|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: [Fwd: SANS Flash Alert For Solaris]
Subject: Re: [Fwd: SANS Flash Alert For Solaris]
From: R. DuFresne (dufresne
sysinfo.com)
Date: Wed Jan 05 2000 - 13:08:08 CST
- Next message: sedwardssedwards.com: "Re: [Fwd: SANS Flash Alert For Solaris]"
- Previous message: spiff: "Re: [Fwd: SANS Flash Alert For Solaris]"
- In reply to: James Triplett: "Re: [Fwd: SANS Flash Alert For Solaris]"
- Next in thread: sedwardssedwards.com: "Re: [Fwd: SANS Flash Alert For Solaris]"
- Reply: R. DuFresne: "Re: [Fwd: SANS Flash Alert For Solaris]"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Since when does one need 'source' for a mere script? more script would
satisfy me for sure...
Thanks,
Ron DuFresne
On Tue, 4 Jan 2000, James Triplett wrote:
> On Tue, Jan 04, 2000 at 03:08:49PM -0800, Peter J Dinauer wrote:
> > The hunt is on . . . .
>
> > Received: from SpoolDir by ROADRUNNER (Mercury 1.44); 4 Jan 00 13:10:19 pst8pdt
> > If you have a lot of experience with software that is still a bit
> > green, you could really make a contribution to the community by
> > running and testing the scanning program.
> >
> > If you are less experienced you might want to delay a day or two.
> > But don't delay long, the tool may have a short life span, as the
> > attackers will begin to modify the trojan code to evade detection.
> >
> > Where to find the software:
> >
> > The host-based tool from NIPC may be found at:
> > http://www.fbi.gov/nipc/trinoo.htm
> >
>
> I suppose this is legit. However, they are asking us to run
> AS ROOT, some unknown executable on all our important systems.
> Goes against the most basic security procedures!
>
> No source provided, no way to ensure that this isn't just another trojan...
> (even the fbi.gov site could be hacked, and anyway how do they know what
> is in the executable?)
>
> James
>
--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
admin & senior consultant: darkstar.sysinfo.com
http://darkstar.sysinfo.com
"Cutting the space budget really restores my faith in humanity. It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation."
-- Johnny Hart
testing, only testing, and damn good at it too!
- Next message: sedwardssedwards.com: "Re: [Fwd: SANS Flash Alert For Solaris]"
- Previous message: spiff: "Re: [Fwd: SANS Flash Alert For Solaris]"
- In reply to: James Triplett: "Re: [Fwd: SANS Flash Alert For Solaris]"
- Next in thread: sedwardssedwards.com: "Re: [Fwd: SANS Flash Alert For Solaris]"
- Reply: R. DuFresne: "Re: [Fwd: SANS Flash Alert For Solaris]"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
This archive was generated by hypermail 2b27 : Thu Jan 06 2000 - 12:38:51 CST