Jump to content

Windows 7

CA2OR

By CA2OR
in Out of Bounds

 Share

Recommended Posts

CA2OR Poseidon

CA2OR

Posted
  • Author
Posted

no offense....but my belief is MAC is a cult and I refuse to join. I am a network administrator and have been in the IT field for most if not all of my professional life and I couldn't imagine a world without PC's....not a world I would want to live in. Again, no offense to all of you MAC users out there....

Link to comment
Share on other sites
JasonH Shark

JasonH

Posted
Posted

I've heard really good things about Windows 7, but I'm ticked that there isn't a reasonable price on the upgrade from Vista. I built a computer and installed Vista only about 18 months ago. I'd like to upgrade to Windows 7, but MS is basically making you buy a brand new version at full price.

 

It is literally cheaper to buy a brand new OEM version and install than to buy the retail upgrade. What a rip-off. Shame on you, Microsoft. Way to jerk around your customers.

Link to comment
Share on other sites
steelhead77 Shark

steelhead77

Posted
Posted
no offense....but my belief is MAC is a cult and I refuse to join. I am a network administrator and have been in the IT field for most if not all of my professional life and I couldn't imagine a world without PC's....not a world I would want to live in. Again' date=' no offense to all of you MAC users out there....[/quote']

 

Eric, how would you like a world where you plug something into your computer and it WORKS!! No drivers, no configuration, no nothing, it just works. Be they printers, modems, monitors, routers, etc. AND Appletalk networking has been around since the beginning. Since 1984, if you want two or more computers talking to each other, it's been so simple a 10 year old could do it. Plus no virus's, no malware, no trojan horses and no bi-weekly security patches. That's the world us Mac users have been living in since 1984.

IMHO the world would be a much better place if we all ran Macs. But I guess that would put a lot of network administrators out of work, since pretty much anybody could do it. :D

Link to comment
Share on other sites
JasonH Shark

JasonH

Posted
Posted

First - I like Apples - they are good computer and great software/OS. Apple's problem is two-fold (from my perspective). First, because they have a loyal following, a specific niche, and a premium product, they are significantly over-priced. More power to them - they can charge a premium, and they do. (although the same liberals the [language filter] companies for being profit hungry line up to buy over-priced Macs (laugh)) But that means more people are less likely to buy their product. Apple isn't stupid - they've done the math and figure that this is their pricing sweet spot.

 

But, an Apple computer will cost you anywhere from 1.5x to 2x what an equivalent PC would cost. You could make the argument that the premium is justified by the stability of the OS and "finish" of the product (both hard and soft), and that's a fair argument. But the fact remains that they are expensive.

 

Second, they are not upgradable. I think Apple is starting to see the light here and some after market parts are beginning to be available. But, if I want to install new RAM, or a new video card (an annual occurrence), or upgrade my motherboard or processor - no dice. Which means instead of spending $500 for a major overhaul, it's another 2 grand for a new machine.

 

Third (okay, I thought of another one) software (mostly gaming) availability.

 

Final thought:

Plus no virus's' date=' no malware, no trojan horses and no bi-weekly security patches.D[/quote']

 

Apple isn't magically immune. Does Apple have good virus protection and firewall system... sure. But, the biggest reason that Apple isn't as plagued with this problem as PC's is simply because most people (and most hackers) own PC's. If you're going to design a virus to steal credit card numbers, you design it on a PC, because 90% of your victims use a PC.

 

Mark my words, Mac users will begin to see more of this issue in the future.

Link to comment
Share on other sites
CA2OR Poseidon

CA2OR

Posted
  • Author
Posted

JasonH, you took the words right out of my mouth.

 

Steelhead, I have been messing with 7 for about 5 hours now....it only took 20 min to install...and I haven't pulled out a driver disk or went online for drivers yet. I did a clean install, running dual Radeon 3870 HD's, all I'm saying is I think Microsoft nailed it this time.

 

I will say right now, I bete tested this and thought it was wonderful, but the actual release is downright fantastic.

Link to comment
Share on other sites
gradth Zoanthid

gradth

Posted
Posted

I have been running the RC for a few months. I find it good and bad. For some weird reason the internet is screwy with it. Sometimes I open a page and it just stalls, I click open a new tab and it works great. Not sure what the deal is.

 

Honestly they finally got Vista working well and had to go and release another product that is more then likely gonna have its issues. I like its operation and its pretty easy for a noob to use, but if your still use to XP(still there best) it will take a bit of getting use to. Honestly it seems to run a bit slower then Vista did, even though its supposed to use less resources. My RC is valid till like june or july, so they have till then to overly impress me.

 

Apple isn't magically immune. Does Apple have good virus protection and firewall system... sure. But, the biggest reason that Apple isn't as plagued with this problem as PC's is simply because most people (and most hackers) own PC's. If you're going to design a virus to steal credit card numbers, you design it on a PC, because 90% of your victims use a PC.

 

Mark my words, Mac users will begin to see more of this issue in the future.

 

Perfect comment. Actually all your post was dead on. Top 3 reasons I will never own a apple product besides my ipod. That and there OS is just bizarre imo.

Link to comment
Share on other sites
steelhead77 Shark

steelhead77

Posted
Posted

Jason,

 

The misperception that macs cost more is not true any longer for the vast majority of users. For $1199, you can get a new imac with a 21.5 inch monitor with a 3.06 dual core processor, 4 gigs/ram and 500meg HD. You can get a top'o the line imac for $1999.00. That's got a 27 inch cinema quality monitor, quad core processor, 4 gigs of ram and a 1Tb HD. Both of these are very competitively priced with a comparable p.c. And all macs come with the most advanced and secure operating system available. FYI, OSX is a unix based OS that has had all of the back doors closed a long time ago.

The comparison between Ferrari's (macs) and Yugo's (p.c.'s) is really no longer applicable. You can now buy a Ferrari for little more than the cost of a Yugo.

As far as them being upgradeable, how many everyday users need (or want) to upgrade their computers. Especially when they come as well equipped as the macs do? Most users want a computer that works. They don't want to mess around with drivers, viruses and all that hassles incumbant with a p.c. Some of those commercials really do hit the nail on the head.

 

Eric,

 

How many times will it take for MS to finally "nail it"? We initially heard the same things about W95 then 98, then NT, then 2k, then XP. (Did I miss any?) Then came Vista. It was touted as the most advanced, stable, secure OS out there.....until people started using it and realized what a p.o.s. it really was. I'd be willing to bet just about anything, that within a month, there will be at least a half dozen security patches and bug fixes needed for W7.

 

Disclaimer: I work for the worlds largest p.c. company, but I wouldn't own one if it was given to me.

Link to comment
Share on other sites
Krux Shark

Krux

Posted
Posted

I bought a mac for photo editing, music, and video when they started using Intel processors. The monitor started flashing yellow one day, and the folks at mac force, and the people at the mac store all quoted me 800 dollars to fix a 1200 dollar computer. Mind you this was 14 months after I bought it. It has been sitting in the closet for the last 2 years looking great and being virus free. Those qualities are greatly benefiting me.

 

Now that it is out we can talk a little more, but I got the RTM from someone with a Microsoft connection about 6 weeks ago, and I have had win7 running on 6 different pc's since that day. Even without official hardware support from vendors for all the systems I use (Lenovo, Dell, HP, as well as the 3 systems I built myself) I have had not a single complaint. It is smaller than Vista with all the features plus additions, and as zippy as XP.

 

Unfortunately due to the constraints that Mac decided to put on their product decades ago, I can't compare it to Snow Leopard, but honestly, I don't need to. There is nothing that anyone can do on a Mac, that I want to do, that can't be done on one of my pcs.

 

FWIW I have not had a virus in at least 5 years.

 

And that's all I have to say about that.

Link to comment
Share on other sites
CA2OR Poseidon

CA2OR

Posted
  • Author
Posted

I too haven't had a virus for at least 3 years and I download torrents like they are going out of style.

 

Steelhead: you missed ME but you have valid points. But as stated, this windows is a bit different from the others. In response to the upgrade comment, I upgrade my machine quite often, as I turn into different games or decide to try different apps I tend to add or upgrade my hardware. I am a gamer so I am constantly upgrading things. And as we all know, the gamers motto is "f" mac. Can't do much in the way of fluid gaming with a mac. And if MAC's OS's are so sick why do they offer to emulate windows? Hmm.....now that is something to think about.

 

Gradth, I used the RC for about 8 months and had similar issues, but they have resolved those issues with the actual release.

 

Used it all day and like Mcdonalds says " I'M LOVIN IT". Once MAC get's more than 6% of the computer users out there to buy or use a MAC we shall see what the virus count goes to. Until then, no one is going to take the time to write a virus for something that only 5% of computer users have, why wouldn't you go after the other 95%?

 

On a professional level, I can tell you right now, out of the 1127 clients I had in So Cal, and the company I work for now.....not a single one has any need for a MAC. In fact, the MAC's have no place in corperate America. PC's are good for businesses needs and gaming needs....MAC's are good for graphic's and audio. Seems there is a bit of a gap there for usefullness.

 

Last note, I do know of a graphic company that typically calls me about once every 2 weeks with issues on their MAC's. If they didn't crash I wouldn't know what they look like when they do....but they do crash. Also, unlike when a PC bites it, a MAC will run you some serious doe to fix....not a simple run down to PC Club and pick up your replacement part or upgrade....no no....you are heading to the MAC store....better cash in those bonds and such to afford fixing your MAC.

 

Every MAC user I know says the same thing, when their machine breaks the only real option is buying a new one becuase that will only run you about 300 or so more than fixing your old one, plus you get newer stuff.

 

Somebody said something about the cost of upgrading to Windows 7. Well you can get Ultimate for $219. Doesn't seem that bad at all. There are lower versions that you can get that are cheaper but I only go for the gold so I tend to buy whatever version is the best which in 7 and Vista was Ultimate, with XP it was Pro....anything else is a waste of money. If you are going to get the newest windows why not get the only that has all the perc's and features?

 

This Windows 7 installed in 20 min flat, get's to log in screen in 13 seconds compared to the 27 seconds I had with Vista Ultimate....get's from log in to full boot (no hour glass) in 7 seconds compared to the 17 I had with Vista.

Link to comment
Share on other sites
CA2OR Poseidon

CA2OR

Posted
  • Author
Posted

did I mention there are a ton of new features and nifty tools...for instance although this isn't huge, it is helpfull to us techie's....7 natively burns ISO's and such. No more nero....also with the new PSR it makes my job so much easier when issues arrise.

Link to comment
Share on other sites
CA2OR Poseidon

CA2OR

Posted
  • Author
Posted

oh...and speaking of Virus's and such...I know that most MAC users don't believe there are viruses out there for you to worry about...but what do you have to say about the Simpsons virus that was rampant in MAC's(whistle)? In all honesty there are about 4000 known viruses, spyware, malaware, trojans, and other security threats that are specific to MAC's:eek:. Not to mention the ever so rising threats that MAC is experiencing with Trojan's like the AppleScript-THT Trojan(scary).

 

This was taken from a MAC security website...which they shouldn't have if they don't have viruses(scratch)

"The source code for the Trojan horse has been distributed, indicating an increased probability of future variants of the Trojan horse viruses to come."

 

I really hate raining on people's parades but, sorry, I think someone is misinformed. I wonder if that is a marketting scheme by MAC?(scratch)

 

Care to dispute? Here is a short segment from the list of "they don't exist" viruses and Trojans known for MAC along with the OS they hit the most.

 

DNSChanger 1.2n

DNSChanger 1.2o

DNSChanger 1.2p

DNSChanger 1.2q

DNSChanger 1.2r

DNSChanger 1.2s

DNSChanger 1.0b

DNSChanger 1.0c

DNSChanger 1.0d

DNSChanger 1.0e

DNSChanger 1.0f

DNSChanger 1.0g

DNSChanger 1.0h

DNSChanger 1.1f

DNSChanger 1.1g

DNSChanger 1.1h

DNSChanger 1.1i

DNSChanger 1.1j

DNSChanger 1.1k

DNSChanger 1.1l

DNSChanger 1.1m

DNSChanger 1.1n

DNSChanger 1.1o

DNSChanger 1.1p

 

here's some more

 

Aobo KeyloggerKeylogger OSX,Aobo Keylogger, ProKeylogger OSX,AppleScript.THTTrojan Horse OSX,BackTrackKeylogger OSX,BlazingTools Perfect KeyloggerKeylogger OSX,CarbonKeysKeylogger OSX,DNSChangerTrojan Horse OSX,DutyWatchKeylogger OSX,eWatchTrojan Horse OSX,EZmalTrojan Horse OSX,HellRaiserTrojan Horse OSX,iMunizatorScareware OSX,Instant Access DialerTrojan Horse OSX,Invisible OasisKeylogger, ClassicKeyBag, Keylogger OSX,Keyboard and Mouse RecorderKeylogger OSX,Keyboard SpyKeylogger OSX,KeyCaptorKeylogger OSX,KeyStrokeKeylogger ClassicKeystroke RecorderKeylogger ClassicKeystrokeRecorder XKeylogger OSX,Last ResortKeylogger, ClassicMac Remote ControlRemote Admin Program OSX,MacLifeInsuranceKeylogger ClassicMonitorerKeylogger ClassicMonitorer XKeylogger OSX,MonitorerX ProKeylogger OSX,OSXvncRemote Admin Program OSX,Peeping TomKeylogger, ClassicPokerStealerTrojan Horse OSX,SpectorKeylogger OSX,Spector Pro 2009Keylogger OSX,SpyTrojan Horse OSX,SpyMeRemote Admin Program OSX,Super SaveKeylogger ClassicTakeDown, SuiteTrojan Horse ClassicTermite(OS9),Trojan Horse ClassicTermite(OSX),Trojan Horse OSX,TextMeleonKeylogger OSX,TextTrapKeylogger ClassicToredTrojan Horse OSX,TypeAgentKeylogger OSX,TypeRecorderKeylogger ClassicTypeRecorder XKeylogger OSX,TypeSaverKeylogger ClassicUnderHand,Trojan Horse OSX,XoverTrojan Horse OSX,

 

This is from Symantec:

Adware.OSX.Cosmac Adware.OSX.Cosmac is a proof-of-concept adware sample for Mac OS X. This malware can be installed without requiring root privileges and can hook into every application so that everytime the user access these applications, Cosmac will launch the Safari web browser.

 

Application.OSX.BackTrack BackTrack is a keylogger program from Modesitt Software. This program stores user activity in an SQLite database file. In addition to being a keylogger, this program also tracks user activity and records such as application name, window name, date and time. It is able to create separate databases for every application and window used. This program is portable and it does not require installation.

 

Application.OSX.EasyCrack Application.OSX.EasyCrack is iAntiVirus detection for EasyCrackwithJohn application. This is a password cracker and the author describes it as a utility to crack a password of a user of another connected Mac.

 

Application.OSX.eWatch Application.OSX.eWatch is a keylogger and also a remote access tool designed to remotely monitor users's computer activity. It can capture screenshots, log all users' keystrokes, enumerate all running processess and monitor internet browsing activities.

 

Application.OSX.KeyboardSpy Keyboard Spy a keylogger from AlphaOmega Software. This keylogger can record all keystrokes and save them to a log file. Keyboard Spy is portable and does not require installation to function.

 

Application.OSX.KeyloggerX KeyloggerX is freeware keylogger program designed to work in OS X. This application usually arrives as KeyloggerX.dmg.sit (768,805 bytes) which contains the KeyloggerX executable, Disclaimer.rtf and Read Me.rtf. The document explains that this application will create log files in the User Preference folder. However, upon execution this program stays in the background and fails to create the said folder and files.

 

Application.OSX.KeyRecorderX KeystrokeRecorder X is a keylogger created by CampSoftware. This keylogger can record users' keystrokes and capture screen shots. It has a stealth feature making it invisible from the dock, invisible in the force quit menu and invisible in process viewer. It can also encrypt the log files, plus send log files and screen shots through email and track active applications.

 

Application.OSX.LogKext Application.OSX.LogKext is a powerful freeware kernel base keylogger in Mac OS X. It has a full stealth capability, where its user can controll its functionality by a command-line client called logKextClient. This keylogger is capable to log every single keystrokes of the user.

 

Application.OSX.MonitorerX Monitorer X is a keylogger created by Burning-Bytes. This keylogger can discreetly record every single keystroke into a log file. It has also an option to capture screen shots, and this feature can be triggered or activated through user specified keywords. So it will capture the current screen everytime the user types in one of the specified keywords.

 

Application.OSX.MonitorerXMan Application.OSX.MonitorerXMan is a managing application that helps the user organize all text logs and screenshots created by MonitorerX Pro. This tool is currently distributed as freeware.

 

Application.OSX.MonitorerXPro MonitorerX Pro is a keylogger and spyware tool created by Burning-Bytes. This software can record every single keystroke in background. Its stealth features include invisibility from the dock, invisible in the force quit menu and invisible at startup. It creates a log file everytime the user starts the computer and organizes these files according to date and time. It can also capture screen shots everytime the user types in a specific keyword. This version is called "Pro" because of the MonitorerX Pro Manager feature, where it manages all the log files and screenshots by user and date.

 

Application.OSX.RemoteControl MacRemoteControl is a freeware application designed to work as a remote access and administration tool. This application can remotely access another macintosh using the TCP/IP protocol. Once it is connected, this tool can list all running process, quit or launch applications, restart, shut down or sleep the machine and activate OSXvnc. This tool was initially designed for personal use by the author but later it was made available to the public.

 

Application.OSX.Spy Spy is a freeware application from SilverNetworks.net. This application has a server component which allows a user to remotely access a macintosh through a normal web browser. It also has Spy Tracker where it can list, see and access all Spy servers. Another feature of this tool is that it can log information, display remote computer information and handle file transfers.

 

Application.OSX.SpyMe SpyMe is a remote management tool from Readpixel.com. This software allows you to manage and monitor multiple remote macintosh machines simultaneosly. It employes a client-server technology, where the server is installed on remote computers and the client component is on the managing side. This SpyMe client can send keyboard and mouse actions, capture screenshots, automatic wake up the server, handle file transfers and control multiple SpyMe servers. It also has an optional SpyMe Daemon which requires root privileges to run in background. A feature of this tool is to silently launch the server component every each login or fast user switch. The latest version of this software has an Internet Caf

 

Application.OSX.TypeAgent TypeAgent is keylogging software from TypeAgent.com. This software can track and record all keystrokes entered into Instant Messaging, Browsing Activities, Emails, Documents and more generally any application running on your Mac. Furthermore, the user has an option to set the logs directory, activation hot key, password protection, uninstallation and option to run in hidden mode.

 

Application.OSX.TypeRecorderX TypeRecorder X is keylogging software produced by Rampellsoft.com. This keylogger can discreetly monitors and records every keystroke in a log file. The vendor describes this software as essential backup tool in the event of system failure, power loss, or if any work is accidentally deleted or modified.

 

Backdoor.MacOS.Sub7Server Backdoor.MacOS.Sub7Server is the SubSeven server component for Mac OS classic. This application is usually installed on the victim's machine. Once installed, it opens a port allowing any subseven attacker to gain remote access to the system and perform various tasks.

 

Backdoor.OSX.CarbonKeys CarbonKeys is an open-source program that employs client-server technology. The server component handles keystroke monitoring, it records all entered keystrokes and waits for a remote connection from the client program. The client component communicates with the server and is able to download keystroke logs as well as screen shots on command. The server component is usually found on the victim's computer, while the attacker communicates through the client program.

 

Backdoor.OSX.HellRaiser HellRaiser is a backdoor trojan. This tool employs standard backdoor client-server techniques. The server is usually installed on the victim's computer while the client controls the server. The installation package also contains a configuration plugin where the remote controller can specify initial server parameters such as port number, password, smtp settings and other behaviour. The server component runs in background and it is hidden from the dock.

 

Backdoor.OSX.IService.a Backdoor.OSX.IService.a has the capability of connecting to a remote server over the internet. Once installed, it may download additional components to an infected Mac.

 

Backdoor.OSX.IService.b Backdoor.OSX.IService.b has the capability of connecting to a remote server over the internet. Once connected, it may receive commands from the remote attacker which may then be executed on the affected Mac.

 

Backdoor.OSX.IService.c Backdoor.OSX.IService.c has the capability of connecting to a remote server over the internet. Once installed, it may download additional components to an infected Mac.

 

Backdoor.OSX.Sub7Client Backdoor.OSX.Sub7Client is the SubSeven OSX client component. This client tool allows the user to remotely connect and control another computer in the network. It has a graphical interface where user has to input the IP address and specify the port number of the server. This component is usually installed on the attackers machine.

 

Backdoor.OSX.Termite Termite is a client-server terminal tool designed to remotely execute unix commands. This software package contains the Terminte server for OSX and OS9. These server programs come with another binary included which is called ServerEdit. ServerEdit manages the users' settings such as port number and the password. Termite servers can be remotely accessed using the Termite client for OSX and Windows. The server component can be easily installed since it is portable and does not require installation. The remote controller (Termite client) can manage and access multiple macintosh machines simultaneously and perform remote tasks using unix commands.

 

Backdoor.OSX.Winjack Winjack is a freeware client-server remote administration tool from DigitalCalamity.org. This tool allows Mac OS X users to remotely access Windows based machines. The client component runs on OS X while the server is installed on the remote Windows machine. This tool has a powerful feature where it can manipulate files, applications and even the registry. It can also send messages, open URLs, create folders, shut down and restart the machine, capture screen shots, view running processes and transfer files. The Winjack server creates a registry entry to automatically launch itself at every system startup.

 

Backdoor.OSX.Xover Xover is a freeware client-server remote administration tool from DigitalCalamity. The server component is usually installed on the target machine allowing a remote user to access the computer.

DDoS.OSX.CometShower DDoS.OSX.CometShower is a client-server program designed to perform distributed denial of service attack to a specific IP address. The client program is the host attacker while the server component can be installed and run to multiple machines and different networks whoever wishes to participate on the attack. The server connects to the client program and the host sets the IP address and port of the targetted machine. Both the server and client program works in Mac OS X.

 

Eicar_Test_Files The European Institute of Computer Anti-virus Research (EICAR) together with Antivirus and Internet Security vendors around the world has developed a standard test file which customers may use to test their antivirus installation. The detection name Eicar_Test_File is NOT A VIRUS. It a harmless test file designed to help customers check whether their antivirus product is properly installed and working.

 

Email-Flooder.OSX.Mema Email-Flooder.OSX.Mema is a powerful and distructive mail-bomber used to perform Denial of Service attacks. This tool can mail-bomb multiple email addresses and connect to multiple SMTP servers simultaneously. It can open up to 500 simultaneous connections. The user can also set annoymous mode or use random names. It can also construct its own subject, message body and file attachment. The mail-bombing parameters define the number of emails from 1 to never ending mail-bombing and specify specific date and time of attack.

 

Email-Flooder.OSX.Propaganda Emal-Flooder.OSX.Propaganda is a powerful email flooder/spammer that can connect to a list of SMTP servers and create up to 500 multiple connection at a time. The tool provides an option to construct the content of the email body, create arbitrary recipient names and add multiple attachments.

 

Email-Flooder.OSX.Torrent Email-Flooder.OSX.Torrent is an email bomber/flooder tool designed to work in Mac OS X. The tool provides the attacker an option to construct email content, specify SMTP Server, add multiple attachment and specify the number of email attack that will be sent. Since this tool can only perform targetted attack, it is also possible that some security analysts may use this tool for penetration testing.

 

Exploit.EvilGrade.a Exploit.EvilGrade is a multiplatform exploit tool that allows it to take advantage of poor upgrade implementations by injecting fake updates.

 

Exploit.Exploit.OSX.CVE-2007-0059 Exploit.OSX.CVE-2007-0059 is a proof of concept code that exploits a flaw in Apple Quicktime 3 to 7.1.3's quicktime movie (.mov) file with an HREF track (HREFTrack).

 

Exploit.Exploit.OSX.CVE-2007-6166 Exploit.OSX.CVE-2007-6166 is a proof of concept code that exploits a flaw in Apple Quicktime versions before 7.3.1's RTSP response handling of long content type headers.

 

Exploit.OSX.ARDAgent Exploit.OSX.ARDAgent is iAntiVirus' detection for malicious code that exploits a vulnerability in Apple Remote Desktop.It takes advantage of a flaw in ARDAgent, a component of Apple Remote Desktop, and allows malicious programs to execute code when run locally, or remotely as root.

 

Exploit.OSX.CVE-2003-0201 Exploit.OSX.CVE-2003-0201 is iAntiVirus detection for malicious code that exploits CVE-2003-0201 vulnerability. It exploits the buffer overflow found in Samba versions 2.2.0 to 2.2.8 and it is capable of exploiting Mac OS X PowerPC systems.

 

Exploit.OSX.CVE-2004-0430 Exploit.OSX.CVE-2004-0430 is iAntiVirus detection for malicious code that exploits CVE-2004-0430 vulnerability. It exploits a stack overflow in the AppleFileServer service found in Mac OS X.

 

Exploit.OSX.CVE-2004-0695 Exploit.OSX.CVE-2004-0695 is a proof of concept code that exploits a flaw in the FTP service for 4D WebSTAR 5.3.2 and earlier which allows remote attackers to execute arbitrary code via a long FTP command.

 

Exploit.OSX.CVE-2005-0043 Exploit.OSX.CVE-2005-0043 is a proof-of-concept code that exploits a security flaw in Apple iTunes 4.7 which allows remote attackers to execute arbitrary code via a long URL in .m3u or .pls playlist files.

 

Exploit.OSX.CVE-2006-0848 Exploit.OSX.CVE-2006-0848 is iAntiVirus detection for malicious code that exploits CVE-2006-0848 vulnerability. It exploit Safari's "Safe file" feature which is a bug in Apple Mac OS X metadata handling.

 

Exploit.OSX.CVE-2007-0395 Exploit.OSX.CVE-2007-0395 is iAntiVirus detection for malicious code that exploits CVE-2007-0395 vulnerability. It exploits a command execution vulnerability found in Mail.app application and affects Mac OS X 10.5.0

 

Exploit.OSX.CVE-2007-2446 Exploit.OSX.CVE-2007-2446 is iAntiVirus detection for malicious code that exploits CVE-2007-2446 vulnerability. It exploits LSA RPC service of the Samba daemon.

 

Exploit.OSX.CVE-2007-5863 Exploit.OSX.CVE-2007-5863 is iAntiVirus detection for malicious code that exploits CVE-2007-5863 vulnerability. It exploits the feature Distribution Packages used in Apple Software Update.

 

Exploit.OSX.Evasion.a Exploit.OSX.Evasion.a is a proof-of-concept code that exploits a known vulnerability in MAC OS X's Java Virtual Machine. It allows malicious code to execute outside of the Java sandbox with the permissions of the executing user.

 

Exploit.OSX.Small Exploit.OSX.Small is a proof-of-concept program that exploits Mac OS X's /usr/bin/passwd.

 

Hacktool.MacOS.UGMPortScanner Hacktool.MacOS.UGMPortScanner is designed to scan and list target machines open and active ports. This tool is designed to work only with classic Mac OS.

 

Hacktool.OSX.AimSniff Hacktool.OSX.AimSniff is a small utility tool designed to capture AIM user IP address running in Mac OS X.

 

Hacktool.OSX.BrutalGift Hacktool.OSX.BrutalGift is a powerful ftp and pop3 brute force cracker designed to work in Mac OS X. It can scan and crack up to 500 connection at the same time. This tool may also be used by some security analysts for penetration testing.

 

Hacktool.OSX.Cyanide Hacktool.OSX.Cyanide is a hacking tool with multiple featues such as email bomber, port attacker, IRC flooder bot, FTP brute force attacker and port scanner. This tool also has network utility functions such as ping, lookup, traceroute and whois. It can also protect itself by watching certain ports for possible attacks.

 

Hacktool.OSX.Heirophant Hacktool.OSX.Heirophant is a network utility tool designed to work in Mac OS X. It is capable to scan websites for web links, scan and ping specific IP address for open ports, create remote connection through telnet, proxy tool, construct crafted strings and use it to perform port flooding attack over TCP protocol. This tool may also be used by some security analysts for penetration testing.

 

Hacktool.OSX.iChatSniff iChatSniff is a program that extracts iChat audio sessions from a pcap-formated packet dump. A malicious user is able to use this tool to eavesdrop on iChat audio sessions.

 

Hacktool.OSX.macKrack macKrack is a freeware password cracker for Mac OS X. It supports Crypt, MD5, SHA-1 and Salted SHA-1 algorithms. It uses both dictionary and keyspace brute force attacks to recover passwords. The latest version supports the cracking of zip archive passwords.

 

Hacktool.OSX.MacSmurf MacSmurf is a tool used to perform Denial of Service attacks on a network. It does this by sending a large volumes of ICMP echo requests, and broadcasting them to machines on the network. The attack can invisibly redirect the broadcast ICMP packet to a targetted host. This tool may also be used by some security analysts for penetration testing.

 

Hacktool.OSX.ManOfTheMiddle ManOfTheMiddle is a tool used to perform man-in-the-middle attacks, allowing the user to monitor and potentially tamper with data flowing between 2 hosts. Although this tool can be used for malicious purposes, some security analysts legitimately use this tool to perform penetration testing.

 

Hacktool.OSX.SYNer Hacktool.OSX.SYNer is a malicious tool designed to perform SYN flood exploit in TCP protocol. This tool uses a series of spoofed SYN-tagged TCP packets to hide the attacker real identity. The attack attempts to overload the target network which causes it to stop accepting incoming connection.

 

Hacktool.OSX.UnderHand Hacktool.OSX.UnderHand is a client-server program that can connect and communicate to its victims' machine through its trojan server component. The trojan server has an option to run in hidden mode. Once the server is installed, the client can execute arbitrary shell command to the victims' machine.

 

Hacktool.OSX.ZapAttack Hacktool.OSX.ZapAttack is a hacker tooll design to perform denial of service attack. It has multiple features such as Mass Connector, Muti Flooder, Port Flooder, UDP Flooder, Port Scanner, Port Checker and IP Resolver. The amplification server is a component program usually installed to another machine. It aims to assist the attacker amplify the attack.

 

Perl.OSX.RSPlug.a Perl.OSX.RSPlug.a is a malicious PERL script targeted for MAC users. It downloads and runs another malicious script in the victim's computer.

 

Port-Flooder.OSX.Tsunami Port-Flooder.OSX.Tsunami is a small utility tool designed to remotely connect to a specific port, construct crafted packet and peform port flooding attack. The attacker can either use TCP or UDP protocol.

 

RogueAntiSpyware.OSX.Imunizator RogueAntiSpyware.OSX.Imunizator is a rebranded version of RogueAntiSpyware.OSX.MacSweeper. This version contains exactly the same functionality and looks of MacSweeper except the name was changed to Imunizator. Rogue application which uses deceptive sales and marketing techniques to get onto the users' system. It poses no threat and it does not have the capability to propagate or spread itself. However, rogues usually arrive as an advertisement which redirects the user and forces a download of the file/installation package.

 

RogueAntiSpyware.OSX.MacSweeper RogueAntiSpyware.OSX.MacSweeper is a rogue application which uses deceptive sales and marketing techniques to get onto the users' system. It poses no threat and it does not have the capability to propagate or spread itself. However, rogues usually arrive as an advertisement which redirects the user and forces to download file/installation package.

 

Rootkit.MacOS.Weapox Rootkit.MacOS.Weapox is a kernel based rootkit designed to work on Mac OS X (both PowerPC and Intel-based) machines. This tool can execute a root shell, elevate processes euid to 0, hide specified ports from netstat and hide login info from w and who commands.

 

Trojan-PSW.OSX.Corpref.A Trojan-PSW.OSX.Corpref.A is a password stealing Trojan masquerading as a poker game program. It targets Mac OS X users.

 

Trojan.MacOS.ChinaTalk Trojan.MacOS.ChinaTalk is a destructive trojan which deletes all user directories. It usually arrives disguised as a MacinTalk sound driver. It's code contains the following strings "A Phalcon/Skzm production".

 

Trojan.MacOS.Nvp Virus.MacOS.Nvp is a malicious trojan that disguises itself as an application called 'New Look' in order to get onto the user's system. Once installed, this trojan modifies the system and prevents vowels from being entered using the keyboard. The malicious code contains strings, indicating the names of tha authors.

 

Trojan.MacOS.Tetracycle Trojan.MacOS.Tetracycle is a malicious trojan secretly installed by Virus.MacOS.Mbdf.A.

Trojan.MacOS.Tweesh.a Trojan.MacOS.Tweesh.a is a malicious trojan horse that may represent security risk for the compromised system.

 

Trojan.OSX.DNSChanger Trojan.OSX.DNSChan is a malicious trojan that uses social engineering techniques to entice users to manually install the program. This trojan disguises itself as a video codec and associates itself with shared and free download videos. It was first seen and linked to porn sites but later it was also linked to funny videos. The mode of delivery of this trojan is typically via spam blogs (splogs), malicious banner Ads, poisoned Google search results and pay-per-install programs.

 

Trojan.OSX.DNSChanger.C Trojan.OSX.DNSChanger.C is a malicious trojan that entices the user to download and manually install a fake video codec.

 

Trojan.OSX.DNSChanger.D Trojan.OSX.DNSChanger.D is a trojan that entices users to download and install a fake video codec.

 

Trojan.OSX.DNSChanger.E Trojan.OSX.DNSChanger.E is a Trojan horse that modifies the Domain Name System (DNS) settings of the affected system.

 

Trojan.OSX.DNSChanger.F Trojan.OSX.DNSChanger.F is a Trojan horse that modifies the Domain Name System (DNS) settings of the affected system.

 

Trojan.OSX.Lamzev.a Trojan.OSX.Lamzev.a is a Trojan horse that opens a back door on the compromised computer.

 

Trojan.OSX.RSPlug.A Trojan.OSX.RSPlug.A is a Trojan horse that modifies the Domain Name System (DNS) settings of the affected system.

 

Trojan.OSX.RSPlug.B Trojan.OSX.RSPlug.B is a Trojan horse that modifies the Domain Name System (DNS) settings of the affected system.

 

Trojan.OSX.RSPlug.C Trojan.OSX.RSPlug.C is a Trojan horse that modifies the Domain Name System (DNS) settings of the affected system.

 

Trojan.OSX.RSPlug.D Trojan.OSX.RSPlug.D is a Trojan horse that changes the DNS settings on the compromised computer.

 

Trojan.OSX.RSPlug.E Trojan.OSX.RSPlug.E is a Trojan horse that changes the DNS settings on the compromised computer.

 

Trojan.OSX.RSPlug.F Trojan.OSX.RSPlug.F is a Trojan horse that modifies the Domain Name System (DNS) settings of the affected system.

 

Trojan.OSX.RSPlug.G Trojan.OSX.RSPlug.G is a Trojan horse that modifies the Domain Name System (DNS) settings of the affected system.

 

Trojan.OSX.RSPlug.K Trojan.OSX.RSPlug.K is a Trojan horse that changes the DNS settings on the compromised computer.

 

Trojan.OSX.RSPlug.M Trojan.OSX.RSPlug.M is a Trojan horse that changes the DNS settings on the compromised computer.

 

Trojan.OSX.RSPlug.N Trojan.OSX.RSPlug.N is a Trojan horse that changes the DNS settings on the compromised computer.

 

Trojan.OSX.RSPlug.O Trojan.OSX.RSPlug.O is a Trojan horse that changes the DNS settings on the compromised computer.

 

Trojan.OSX.RSPlug.P Trojan.OSX.RSPlug.P is a Trojan horse that changes the DNS settings on the compromised computer.

 

Trojan.OSX.RSPlug.Q Trojan.OSX.RSPlug.Q is a Trojan horse that changes the DNS settings on the compromised computer.

 

Virus.MacOS.Anti Virus.MacOS.Anti is self-replicating virus that infects application files on System 6.

 

Virus.MacOS.Cdef Virus.MacOS.Cdef is a self-replicating virus which infects desktop files used by System 6. Although this virus does not have any destructive payload, the infection can affect the system causing it to slow down and consequently crash.

 

Virus.MacOS.Code1 Virus.MacOS.Code1 is a destructive virus which infects Mac OS classic system files and applications. This virus has known payload which renames the user's infected hard drive to Trent Saburo on the 31st of October of every year.

 

Virus.MacOS.Code252 Virus.MacOS.Code252 also known as D-Day Virus is a malicious program that infects Mac OS classic system files and applications. It carries a non-destructive payload where it can perform certain tasks like displaying a text message, opening a window or even removing itself. This payload is triggered every 6th of June and 31st of December. Strings indicate a message will be displayed when the payload is activated "Ha Ha Ha Ha Ha Ha Ha You have a virus Now erasing all disk! P.S. Have a nice day (Click to continue!)".

 

Virus.MacOS.Code32767 Virus.MacOS.Code32767 is a malicious program that infects files found on Mac OS system classic. This virus was named Code32767 because it modifies the infected file to point to its malicious code which is at code 32767.

 

Virus.MacOS.Code9811 Virus.MacOS.Code9811 is malicious program which infects 'APPL' type applications found on Mac OS classic. This virus carries a non-destructive payload where it draws a worm all over the users' screen at a specific time and date. Code indicates that this virus will display this message "You have been hacked by Praetorians!".

 

Virus.MacOS.Flag Virus.MacOS.Flag is a self-replicating virus that infects application files on Mac OS classic.

 

Virus.MacOS.Init17 Virus.MacOS.Init17 is a destructive virus that infects Mac OS classic system and application files. The

virus resides in INIT 17 resources.

 

Virus.MacOS.Init1984 Virus.MacOS.Init1984 is a destructive virus that infects all .INIT files found on Mac OS classic. This virus carries a destructive payload where it attempts to rename all files to random names and also change file information on every Friday which falls on the 13th day of any month.

 

Virus.MacOS.Init29 Virus.MacOS.Init29 is a destructive virus which tries to infect Mac OS classic systems, applications and data files by adding or overwriting the INIT 29 resource.

 

Virus.MacOS.Init666 Virus.MacOS.Init666 is a destructive virus that infects classic Mac OS system and application files.

 

Virus.MacOS.Init9403 Virus.MacOS.Init9403 is a destructive virus that infects classic Mac OS system applications and the Finder. Upon execution, this virus creates a file named "Preferenze" in the Extensions folder. This allows the virus to execute at every system start up. After a certain number of infections, it overwrites the startup volume and disk information.

 

Virus.MacOS.InitM Virus.MacOS.InitM is a destructive virus that infects all .INIT files found on Mac OS classic. This virus carries a destructive payload whicht attempts to rename all files and folders to random names and changes file creation and modification dates to January 1, 1904.

 

Virus.MacOS.Mbdf Virus.MacOS.Mbdf is a destructive virus that infects classic Mac OS system files and applications such as Finder. This virus does not have a malicious payload, instead it searches for system files and appends MBDF resources with IDs of 0 and 1. The infection takes time to infect all system files, but the machine will start to show non-responsive behaviour which subsequently resolves to a forced restart. This action will damage system files, and the only solution is to reinstall the affected files. This virus was first seen on the internet associated with shareware games such as "Ten Tile Puzzle" and "Obnoxious Tetris".

 

Virus.MacOS.Mdef Virus.MacOS.Mdef is a self-replicating virus that infects classic Mac OS files. It does not have a malicious or destructive payload, instead it infects macintosh resources that is responsible for drawing menus. The infected machine will start to show non-responsive behaviour once a pull down menu is clicked.

 

Virus.MacOS.Nvir Virus.MacOS.Nvir is a destructive virus which infects classic Mac OS system files and applications such as Finder. The infection causes system slow down, hangs and crashes.

 

Virus.MacOS.Scores Virus.MacOS.Scores is a malicious program that infects Mac OS classic system files and applications, specifically Notepad and Scrapbook. After a number of infections, this virus will start infecting any application when it is opened. The infection causes the system slowdowns and crashes.

 

Virus.MacOS.Sevendust Virus.MacOS.Sevendust is a self-replicating virus that infects classic Mac OS applications and system files. Some variant of this virus carries a non-destructive payload where it attempts to delete all non-executable application from the StartupItems during a specific time and day of the month. It appends MDEF resource to all infected application and INIT resource for the system files.

 

Virus.MacOS.T4 Virus.MacOS.T4 is a destructive virus that infects System 7 system files, applications and the Finder. The infection causes system slowdowns and crashes. After a certain number of infections, the payload will display this message "Application is infected with the T4 virus".

 

Virus.MacOS.Wdef Virus.MacOS.Wdef is a self-replicating virus that infects desktop files used by the System 6 Finder. Although this virus does not have any destructive payload, the infection can affect the system causing it to slow and consequently crash.

 

Virus.MacOS.Zuc Virus.MacOS.Zuc is a self-replicating virus that infects application files in classic Mac OS. This virus carries an annoying payload where the cursor will display unusual behaviour after a certain period of time of infection.

Virus.OSX.Leap Virus.OSX.Leap is an instant messaging worm which propagates via the iChat application, and also a destructive virus which tries to infect other binary files by overwriting their code. This malware was designed to work on Mac OS X running on PowerPC machines.

 

Worm.MacOS.Autostart Worm.MacOS.Autostart is a malicious worm that propagates by infecting the boot sector of removable volumes. Some variants of this worm drop a file named DB on the infected removable media and make a copy of themselves named Desktop Print Spooler in the Extentions folder, allowing it automatically run during system startup. This worm was designed to work on classic Mac OS (PowerPC).

 

Worm.OSX.Inqtana Worm.OSX.Inqtana is a proof-of-concept worm that exploits a Mac OS X BlueTooth Directory Traversal Vulnerability.

 

Worm.OSX.Renepo Worm.OSX.Renepo is also known as "Opener". This is a malicious bash shell script design to work on Mac OS X. This worm installs and copies itself to StartupItems. It then disables the built-in OSX firewall, prevents Apple updates and disables accounting applications. It can also turn on services and gathers detailed user information pasword hashes, user name from netinfo, keychain files and system configuration information. It also modifies limewire settings, deletes log files, creates an additional admin user, creates cron jobs and more. It also connects to the infernet to download hacktools such as John The Ripper and Dsniff. This worm propagates by dropping a copy of itself to shared folders.

 

Worm.OSX.Tored.a Worm.OSX.Tored.a is a MAC OSX worm written in RealBasic which attempts to spread via email and network shares. It also opens a backdoor on the compromised computer.

 

"Security scares seem to be coming up all too frequently for Mac users these days. First, there was the devastatingly fast hacking of a Mac thanks to a Safari exploit at PWN2OWN, and now the first-known botnet to exploit OS X appears to have been activated, according to two security researchers at Symantec. If true, it means the sense of security and superiority that so many Mac users maintain over their PC-using counterparts might be coming to an end."

 

All I gotta say is good thing Windows has so much practice with viruses and such....would hate to have my first viruses hit me now that they are so advanced.(naughty)

blog_52_1.jpg

Oops....did I just the let cat out of the bag?

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
 Share
Go to topic listing
×
×
  • Create New...