View previous topic :: View next topic |
Author |
Message |
Tom Bair SF Boss
Joined: 10 Aug 2002 Posts: 16776955 Location: Portland, Oregon USA
|
Posted: Fri Mar 04, 2005 2:09 am Post subject: HiJackThis Log Experts - At your service! |
|
|
HiJackThis Log Experts – At your service! is a wonderful short article highlighting our very own S.M.A.R.T. team's efforts to assist the community in fighting malware.
However, I'm certain that not very many members of SFDC actually realize just what type of training these people go through to become members of S.M.A.R.T..
Is it really difficult to learn how to rid one's PC of malware?
|
|
Back to top |
|
|
Sid New Member
Joined: 04 Jun 2004 Posts: 28 Location: Kansas
|
Posted: Fri Mar 04, 2005 2:14 am Post subject: Re: HiJackThis Log Experts - At your service! |
|
|
PCWriter wrote: |
Is it really difficult to learn how to rid one's PC of malware? |
No, I have been a SMART Trainee for a while now, and let me be the first to say that it is anything but hard. You work at your own pace, there are practice logs for you to work through, and if you are ever in doubt, you can PM a fellow SMART Member and get thee required assistance. It does however take patience and dedication, as sometimes you get those logs that just dont wanna be fixed
|
|
Back to top |
|
|
Groovicus Trusted SF Member
Joined: 19 May 2004 Posts: 9 Location: Centerville, South Dakota
|
Posted: Fri Mar 04, 2005 3:12 am Post subject: |
|
|
Hmmm...I would agree that it is not too difficult, at least once you get a feel for what to look for. That usually comes after a few hundred logs. The intriguing part is that you rarely have the same situation twice, and until you have a body of experience to draw from, it can be a little daunting. Then there are the times that you are faced with a new piece of malware (malicious software) that resists everything you throw at it. That's where the rest of the malware fighting community comes together, with experts from every walk of life getting together and trying to find a solution that is easy enough for a novice user to follow.
The biggest surprise to most trainees, I think, is the amount of time it takes to get a handle on things. The learning curve is pretty fair, and with the amount of sophistication that malware is starting to show, the learning curve for new trainees is getting steeper. Generally though, if one is diligent, inquisative, and patient, you will eventually develop a feel for what is going on. Even then, we all get stumped from time to time.
It is also something that you have to keep up with, or you quickly become lost. I know if I have to slack off on logs, it takes me a few weeks to really feel comfortable again. That's why many of us are members of other forums also, so we can share knowledge, and keep abreast of the latest developments.
It is very rewarding though, as hard work always is. I like helping people become comfortable with their systems, and I like the camraderie of the malware fighting community.
|
|
Back to top |
|
|
ryansutton Trusted SF Member
Joined: 25 Aug 2004 Posts: 67 Location: San Francisco, California
|
Posted: Fri Mar 04, 2005 4:50 am Post subject: |
|
|
I guess my perspective is a little different. I do not think it is easy to be a part of the S.M.A.R.T. team. You have to continually stay up to date with not only malware fighting techniques but also the malware itself which is difficult becasue we do everything we can to keep it off our systems. In addition to that we have to learn how to use multiple pieces of software not just on a basic level but we need to know the advanced features as well.
In regards to the logs we analyse... Two days ago I printed out a log and spent about two hours just researching all the proccess running and registry keys. After doing that I highlighted questionable lines and did further research for removal instructions. I sometimes spend multiple days researching a log trying to figure out what is infected.
So after reading that I guess most people would be asking why the heck do we do it? I think Groovicus sets the best example in why we do what we do. We like to help people, we like to stay on top the latest malware information & we think the S.M.A.R.T. tag on our names looks pretty neat. Also on a personal note, I have been thrilled to be able to help friends and family rid their PC's of malware. Working in IT I have found it to be a useful skill on the job as well.
|
|
Back to top |
|
|
Kaosu Just Arrived
Joined: 03 Oct 2004 Posts: 0 Location: United States
|
Posted: Fri Mar 04, 2005 3:06 pm Post subject: |
|
|
The training process is really what the trainee makes of it. Learning to combat malware is something that requires determination, intelligence and a positive attitude. As Groovicus said, hostile software is only getting smarter and becoming more problematic than ever. However, I personally feel that the knowledge I am earning here will allow me to combat even the toughest malware in the future.
A big part of our training is learning how to properly research a topic and gain a deep understanding of what we are attempting to do. Although the mentors will help us in any way possible, they will not hold our hands. So I guess you can say the most important thing we learn is how to rely on ourselves and when to ask for help.
If someone asked me the question: "Is the training hard?", I would probably simply reply with: "It really depends on the person who is going through the training. Some learn quicker than others and some step into this game with an understanding of the technology that is used. So you may have a harder time than I did or not."
I hope my personal views on this topic helped answer some questions and give more insight to what the team is about. The most important thing to remember is that we do what we love, and we love what we do. So we are more than willing to welcome anyone with open arms and help those in need.
|
|
Back to top |
|
|
meeeeeeeeee Just Arrived
Joined: 05 Feb 2004 Posts: 2 Location: CT, USA
|
Posted: Fri Mar 04, 2005 5:27 pm Post subject: |
|
|
Well for those of you who think this is easy (yes, you Sid!) I'm going to have to toughen up the training a bit.
Seriously, the learning process isn't too tricky, if you have some basics down first. For someone new to computing, learning to analyze a log could be pretty daunting. You need to know how Operating Systems and browsers work. You need to understand what is a normal problem due to improper settings, hardware issues and/or user error and what problems are due to malware.
You also need to have some investigative skills & patience. People who come to us for help sometimes don't have any computing background. You need to read someone's problem description "The thing doesn't open the right way and I'm getting lots of extra internets" and know how to interpret that in light of what you see in the log. Sometimes understanding what the problem really is can be the toughest part, since we don't actually get to see the infected computer.
You also need to keep up on what's new. As soon as we (the collective anti-malware community) learn to fight a difficult infection, the malware authors will tweak it to make it tougher to fight. It's a constant learning process. It's important to belong to as many groups as you can in order to glean all the new information. This takes time - both to locate the groups and to read up on all the new info. I personally spend about an hour a day just reading up on new developments.
In conclusion I would say it's not a difficullt thing to learn, if you have the background, dedication and the time. Like so much in life, you get out of it what you put into it.
|
|
Back to top |
|
|
CyberSorcerer Just Arrived
Joined: 10 Jul 2006 Posts: 0
|
Posted: Mon Jul 10, 2006 1:50 pm Post subject: |
|
|
Well after following a link in another forum I found this thread which I have to add to what everyone is saying here. Even though I just signed up at this forum I am not new to computers by any means. I myself am a member of a few spyware/malware forums some of which are very restrictive in their membership such as http://malware-research.co.uk/ where my main skills at this forum is in Reverse-Engineering malware.
It is nice to have forums that take on the task of training new spyware/malware fighters and adding to the volunteers out their to help people remove such software off their computers. So once you enroll in a program such as offered here try you best to stick with it. Things will get tough, but dealing with spyware/malware is tough anyway once it is on your computer, so you might as well learn how to take it off.
Well I guess I will take a look around the forum here to see what all is going on.
CyberSorcerer
|
|
Back to top |
|
|
wickerandvine New Member
Joined: 20 Oct 2006 Posts: 25 Location: alang-alang Mandaue
|
Posted: Mon Nov 06, 2006 7:07 am Post subject: |
|
|
how can i become a SMART member or trainee? Where will i go? Who will i approach?
|
|
Back to top |
|
|
Tom Bair SF Boss
Joined: 10 Aug 2002 Posts: 16776955 Location: Portland, Oregon USA
|
Posted: Mon Nov 06, 2006 10:45 am Post subject: |
|
|
Send a Private Message to SifuMike stating your interest.
|
|
Back to top |
|
|
ryansutton Trusted SF Member
Joined: 25 Aug 2004 Posts: 67 Location: San Francisco, California
|
|
Back to top |
|
|
|