Re: [ISN] Intrusion detection team denies Trojan claim

From: InfoSec News (isn@private)
Date: Tue Sep 23 2003 - 22:32:35 PDT

  • Next message: InfoSec News: "Re: [ISN] State Department's warns visa-checking system crippled by computer virus"

    Forwarded from: Kurt Seifried <listuser@private>
    
    If you are worried about back doors in Snort:
    
    Snort is OpenSource.
    Snort source archives going back several years (at multiple locations) are
    available as well as vendor supplied packages/etc containing the original
    source code in signed packages (such as source rpm's)
    Snort CVS logs are available at public archives of mailing lists/etc.
    
    Using diff and CVS logs to look for strange changes is not hard (time
    consuming, but not hard).
    Auditing the current code is also possible, probably harder then reading
    just the diffs, but certainly within the realm of possibility.
    
    
    Kurt Seifried, kurt@private
    A15B BEE5 B391 B9AD B0EF
    AEB0 AD63 0B4E AD56 E574
    http://seifried.org/security/
    
    
    
    -
    ISN is currently hosted by Attrition.org
    
    To unsubscribe email majordomo@private with 'unsubscribe isn'
    in the BODY of the mail.
    



    This archive was generated by hypermail 2b30 : Wed Sep 24 2003 - 01:39:14 PDT