Not interested. Linux is (as I understand it) pretty resistant to userspace memory exploits at this point, and I don't feel like recompiling my...
Other: GNU nano. I know, I know. Cue the "OMG nano is for lusers" posts. Thing is, once you actually learn the keybindings it's pretty awesome....
Disclaimer: I don't do malware analysis as anything more than a very occasional hobby! Okay. What I know of malware analysis is, there are two...
Disclaimer: I'm not a malware expert. Take my advice at your own own risk. But that said... I would not rely on Sandboxie for experimenting with...
"We're only here to make a profit, but we don't need oversight! Really!"
By default there is no remote access on any decent desktop distro, unless it is specifically enabled and configured.
I wish people would stop assuming that "vulnerable to malware" automatically implies "needs third-party antivirus software."
And I disagree. :) The best way to stop rootkits (IMO) is to prevent the exploits that allow them to install, or at least limit the scope of those...
@FOXP2 - ROFL, and thanks I guess. I don't know anything about CastleCops. Yeah, you want to watch out for that; it's the sort of thing that can...
Something very very interesting looking that I stumbled across: http://wiki.erights.org/wiki/CapDesk Basically a desktop shell that allows its...
@Rasheed187, I didn't see Pro messing with DLLs; but being a HIPS it would probably block attempts to inject some strange DLL into the browser....
The 2015 date is for RTM, and everyone's using SP1 by now.
Hefty, really? Twenty million or so is a slap on the wrist. They'll just keep doing it, and be a little more careful next time. In any case I...
And I'm sure the NSA doesn't know of any implementation bugs in old PRNGs and crypto libraries... Right. They're dumping billions of dollars a...
Yes, that's normal. D-bus is an IPC system, that allows concurrently running processes to communicate in some extremely abstract fashion. It's...
@FOXP2: I used GMER to look at what system calls were being hooked, what DLLs were being injected into things, etc. The pro version hooks common...
Okay, halfway there but I have to ask: does anyone know a reliable way to create a GRUB2 based live CD, without using buggy, barely-supported...
No, my conclusion is "don't try to gimmick up a sandbox using a mechanism not designed for such." :)
Bah, turns out that preventing fork() does not prevent exec* from working just fine... There's your answer. :(
Oh, laptop... I was thinking desktop. Pretty weird stuff in any case. Good luck finding answers (and when/if you get any, I'll be interested in...
Wait, while powered off? Do you mean just turned off, or when not getting any power whatsoever? Hmm. https://help.ubuntu.com/community/WakeOnLan...
Turns out Linux has a prlimit() library call that sets rlimits on a running process. So I cobbled up a C program to set NPROC and NOFILE limits on...
That is pretty weird, and sounds convincingly like a firmware rootkit ought to behave. Due to the specificity to the hardware I kind of doubt it...
The default Corgi setup wouldn't mount anything by default, until the "Mount Devices" menu entry was clicked. The menu entry and the script it...
OMG. The colors hurt my eyes.
Separate names with a comma.
