Results 1 to 9 of 9
  1. #1
    5 Star Lounger
    Join Date
    Jul 2002
    Location
    Hatsukaichi, Hiroshima, Japan
    Posts
    904
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Gibson Research's SecurAble program

    Hello, I'm wondering if anyone has tried GRC's SecurAble? Here's the introductory blurb:

    <hr>SecurAble probes the system's processor to determine the presence, absence and operational status of three modern processor features:

    * 64-bit instruction extensions,
    * Hardware support for detecting and preventing
    the execution of code in program data areas, ... and
    * Hardware support for system resource “virtualization.”
    <hr>

    I tried it and I'm a bit concerned about the results I got for the last item. Apparently Hardware virtualization on my machine is enabled and locked. This is what the results information had to say about this:

    <hr>Virtualization Locked On

    This processor's advanced hardware support for virtualization has been
    enabled and "locked on" to prevent virtual machine penetration
    compromise. This was probably done by your system's BIOS or by whatever
    desktop virtual machine system you are using, if any. But if neither are
    the case you may wish to determine what has done this since it could be
    a sign of an advanced root kit compromise. <hr>

    I'm trying to determine what has caused this result. I checked the bios but couldn't find any setting that related to it. I tried using myconfig to do a selected startup without any security programs (I disconnected from the internet by physically removing the cable before doing this) but got the same result. Now, I'm at a loss as to how to find the cause. Does anyone have any ideas?

    Thanks,

    Chris (Hunt)

  2. #2
    Plutonium Lounger
    Join Date
    Oct 2001
    Location
    Lexington, Kentucky, USA
    Posts
    12,107
    Thanks
    0
    Thanked 1 Time in 1 Post

    Re: Gibson Research's SecurAble program

    I haven't run any of his stuff for some time, Chris so I don't know anything about your dilemma, sorry. However, there is an interesting article in <post:=682,722>post 682,722</post:> that leads to Prevx CSI - FREE Malware Scanner which you might want to try also. Might help to have a second opinion on your status.

  3. #3
    5 Star Lounger
    Join Date
    Jul 2002
    Location
    Hatsukaichi, Hiroshima, Japan
    Posts
    904
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Gibson Research's SecurAble program

    Thanks, Big Al. I did a scan and it gave me a clean bill of health. I'm still wondering about what could be responsible for the results I'm getting with SecurAble. If anyone else tries it please post the results.

    Chris

  4. #4
    Plutonium Lounger
    Join Date
    Mar 2002
    Posts
    84,353
    Thanks
    0
    Thanked 29 Times in 29 Posts

    Re: Gibson Research's SecurAble program

    I tried it but my processor is too old to support any of the items SecurAble checks for (I got 32, No, No).

    Have you tried AVG Anti-Rootkit Free? If it doesn't turn up anything suspicious, I wouldn't worry.

    Note: the output of some rootkit detectors, such as SysInternals' RootkitRevealer is highly technical and hard to interpret for the avarage user. The AVG one mentioned above uses the same 'engine', I think, but it suppresses the irrelevant results.

  5. #5
    5 Star Lounger
    Join Date
    Jul 2002
    Location
    Hatsukaichi, Hiroshima, Japan
    Posts
    904
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Gibson Research's SecurAble program

    Thanks Hans. I have AVG Ant-Rootkit Free and just reran it - it gave me a clean bill of health as well. I have tried using icesword and gmer but the results are even more detailed and obscure than with RootkitRevealer. I'll sleep on it and see if I can come up with any other way to find out what is happening. One thing I still haven't done is fished out the motherboard manual and gone through it. It might have some information leading me to some setting in the bios that I've missed.

    All the best,

    Chris

  6. #6
    Plutonium Lounger
    Join Date
    Oct 2001
    Location
    Lexington, Kentucky, USA
    Posts
    12,107
    Thanks
    0
    Thanked 1 Time in 1 Post

    Re: Gibson Research's SecurAble program

    I've done Gibson's security checkups in the past and bought his Spinrite a time or two, but I wonder if he would respond to a query, Chris? Mebbe he could shed some light - I don't know if he's a one-man show or if he has any "helpers" who work with him...

  7. #7
    Uranium Lounger viking33's Avatar
    Join Date
    Jun 2002
    Location
    Cape Cod, Massachusetts, USA
    Posts
    6,308
    Thanks
    0
    Thanked 1 Time in 1 Post

    Re: Gibson Research's SecurAble program

    Chris,

    Reading "between the lines" of Steve Gibson's description pages, I think it ( Securable ) is just an initial release and still a work in progress.

    Steve admits that he has more to do with this program yet, so I wouldn't be too concerned with your test results at this stage of the game.
    BOB
    http://lounge.windowssecrets.com/S/flags/USA.gif http://lounge.windowssecrets.com/S/f...sachusetts.gif


    Long ago, there was a time when men cursed and beat on the ground with sticks. It was called witchcraft.
    Today it is called golf!

  8. #8
    5 Star Lounger
    Join Date
    Jul 2002
    Location
    Hatsukaichi, Hiroshima, Japan
    Posts
    904
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Gibson Research's SecurAble program

    Hi Bob, thanks for posting. My take on the description pages is a little different. I felt he was saying that Securable was complete in itself but that it was the first stage in a further process. I don't think Steve Gibson would release something unless it was tested and finished.

    I'm happy to report that the mystery has been solved. I rechecked the bios of my Gigabyte P35-DS3R motherboard and finally found the Virtualization setting under miscellaneous. I think it was enabled by default. As a test I disabled it and Securable showed that Hardware Virtualization was switched off. So after a bit of fretting I now think that my system is not only clean but has a good security feature built in. I think SecurAble is a useful tool.

    All the best,

    Chris

  9. #9
    Uranium Lounger viking33's Avatar
    Join Date
    Jun 2002
    Location
    Cape Cod, Massachusetts, USA
    Posts
    6,308
    Thanks
    0
    Thanked 1 Time in 1 Post

    Re: Gibson Research's SecurAble program

    Chris,
    Glad to hear you got things straightened out again.

    I've always liked Steve Gibson's work and think he and his crew do a good job putting out reliable software. I just got that impression when reading the blurb, particularly the last few paragraphs, that he might like to make some enhancements to Securable. Just a feeling, that's all. <img src=/S/shrug.gif border=0 alt=shrug width=39 height=15>
    BOB
    http://lounge.windowssecrets.com/S/flags/USA.gif http://lounge.windowssecrets.com/S/f...sachusetts.gif


    Long ago, there was a time when men cursed and beat on the ground with sticks. It was called witchcraft.
    Today it is called golf!

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •