|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: [Fwd: SANS Flash Alert For Solaris]
Subject: Re: [Fwd: SANS Flash Alert For Solaris]
From: R. DuFresne (dufresne
sysinfo.com)
Date: Thu Jan 06 2000 - 12:15:08 CST
- Next message: Dom De Vitto: "RE: proxy firewall and email"
- Previous message: Predrag Zivic: "Fwd: RE: PIX sux? (know Stateful vs Application)"
- In reply to: sedwardssedwards.com: "Re: [Fwd: SANS Flash Alert For Solaris]"
- Reply: R. DuFresne: "Re: [Fwd: SANS Flash Alert For Solaris]"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
I believe that in the wild solaris and linux have been the most common
systems exploited, and solaris is the #1 platform that has been seen to be
compromised and used to DOS other systems, thus the solaris binaries...
Thanks,
Ron DuFresne
On Wed, 5 Jan 2000 sedwardssedwards.com wrote:
> On Tue, 4 Jan 2000, James Triplett wrote:
>
> > > Where to find the software:
> > >
> > > The host-based tool from NIPC may be found at:
> > > http://www.fbi.gov/nipc/trinoo.htm
> >
> > I suppose this is legit. However, they are asking us to run
> > AS ROOT, some unknown executable on all our important systems.
> > Goes against the most basic security procedures!
> >
> > No source provided, no way to ensure that this isn't just another trojan...
> > (even the fbi.gov site could be hacked, and anyway how do they know what
> > is in the executable?)
> >
> > James
>
> Running strings on the executable prints out stuff that looks a lot like
> the attack client/server. Did they use the source to create their tool?
>
> This made me anxious enough to wait for a while to see if somebody posted
> a warning...
>
> Also, why no i386 executables or even a mention that the executables they
> provided were only for SPARC?
>
>
> Thanks in advance,
> ------------------------------------------------------------------------
> Steve Edwards sedwardssedwards.com Voice: +1-760-723-2727 PST
> Newline Pager: +1-888-478-5085 Fax: +1-760-731-3000
>
--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
admin & senior consultant: darkstar.sysinfo.com
http://darkstar.sysinfo.com
"Cutting the space budget really restores my faith in humanity. It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation."
-- Johnny Hart
testing, only testing, and damn good at it too!
- Next message: Dom De Vitto: "RE: proxy firewall and email"
- Previous message: Predrag Zivic: "Fwd: RE: PIX sux? (know Stateful vs Application)"
- In reply to: sedwardssedwards.com: "Re: [Fwd: SANS Flash Alert For Solaris]"
- Reply: R. DuFresne: "Re: [Fwd: SANS Flash Alert For Solaris]"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
This archive was generated by hypermail 2b27 : Thu Jan 06 2000 - 22:30:53 CST