Since when does one need 'source' for a mere script? more script would satisfy me for sure... Thanks, Ron DuFresne On Tue, 4 Jan 2000, James Triplett wrote: > On Tue, Jan 04, 2000 at 03:08:49PM -0800, Peter J Dinauer wrote: > > The hunt is on . . . . > > > Received: from SpoolDir by ROADRUNNER (Mercury 1.44); 4 Jan 00 13:10:19 pst8pdt > > If you have a lot of experience with software that is still a bit > > green, you could really make a contribution to the community by > > running and testing the scanning program. > > > > If you are less experienced you might want to delay a day or two. > > But don't delay long, the tool may have a short life span, as the > > attackers will begin to modify the trojan code to evade detection. > > > > Where to find the software: > > > > The host-based tool from NIPC may be found at: > > http://www.fbi.gov/nipc/trinoo.htm > > > > I suppose this is legit. However, they are asking us to run > AS ROOT, some unknown executable on all our important systems. > Goes against the most basic security procedures! > > No source provided, no way to ensure that this isn't just another trojan... > (even the fbi.gov site could be hacked, and anyway how do they know what > is in the executable?) > > James > -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ admin & senior consultant: darkstar.sysinfo.com http://darkstar.sysinfo.com "Cutting the space budget really restores my faith in humanity. It eliminates dreams, goals, and ideals and lets us get straight to the business of hate, debauchery, and self-annihilation." -- Johnny Hart testing, only testing, and damn good at it too!
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:56:46 PDT