|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Frank Tobin (ftobin
neverending.org)Date: Tue Sep 04 2001 - 17:06:32 CDT
Wietse Venema, at 10:48 -0400 on Tue, 4 Sep 2001, wrote:
If an operator leaves his/her terminal unattended, then a miscreant
can plant any number of trojan horses to gain future root access.
However, trojans can theoretically be avoided given the right
user-environment setup. They also require action to be taken by the
victim, which increases the time it takes to execute the attack. The
attack I describe is not a trojan, and needs no vicitim action.
The importance of needing user action is important, because increasing the
length of time from the start of the attack to the finish of it increases
the possibility of the trojan being detected by some means.
-- Frank Tobin http://www.neverending.org/~ftobin/
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]