How Do Hackers get past AV?

It is paranoia, even if it's also smart.

The average user on a corporate network isn't worrying about what antivirus or security applications are on the machine - I don't believe you understand people well if you think this is the case. Most competent computer users don't want to understand things as in depth as the hobbyists on these forums, let alone the average person who has no interest in computers other than a means to an end.

Ultimately, exploits and trojans shouldn't be able to do any harm on a corporate machine if set up properly. Memos to staff can make appreciable changes to behaviour, but when viewed as a system all it takes is one person to make a mistake. In a company with hundreds or thousands of people, something's going to go wrong unless the PCs have been setup securely (without affecting productivity).

 

I have to disagree again, who do you think the malware authors are copying now? That's right Stuxnet & Flame. Once the cat is out of the bag so to speak it's going to be a free for all. Copycats will come and go but one thing is for sure it's now a different world since Stuxnet and Flame were discovered.

Also faking a Microsoft certificate is not easy, how are normal system admins going to protect against the payload coming in through windows update? There is not much you can do in that case until Microsoft patches it or 2-3 years down the track when the bug gets fixed. So I don't think people are stupid, sure un-educated but who isn't about something in this world. We all have our specialties and strengths and weaknesses. It just so happens there are some very very very smart people writing malware these days not that people are stupid.

 

Exactly, any 15 year old script kiddy could have done the same thing Gary did without much difficulty. Its the "Illusion" of "Will Get In Trouble" that kept people off those systems for so long, they could not figure out how to manage them and thus hoped people would not try for fear of getting caught. Only way a company like NASA could be secure is to have all of its computers route through a VPN into (1) main outgoing server which has a lot of security and security personal on hand monitoring 24/7. The failure is that more then one central computer had outgoing internet connections.

Myself, given the job to secure NASA would LAN all computers through a VPN to one central hub server and block any other internet access. Only through the one server would anyone be able to get access. It would be encrypted at all ends and on the physical hard drives. I would also issue all users individual keys so i know who gets access to what and when they did while also having a central lock so all connections on all nets can be severed while investigating any possible breaches.

Just need a bunch of guys with Aspergers syndrome in a central room monitoring this set-up and not even god himself could get in without one of them noticing, we are like our own little logical machines of order.

You really think a standard hacker would make something as complex as flame or stux for a home user? Do you realize how complex they are.... Its like asking a normal American Football player to play and win in the NFL with no help. Faking certificates is easy, that is why a lot of malware these days are doing it.

 

@CubonesCastle,there is always someone who is smarter than the next person so it all comes down to this.whether the person staging the attack is smarter than you or not.if he is then no matter what security/update/patch/.....you use you will get hacked.there is no such thing as absolute security just like there is no one with absolute intelligence.

 

Being smart is not part of it. You only let port (77777)-(Example) be open and block all others and only people with the key to get in can get in checked by a second public key and verified by a human. This is an extreme statement but computers can be almost impossible to hack with the correct approach from someone who knows what they are doing.

 

there is a big difference between "almost impossible" & "impossible" & this is where the smart part comes into play.you can make your system as secure as you can think but if there is someone more intelligent/smarter than you in area of computers your security will fail.after all there is always someone who can think beyond what you can think.

 

What your saying is that there is a perpetual never ending chain of people smarter then other people that can never be the smartest. What kind of stupid logic is this. You can't have a perpetual ladder that never ends.

 

it does end.some call it god others call it nirvana/eternal consciousness/....

on a more serious note do you really believe that Einstein was the epitome of human intelligence & there never was never will a human more intelligent than him.if no then do you consider yourself or believe someone you know to be that person in the area of computer security.if no then unless you can prove existence of such a person accept that the ladder is infinite.after all infinity is a real concept in mathematics for a reason.

 

So. And anyway, the ladder that never ends is the real story of the pc security.

 

I see where this is going and don't want to get into an argument about Quantum Physics or Religion, even if its very easy to do so. Goodbye thread.

 

Through a browser or email client, for example. If a firewall would block those You'd have a hard time accessing the internet !

 

Disclaimer: not an expert in any way.

Corporations often use an intrusion detection system rather than a regular firewall.

Even then, an IDS can be bypassed.

The best hackers can get into almost any system.

100 % security does not exist.