
|
Nije bas Norton toliko los koliko se to ovde prikazuje(narocito od strane KAV distributera), s obzirom da kada sam zakacio Blaster Worm (jedan medju prvim srecnicima) interesujuci se o virusu, na Kav - ovom sajtu nisam pronasao informacije o ovom virusu i nekoliko dana od objavljivanja patcha na Symantec - ovom sajtu.
|
|
|
|
|
|
|
Poslao: 24 Sep 2003 10:33
|
offline
- Pridružio: 22 Avg 2003
- Poruke: 787
- Gde živiš: Beograd
|
@ offman
Nisi me razumeo...ne kazem da je los Norton, samo kazem da je gori
Inace, Symantec ima mnogo jaci (finansijski) marketing i svuda mozes da vidis njihove reklame. Osim toga, imaju dilove sa dosta proizvodjaca hardvera pa uz razni hardver dobijes Norton za dz i onda ga po inerciji koristis. A ono sto sam u prethodnoj poruci napisao nije moj licni stav prema Nortonu vec konkretan podatak sa nezavisnog sajta - ima rupu koja zasada nije zakrpljena.
Razlog sto sam to postavio je sto ljude cesto zbune razni testovi u kojima je Norton npr. brzi od KAV-a i slicno...a mislim da je za AV softver bitnije da nije busan i koliko je pouzdan, pa je red da i ti podaci budu prikazani kako bi ljudi stekli realniju predstavu o ponudi na trzistu.
Cinjenica je da KL cesto kasnije izbaci opis virusa na sajtu i to sam im vec par puta zamerio...ali takodje je cinjenica da apsolutno nijedan nas korisnik nije zakacio Blaster - bukvalno niko nas nije zvao da ima problema. Znaci, nije bilo potrebe za patch-om, ali se slazem da treba brze da rade na Virus Enciklopediji.
Ipak, dobro je sto vrlo brzo rade na bazama
|
|
|
|
|
|
|
Poslao: 30 Sep 2003 14:35
|
offline
- Pridružio: 22 Apr 2003
- Poruke: 94
- Gde živiš: Kragujevac
|
pcflank.com
Results of Advanced Port Scanner
TCP CONNECT scanning (scanned in 73 seconds)
We have scanned your computer' ports used by the most widespread trojan horses. Here is the description of possible ports' statuses:
"Stealthed" (by a firewall) -Means that your computer is invisible to others on the Internet and protected by a firewall or other similiar software;
"Closed" (non-stealthed) - means that this port is closed, but your computer is visible to others on the Internet that can be potentially dangerous;
"Open" - Means that this port is ready to establish (or has already established) a connection with remote address. It also means that your computer is vulnerable to attacks and could have been already hacked or infected by a trojan/backdoor;
Port: Status Service Description
21 stealthed FTP File Transfer Protocol is used to transfer files between computers
23 stealthed TELNET Telnet is used to remotely create a shell (dos prompt)
80 stealthed HTTP HTTP web services publish web pages
135 stealthed RPC Remote Procedure Call (RPC) is used in client/server applications based on MS Windows operating systems
137 stealthed NETBIOS Name Service NetBios is used to share files through your Network Neighborhood
138 stealthed NETBIOS Datagram Service NetBios is used to share files through your Network Neighborhood
139 stealthed NETBIOS Session Service NetBios is used to share files through your Network Neighborhood
1080 stealthed SOCKS PROXY Socks Proxy is an internet proxy service
1243 stealthed SubSeven SubSeven is one of the most widespread trojans
3128 stealthed Masters Paradise and RingZero Trojan horses
12345 stealthed NetBus NetBus is one of the most widespread trojans
12348 stealthed BioNet BioNet is one of the most widespread trojan
27374 stealthed SubSeven SubSeven is one of the most widespread trojans
31337 stealthed Back Orifice Back Orifice is one of the most widespread trojans
Recommendation:
All the ports we have scanned are Stealthed (by a firewall). So just continue following the fundamental security measures and regularly update your security software.
Ovo su rezultati sa ZonePro 3.0.134 .
Skinuo sam TFAK i on mi pokazuje da sledeci portovi slusaju :
TCP - 135 , 139, 445, 1025, 1027, 1032, 1029, 1182.
Svi skeneri na Netu mi " kazu " da su mi portovi nevidljivi.
Znaci li to da ove koji slusaju blokira ZonePro?
Hvala Zvonku Pulisaku sa virus@neobee.net na pomoci !!!!!
Mod Puky: Ime mi je Zvonko ne Zoran. No frx.
|
|
|
|
|
|
|
Poslao: 12 Okt 2003 02:57
|
offline
- Pridružio: 12 Okt 2003
- Poruke: 205
|
Da li mogu da koristim Zone Alarm Pro 4.0.146.029 with web filtering i Norton Anti virus 2002 sa Norton Internet Security?
A da medjusobno ne izazivaju konflikte?
Vec sam imao par napada pri kojim je samo norton reagovao dajuci mi obavjestenje da je pokusano "ubacivanje" subseven-a i jos jednog trojanca, ali ZoneA. nije reagovao!
Poslije mjesec dana od toga mi se javila poruka pri iskljucivanju "low virtual memory" sto sam ja po savjetu povecao, a mjesec dana kasnije kompjuter nije htio da podigne sistem iz prvog paljenja ,par dana za redom! To je bilo par puta, pa su mi na servisu reinstalirali windows XP u verziju 5.1.2600 service pack1 build 2600, a bila je neka novija.
Sada Hvala Bogu nisam imao problema, ali me interesuje da nisu oni imali udjela u tome??
p.s. Norton nije obavjestavao o nikakvom prisustvu virusa
|
|
|
|
|
|
|
Poslao: 13 Okt 2003 07:44
|
offline
- Puky
- Scottish rebel
- Pridružio: 18 Apr 2003
- Poruke: 5815
- Gde živiš: u Zmajevom gnjezdu
|
@ sasakg
Tru tru. Samo se ne secam te verzije ali mislim da i ona ima opciju da ti mozes solo da biras koje portove ces da zatvoris.
|
|
|
|
|
|
|
Poslao: 22 Okt 2003 14:40
|
offline
- Pridružio: 14 Sep 2003
- Poruke: 124
|
Evo ga članak o Kaspersky anti hackeru.
Možda je bajat, ako ima nova verzija KAH-a.
pctv.rs/software/kaspersky_anti_hacker.htm
|
|
|
|
|
|
