Command and Conquer: Renegade Official Forums: RenGuard Client

Home » Archived Forums » RenGuard Client » Renguard/Norton Problems

Show: Today's Messages :: Polls :: Message Navigator

Re: Renguard/Norton Problems [message #176155 is a reply to message #176146]

Mon, 24 October 2005 05:00

Blazer
Messages: 3322
Registered: February 2003
Location: Phoenix, AZ

Karma:

General (3 Stars)
Administrator/General

ingram091 wrote on Mon, 24 October 2005 06:52

My problem is not with your using the tool, its not taking action to eliminate the need for a tool that is being used by numerous worms and viruses out there to launch their attacks. AND telling people to just allow it to work ignoring the virus warning.

Firstly, we cannot "eliminate the need for" the tool. If RG is not encrypted, there would be cracked copies of it out within 24 hours, and people would even be poking around it with a hex editor. And I would like to point out, that there has been no "virus warning". The alert the Symantec/Norton gives, if you actually take the time to read it, is that svkp.sys is not a virus itself, but rather may be part of or indication of another virus or trojan. To be honest, I have never heard or actually seen SVKP used for an actual virus, most script kiddies use UPX and other free exe wrappers.

ingram091 wrote on Mon, 24 October 2005 06:52

New viruses are NOT caught in time by anti-virus companies all the time. So by white listing a blocked tool you put yourself at a higher risk then is recommended. Just to use your program.

As I said, blacklisting SVKP is about as silly as blacklisting Visual C++, since afterall, they can both be used to create or part of a virus. If its possible, I would recommend some combination of settings such that svkp.sys is ignored, except if something tries to overwrite it.

ingram091 wrote on Mon, 24 October 2005 06:52

According to a message I received from AntiCracking@AntiCracking.sk the golden support customer base are able to receive an updated method for embedding their protection into their compiled executable. all you have to do is request a support ticket on the matter.

SVKP is a kernel mode ring-0 driver, and you cannot simply embed it into an executable. They do have lesser forms of protection that are not ring0 and can be embedded, but they can also be bypassed with ease, which is why we use the more elaborate solution.

ingram091 wrote on Mon, 24 October 2005 06:52

This is a computer safety issue, not a renguard issue.
according to symantec here http://securityresponse.symantec.com/avcenter/venc/data/w32. spybot.ubh.html the file "Creates the file %System%\SVKP.sys. This is used by the worm to unpack itself and execute" this is one of many worms currently using this method. Thats is why all of them are now adding it to their list of blocked signatures.

That particular worm not only creates an SVKP.sys, it also exploits a bug in windows PNP (which has long since been fixed), and connects to an irc network. For to get infected by that worm, they would have to have a non-updated windows installation, the virus infection, and no firewall whatsoever (or at least one that wouldnt stop or popup on the outgoing irc connection). If they meet any of those criteria, I doubt blacklisting svkp will make them any more secure Smile

ingram091 wrote on Mon, 24 October 2005 06:52

Thus it is a vulnerability that should not be used if at all possible. the developers are aware of its current abuse and are taking stems to secure the method through other means. but at this time its a vulnerability, most. including myself, are not willing to risk using just for a 3rd party anti-cheating program.

Until I hear of a significant number of cases where an actual virus uses SVKP, I would not be concerned at all about whitelisting SVKP.sys. The very URL you provided as "proof", shows that the number of reported infections were "0-49"...I bet it was a lot closer to 0 (like a single report), than it was to 49.

Despite my views, I do recognize that it's your computer and you are entitled to be a paranoid as you want. Just know that we are very aware of the issue and are taking steps to do what we can, including considering a different protection software for RG 1.04, and accelerating the development of RG 1.04.

Report message to a moderator

[Message index]

		Renguard/Norton Problems By: rc22fires on Thu, 20 October 2005 08:51
		Re: HELP ME OUT BEFORE I LOSE MY MIND. WORM THROUGH RG? By: rc22fires on Thu, 20 October 2005 09:24
		Re: HELP ME OUT BEFORE I LOSE MY MIND. WORM THROUGH RG? By: Parad0x on Thu, 20 October 2005 09:26
		Re: HELP ME OUT BEFORE I LOSE MY MIND. WORM THROUGH RG? By: rc22fires on Thu, 20 October 2005 09:42
		Re: HELP ME OUT BEFORE I LOSE MY MIND. WORM THROUGH RG? By: SurfX805 on Fri, 04 November 2005 22:08
		Re: HELP ME OUT BEFORE I LOSE MY MIND. WORM THROUGH RG? By: rc22fires on Thu, 20 October 2005 09:38
		Re: HELP ME OUT BEFORE I LOSE MY MIND. WORM THROUGH RG? By: Ma1kel on Thu, 20 October 2005 09:54
		Re: HELP ME OUT BEFORE I LOSE MY MIND. WORM THROUGH RG? By: rc22fires on Thu, 20 October 2005 09:55
		Re: HELP ME OUT BEFORE I LOSE MY MIND. WORM THROUGH RG? By: DethSilver on Sat, 22 October 2005 13:56
		Re: HELP ME OUT BEFORE I LOSE MY MIND. WORM THROUGH RG? By: Cannibus on Thu, 20 October 2005 10:35
		Re: HELP ME OUT BEFORE I LOSE MY MIND. WORM THROUGH RG? By: luv2pb on Thu, 20 October 2005 10:37
		Re: HELP ME OUT BEFORE I LOSE MY MIND. WORM THROUGH RG? By: Dethdeath on Thu, 20 October 2005 11:10
		Re: HELP ME OUT BEFORE I LOSE MY MIND. WORM THROUGH RG? By: ododd on Thu, 20 October 2005 11:11
		Re: HELP ME OUT BEFORE I LOSE MY MIND. WORM THROUGH RG? By: rc22fires on Thu, 20 October 2005 11:36
		Re: HELP ME OUT BEFORE I LOSE MY MIND. WORM THROUGH RG? By: Kanezor on Thu, 20 October 2005 11:44
		Re: HELP ME OUT BEFORE I LOSE MY MIND. WORM THROUGH RG? By: rc22fires on Thu, 20 October 2005 11:59
		Re: HELP ME OUT BEFORE I LOSE MY MIND. WORM THROUGH RG? By: pqlarbear on Thu, 20 October 2005 14:51
		Re: HELP ME OUT BEFORE I LOSE MY MIND. WORM THROUGH RG? By: rc22fires on Thu, 20 October 2005 15:13
		Re: HELP ME OUT BEFORE I LOSE MY MIND. WORM THROUGH RG? By: Warmonger on Thu, 20 October 2005 15:47
		Re: HELP ME OUT BEFORE I LOSE MY MIND. WORM THROUGH RG? By: ododd on Thu, 20 October 2005 11:58
		Re: HELP ME OUT BEFORE I LOSE MY MIND. WORM THROUGH RG? By: Cannibus on Thu, 20 October 2005 11:59
		Re: HELP ME OUT BEFORE I LOSE MY MIND. WORM THROUGH RG? By: Parad0x on Thu, 20 October 2005 13:11
		Re: HELP ME OUT BEFORE I LOSE MY MIND. WORM THROUGH RG? By: Kanezor on Thu, 20 October 2005 13:27
		Re: HELP ME OUT BEFORE I LOSE MY MIND. WORM THROUGH RG? By: Renx on Thu, 20 October 2005 13:32
		Re: HELP ME OUT BEFORE I LOSE MY MIND. WORM THROUGH RG? By: Goztow on Thu, 20 October 2005 13:34
		Re: HELP ME OUT BEFORE I LOSE MY MIND. WORM THROUGH RG? By: rafkid on Thu, 20 October 2005 14:15
		Re: HELP ME OUT BEFORE I LOSE MY MIND. WORM THROUGH RG? By: Cboy on Thu, 20 October 2005 14:37
		Re: HELP ME OUT BEFORE I LOSE MY MIND. WORM THROUGH RG? By: -TG-Lammy on Thu, 20 October 2005 13:43
		Re: HELP ME OUT BEFORE I LOSE MY MIND. WORM THROUGH RG? By: Renx on Thu, 20 October 2005 14:47
		Re: HELP ME OUT BEFORE I LOSE MY MIND. WORM THROUGH RG? By: -TG-Lammy on Thu, 20 October 2005 14:53
		Re: HELP ME OUT BEFORE I LOSE MY MIND. WORM THROUGH RG? By: -TG-Lammy on Thu, 20 October 2005 16:01
		Re: HELP ME OUT BEFORE I LOSE MY MIND. WORM THROUGH RG? By: Warmonger on Thu, 20 October 2005 16:04
		Re: HELP ME OUT BEFORE I LOSE MY MIND. WORM THROUGH RG? By: -TG-Lammy on Thu, 20 October 2005 16:14
		Re: HELP ME OUT BEFORE I LOSE MY MIND. WORM THROUGH RG? By: Warmonger on Thu, 20 October 2005 16:21
		Re: HELP ME OUT BEFORE I LOSE MY MIND. WORM THROUGH RG? By: ododd on Thu, 20 October 2005 16:23
		Re: HELP ME OUT BEFORE I LOSE MY MIND. WORM THROUGH RG? By: -TG-Lammy on Thu, 20 October 2005 16:31
		Re: HELP ME OUT BEFORE I LOSE MY MIND. WORM THROUGH RG? By: rc22fires on Thu, 20 October 2005 17:15
		Re: HELP ME OUT BEFORE I LOSE MY MIND. WORM THROUGH RG? By: Crimson on Thu, 20 October 2005 17:40
		Renguard-related virus By: [NE]Shockwave[HS] on Thu, 20 October 2005 20:40
		Re: Renguard-related virus By: [NE]Shockwave[HS] on Thu, 20 October 2005 21:22
		Re: Renguard-related virus By: Mylo on Thu, 20 October 2005 22:58
		Re: Renguard-related virus By: CloudOne on Thu, 20 October 2005 23:05
		Re: HELP ME OUT BEFORE I LOSE MY MIND. WORM THROUGH RG? By: -TG-Lammy on Fri, 21 October 2005 00:49
		Re: Renguard/Norton Problems By: Kholdstare on Fri, 21 October 2005 15:54
		Re: Renguard/Norton Problems By: Kytten9 on Fri, 21 October 2005 16:00
		Re: Renguard/Norton Problems By: [NE]Shockwave[HS] on Fri, 21 October 2005 17:07
		Re: Renguard/Norton Problems By: Gizbotvas on Fri, 21 October 2005 20:27
		still having problems By: PlastoJoe on Fri, 21 October 2005 22:47
		Re: Renguard/Norton Problems By: Blazer on Sat, 22 October 2005 06:26
		Re: Renguard/Norton Problems By: HTGunny on Sat, 22 October 2005 09:27
		Re: Renguard/Norton Problems By: Kanezor on Sat, 22 October 2005 10:07
		Re: Renguard/Norton Problems By: Blazer on Sat, 22 October 2005 11:49
		Re: Renguard/Norton Problems By: xxredrum on Sat, 22 October 2005 09:50
		Re: Renguard/Norton Problems By: Kanezor on Sat, 22 October 2005 09:54
		Re: Renguard/Norton Problems By: Gizbotvas on Sat, 22 October 2005 18:59
		Re: Renguard/Norton Problems By: CrazyNick on Sun, 23 October 2005 02:55
		Re: Renguard/Norton Problems By: stomaslurper on Sun, 23 October 2005 03:19
		Re: Renguard/Norton Problems By: trashyall on Mon, 24 October 2005 04:17
		Re: Renguard/Norton Problems By: Blazer on Mon, 24 October 2005 05:09
		Re: Renguard/Norton Problems By: trashyall on Thu, 27 October 2005 00:56
		Re: Renguard/Norton Problems By: JPNOD on Sat, 22 October 2005 11:57
		Re: Renguard/Norton Problems By: Cybie1111 on Sat, 22 October 2005 12:46
		Re: Renguard/Norton Problems By: SuperTech on Sat, 22 October 2005 13:20
		Re: Renguard/Norton Problems By: =HT=T-Bird on Sat, 22 October 2005 13:29
		Re: Renguard/Norton Problems By: rc22fires on Sat, 22 October 2005 13:55
		Re: Renguard/Norton Problems By: Recon on Sat, 22 October 2005 15:27
		Re: Renguard/Norton Problems By: Blazer on Sat, 22 October 2005 15:53
		Re: Renguard/Norton Problems By: Recon on Sat, 22 October 2005 16:06
		Re: Renguard/Norton Problems By: Cybie1111 on Sat, 22 October 2005 16:49
		Re: Renguard/Norton Problems By: =HT=T-Bird on Sat, 22 October 2005 17:28
		Re: Renguard/Norton Problems By: rc22fires on Sat, 22 October 2005 18:36
		Re: Renguard/Norton Problems By: Blazer on Sat, 22 October 2005 20:07
		Re: Renguard/Norton Problems By: [BA]RANGER on Sat, 22 October 2005 21:34
		Re: Renguard/Norton Problems By: AmunRa on Sun, 23 October 2005 02:46
		Re: Renguard/Norton Problems By: EnderGate on Sat, 22 October 2005 22:39
		Re: Renguard/Norton Problems By: PlastoJoe on Sat, 22 October 2005 23:20
		Re: Renguard/Norton Problems By: Recon on Sun, 23 October 2005 06:11
		Re: Renguard/Norton Problems By: Renx on Sun, 23 October 2005 07:51
		Re: Renguard/Norton Problems By: rc22fires on Sun, 23 October 2005 14:05
		Re: Renguard/Norton Problems By: Parad0x on Sun, 23 October 2005 12:27
		Re: Renguard/Norton Problems By: Alkaline on Sun, 23 October 2005 17:14
		Re: Renguard/Norton Problems By: =HT=T-Bird on Sun, 23 October 2005 17:29
		Re: Renguard/Norton Problems By: HTGunny on Sun, 23 October 2005 17:44
		Re: Renguard/Norton Problems By: =HT=T-Bird on Sun, 23 October 2005 17:47
		Re: Renguard/Norton Problems By: CrazyNick on Sun, 23 October 2005 21:24
		Re: Renguard/Norton Problems By: CrazyNick on Sun, 23 October 2005 22:10
		Re: Renguard/Norton Problems By: Blazer on Mon, 24 October 2005 02:40
		Re: Renguard/Norton Problems By: rc22fires on Mon, 24 October 2005 04:39
		Re: Renguard/Norton Problems By: Blazer on Mon, 24 October 2005 05:02
		Re: Renguard/Norton Problems By: ingram091 on Mon, 24 October 2005 00:34
		Re: Renguard/Norton Problems By: Nightma12 on Mon, 24 October 2005 00:47
		Re: Renguard/Norton Problems By: Crimson on Mon, 24 October 2005 03:24
		Re: Renguard/Norton Problems By: [NE]Shockwave[HS] on Fri, 28 October 2005 10:39
		Re: Renguard/Norton Problems By: Blazer on Mon, 24 October 2005 03:39
		Re: Renguard/Norton Problems By: ingram091 on Mon, 24 October 2005 03:52
		Re: Renguard/Norton Problems By: Blazer on Mon, 24 October 2005 05:00
		Re: Renguard/Norton Problems By: Alkaline on Mon, 24 October 2005 08:07
		Re: Renguard/Norton Problems By: Nightma12 on Mon, 24 October 2005 08:26
		Re: Renguard/Norton Problems By: CrazyNick on Mon, 24 October 2005 18:01
		Re: Renguard/Norton Problems By: Nightma12 on Tue, 25 October 2005 00:26
		Re: Renguard/Norton Problems By: Alkaline on Tue, 25 October 2005 18:31
		Re: Renguard/Norton Problems By: Kanezor on Tue, 25 October 2005 20:03
		Re: Renguard/Norton Problems By: Xerevix on Tue, 25 October 2005 21:25
		Re: Renguard/Norton Problems By: Kanezor on Tue, 25 October 2005 23:39
		Re: Renguard/Norton Problems By: ~-ALERT-~ on Wed, 26 October 2005 06:07
		Re: Renguard/Norton Problems By: mac on Wed, 26 October 2005 06:12
		Re: Renguard/Norton Problems By: HTGunny on Thu, 27 October 2005 00:58
		Re: Renguard/Norton Problems By: =HT=T-Bird on Fri, 28 October 2005 05:06
		Re: Renguard/Norton Problems By: Nightma12 on Wed, 26 October 2005 06:22
		Re: Renguard/Norton Problems By: catfishtuna on Wed, 26 October 2005 09:03
		Re: Renguard/Norton Problems By: Enforcer on Wed, 26 October 2005 10:41
		Re: Renguard/Norton Problems By: CrazyNick on Wed, 26 October 2005 22:59
		Re: Renguard/Norton Problems By: CrazyNick on Wed, 26 October 2005 23:02
		Re: Renguard/Norton Problems By: Nightma12 on Wed, 26 October 2005 09:12
		Re: Renguard/Norton Problems By: Blazer on Thu, 27 October 2005 12:49
		Re: Renguard/Norton Problems By: Crimson on Fri, 28 October 2005 06:08
		Re: Renguard/Norton Problems By: HTGunny on Sat, 29 October 2005 00:00
		Re: Renguard/Norton Problems By: Kanezor on Sat, 29 October 2005 11:27
		Re: Renguard/Norton Problems By: killboy06 on Fri, 28 October 2005 14:42
		Re: Renguard/Norton Problems By: Kanezor on Fri, 28 October 2005 18:37
		Re: Renguard/Norton Problems By: Crimson on Sat, 29 October 2005 02:06
		Re: Renguard/Norton Problems By: killboy06 on Sat, 29 October 2005 14:08
		Re: Renguard/Norton Problems By: Kanezor on Sat, 05 November 2005 00:50

Previous Topic:	Is something wrong w/ Renegade?
Next Topic:	Server Problems...

Goto Forum:

-=] Back to Top [=-

[ Syndicate this forum (XML) ] [

] [

]

Current Time: Fri Aug 09 20:20:57 MST 2024

Total time taken to generate the page: 0.01910 seconds