http://www.vnunet.com/News/1122902 By James Middleton 07 Jun 2001 Codex Data Systems, marketers of the controversial Dirt Trojan, has rubbished claims that the product does not actually exist. Eddie James, vice president of Codex, told vnunet.com: "Dirt has been available since 1998. It is in use by a number of law enforcement agencies." James also claimed that organisations such as Nato and the Hi-tech Crime Investigators Association have expressed interest in the product. "The only reason it is of interest now is because someone got hold of a marketing presentation that was not for public disclosure. In fact, the product's existence was not meant to be public knowledge," he said, adding that "if we find that person we will file a criminal complaint through the Secret Service". James said that he would "love to demonstrate the tool", but since vnunet.com is not an officially recognised law enforcement agency, he could not. The reputation of Codex has been called into question after it was revealed by UK news website theregister that company chief executive Frank Jones is a convicted felon and known fraudster currently on probation for illegal possession of surveillance devices. James was forced to acknowledge that the only reason Dirt is undetectable by antivirus software is because no antivirus company has ever seen it, and that it could only be used as a "last resort" tool after obtaining a court order. As for the ability to bypass firewalls, done by killing the process in the operating system, there is no explanation as to how it attacks the firewall in the first place. However, Paul Rogers, network security analyst at MIS, who has met the company, said he was very impressed with the standard of keyloggers Codex offered, but as he had not seen Dirt in action, he remained sceptical. The rumours have also been fuelled by newsgroup postings from people claiming to have seen demonstrations of Dirt. One such posting on the Cypherpunk Hyperarchive said that Dirt it is "not much more than BackOrifice, NetBus, VNC or PC Anywhere, for that matter". "It has a bit more capability than some of those, in that it will act as something similar to an FTP server and a keystroke capture tool. But any programmer with 2nd year C programming and a Win32 compiler can download VNC and add stuff to it to do the same thing," it added. ISN is hosted by SecurityFocus.com --- To unsubscribe email isn-unsubscribeat_private
This archive was generated by hypermail 2b30 : Fri Jun 08 2001 - 02:51:53 PDT