TF Security Team - Techist - Tech Forum

Go Back   Techist - Tech Forum > Techist Forum Information > Forum Admin, Announcements & Feedback
Click Here to Login
Reply
 
Thread Tools Display Modes
 
Old 03-08-2010, 06:39 PM   #1 (permalink)
Monster Techie
 
joelm3103's Avatar
 
Join Date: Mar 2007
Location: -Trinidad- and Tobago, Caribbean.
Posts: 1,750
Default TF Security Team

Just thought I'd ask, what has become of this team? I wasn't here when it was made or apparently shut down...only snooped around the forums and realized the thread.

My original thread here: Active?.
Thread pertaining to the team I'm talking about is here: Tech Forums Security Team Conduct & Duties.

Would be great if this team or some people would be active, that way Osiris won't have the world on his hands dealing with spyware and stuff. Just thought I'd lend a helping hand, if I got permission too...I seem like a new member and what not, but it interests me and thought I'd shine some light onto it.
__________________

__________________
Need to update my siggy!
joelm3103 is offline   Reply With Quote
Old 03-08-2010, 06:51 PM   #2 (permalink)
Grandfather of Techist

\_(ツ)_/
 
Trotter's Avatar
 
Join Date: Jan 2005
Location: The South
Posts: 31,307
Default Re: TF Security Team

Osiris pretty much is the official team. while a certain few are authorized to help out, we don't allow just anyone to be a part of the Security Team. Heck, I'm not even qualified to be on it.

The original qualifications are around here somewhere, but I do remember that some certifications were required along the malware removal lines, and/or hands-on training with a Security Team member. We looked into some training stuff but found out that the person who was setting it up had been lying about their credentials so that killed it then and there.

I would like to see the Security Team back up and operational. I am sure that there are days when Osiris wishes he had some others to help handle the load. He developed his spyware guide to help himself out.
__________________

__________________


My Rig: SABLE
Antec 300 Illusion / Antec EarthWatts EA650 650W / ASUS GeForce GTX 960 GTX960-DC2OC-2GD5
AMD FX 8320 x8 Black Edition / Gelid Tranquillo / MSI 970A-G43
Sandisk Ultra Plus 128GB / Samsung 840 120GB / WD Black 750GB / WD Green 1TB
2x4GB DDR3 1600 - 2x2GB DDR3 1600
Win10 Ent 64-bit - Mionix Naos 7000 Mouse - CM Storm QuickFire Rapid Mech Keyboard


R.I.P. Danny L. Trotter ... 14 Nov 1945 - 4 Sept 2009
Trotter is offline   Reply With Quote
Old 03-08-2010, 06:55 PM   #3 (permalink)
Monster Techie
 
joelm3103's Avatar
 
Join Date: Mar 2007
Location: -Trinidad- and Tobago, Caribbean.
Posts: 1,750
Default Re: TF Security Team

Ah cool and ya I get the fact that you don't just let anyone on the team and stuff lol. About the training, if pointing me to sites or reading guides help...I don't mind giving it a shot...maybe test me somehow. Been reading up on it a while now, checking through the spyware forum looking at his solutions and taking notes lol . He's got the whole world on his hands haha, just thought I'd put out my offer since I'm online pretty much everyday.

Anyways if it's ever back up, and y'all are recruiting, inform me...I'll try and pass whatever test is needed, it really do interest me . As for now, I'll lay back and just read through the threads, don't wanna post anything without permission as I know the risks of corrupting one's PC with wrong deletions/edits/etc.

Thanks for the reply .
__________________
Need to update my siggy!
joelm3103 is offline   Reply With Quote
Old 03-08-2010, 07:49 PM   #4 (permalink)
Call me Mak or K
Mod Emeritus
 
KSoD's Avatar
 
Join Date: Sep 2004
Location: C:\
Posts: 35,647
Default Re: TF Security Team

Take it from me, the only other person even close to being certified for the Spyware team, that no matter how many "guides" you read it doesnt help. Each situation is unique and you have to know your stuff inside and out to even make an attempt at doing what Osiris does.

I know how to read every type of log. Yet even i still pale in comparison to what Osiris does. I know how to fix just about every situation that can come up, yet i still dont contribute in that area cause for as much as i know, it still isnt enough.

So it will take more than reading guides cause you have to know how to get rid of every type of infection, what to do if the removal software doesnt work what others can be used, what protection is good and so on. No guide on the net can cover everything that is needed to be known. Not even if you read every single one of them. I know i have gotten close.
__________________
I do not accept support questions via EMail, PM, IM or my G+ page!

Phone: LG Optimus G Pro
Running: Stock JB from LG with Nova Launcher

KSoD is offline   Reply With Quote
Old 03-08-2010, 07:56 PM   #5 (permalink)
Monster Techie
 
joelm3103's Avatar
 
Join Date: Mar 2007
Location: -Trinidad- and Tobago, Caribbean.
Posts: 1,750
Default Re: TF Security Team

Thanks and I get your point . But I mean, apart from all that, there must be something that one can do to improve his knowledge to that level. I may not be qualified and read just guides but I got the determination. I don't mind if I'm not qualified, I won't shoot posts without confirmation but I'll still stick around and analyze the logs and try to educate myself. Thanks for the tip though.
__________________
Need to update my siggy!
joelm3103 is offline   Reply With Quote
Old 03-08-2010, 08:45 PM   #6 (permalink)
Call me Mak or K
Mod Emeritus
 
KSoD's Avatar
 
Join Date: Sep 2004
Location: C:\
Posts: 35,647
Default Re: TF Security Team

Well your best option at this point, since you want to learn, is to go to bleepingcomputers.com and read up on their guides they have there. Also check via google for guides on MBAM, Combofix and HiJack this. Then just read the logs posted but dont read Osiris's response. See if you can come up with the same solution as he does. If not try to figure out how he got that solution.

After that it comes down to figuring out which tools do the job for which infection. there is tools for Vundo, Virtumondo, and just about everything else. So you have to be able to spot which infection it is to know which tool to run and how to run it.

Then comes the hard part, what to do when the tool that should be used cant be run. There are other tools out there that can remove such infections without using the specific tools. So you have to be able to know right up front what to suggest if those tools dont work.

Then after all of that you have to be able to know when a restore point might be infected and how to remove that. That is easy but you have to be able to know if that needs to be done first so that the infection doesnt come back.

The process is long. It took me a good 6 months to be able to read the logs properly. Even so i still cant do it as fast as Osiris. Yeah there are sites out there that can read logs for you like hijackthis.de but you have to be able to spot when that suggests something that is legit over something that isnt. As that site uses different locations for files than some people.

I will be blunt in saying that the process will take upwards of around a year to be decent at the task. There are some sites out there that have schools for such things. But even so those are only specific to certain things and have a specific order which varies depending on the infection. They take a specific route and suggest specific tools for everything. They are not as "laid back" as we are. We get teh job done, but they would say that we are inefficent in our attempts cause we dont go to the lengths that they do.
__________________
I do not accept support questions via EMail, PM, IM or my G+ page!

Phone: LG Optimus G Pro
Running: Stock JB from LG with Nova Launcher

KSoD is offline   Reply With Quote
Old 03-08-2010, 08:57 PM   #7 (permalink)
Monster Techie
 
joelm3103's Avatar
 
Join Date: Mar 2007
Location: -Trinidad- and Tobago, Caribbean.
Posts: 1,750
Default Re: TF Security Team

Haha now that's more like it ! Thanks for the speech and sites . You also break it down pretty much to my understanding. Ya I've been reading around the bleepingcomputer's guide and some others.

Every now and then I check other forums that's listed on bleepingcomputer for their logs and make similar notes. Also I PM Osiris every now and then if I got a query and he pretty much explains it out .

Yeah I guess it would take me a while and I'll have to get familiar with the stuff, but I guess I'll try looking around and see what I can gain. I might not be pr0 at this whole spyware/infection thing, but at least I'll gain some knowledge and try to assist if I can and post where I'm permitted to. Thanks for all the help guys, much appreciated . Looking forward to see if I can become anywhere near pr0 as y'all and maybe help out some more .
__________________
Need to update my siggy!
joelm3103 is offline   Reply With Quote
Old 03-09-2010, 04:25 AM   #8 (permalink)
Lord Techie
 
Kharn's Avatar
 
Join Date: Feb 2007
Posts: 7,638
Default Re: TF Security Team

To be honest I would be more involved in the security team for the open forums, if I -
A) Had more time.
B) Was allowed to talk about half the stuff I know.
C) Had more time.

To be frank about it most of my security experience is poping a box rather than unpoping a box.
__________________

__________________
Visit this and do something for the world!
www.hackersforcharity.org

Want to do even more? Take a look here and join the fight on human trafficking.

Hear and you forget, see and you remember, do and you understand.

Kharn is offline   Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
WIN32/vMALUM.fexg VIRUS Kimcoco HijackThis Logs (finished) 10 04-20-2009 05:28 PM
prep for HijackThis Log posting paulmars HijackThis Logs (finished) 38 02-03-2009 06:51 PM
Hijackthis logs for Security Team members only Osiris Viruses, Spyware and Malware 0 01-29-2008 04:22 PM
HijackThis logs for Security Team members only Trotter Viruses, Spyware and Malware 34 01-25-2008 01:13 PM
HijackThis logs for Security Team members only Trotter HijackThis Logs (finished) 12 10-18-2007 12:41 AM



Copyright 2002- Social Knowledge, LLC All Rights Reserved.

All times are GMT -5. The time now is 02:37 AM.


Powered by vBulletin® Version 3.8.8 Beta 1
Copyright ©2000 - 2017, vBulletin Solutions, Inc.