AW: [Honeywall] Sebek-WIN32 v3.0.4

Stefan Vömel svoemel at rumms.uni-mannheim.de
Tue Jun 17 05:01:42 EDT 2008


Imran,

Sebek is a tool for silently capturing keystrokes, it uses many techniques
that are also implemented in some known rootkits. That's why it's detected
by your virus scanner even though I would rather see it as a false positive.
After all, it's only a tool and can be used by both "whitehats" and
"blackhats". 

Concerning the stability: The Win32 version doesn't work for me either:
After installing Sebek, the system (Win XP) gets extremely unstable and
constantly crashes with a blue screen as it is in your case. I feel that the
software is a bit outdated and I've stopped using it. On Windows 2000,
however, it seems to work properly. 


Best regards,

Stefan


________________________________

	Von: honeywall-bounces at public.honeynet.org
[mailto:honeywall-bounces at public.honeynet.org] Im Auftrag von Imran Shaikh
	Gesendet: Dienstag, 17. Juni 2008 08:48
	An: honeywall at public.honeynet.org; honeypots at securityfocus.com
	Betreff: [Honeywall] Sebek-WIN32 v3.0.4
	
	

	Dear all,
	

	
	I have scanned Sebek-WIN32 v3.0.3 & Sebek-WIN32 v3.0.4 but both are
infected and AV detected it as a Malware. Also, when I restarted my PC1
after installation of Sebek-WIN32 v3.0.3 and restarted my PC2 after
installation of Sebek-WIN32 v3.0.4, BLUE screen error occur.

	 I am using  Win 2003 server Enterprise Edition with Sp2 and
HoneyNet CD-ROM roo-1.4.hw-20080423134017.

	 Please help me regarding this problem.

	Your urgent and helpful response will be highly appreciated. 

	
	Thanks & Regards,

	 Imran Shaikh
	





More information about the Honeywall mailing list