On Tue, 4 Jan 2000, James Triplett wrote: > > Where to find the software: > > > > The host-based tool from NIPC may be found at: > > http://www.fbi.gov/nipc/trinoo.htm > > I suppose this is legit. However, they are asking us to run > AS ROOT, some unknown executable on all our important systems. > Goes against the most basic security procedures! > > No source provided, no way to ensure that this isn't just another trojan... > (even the fbi.gov site could be hacked, and anyway how do they know what > is in the executable?) > > James Running strings on the executable prints out stuff that looks a lot like the attack client/server. Did they use the source to create their tool? This made me anxious enough to wait for a while to see if somebody posted a warning... Also, why no i386 executables or even a mention that the executables they provided were only for SPARC? Thanks in advance, ------------------------------------------------------------------------ Steve Edwards sedwardsat_private Voice: +1-760-723-2727 PST Newline Pager: +1-888-478-5085 Fax: +1-760-731-3000
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:56:46 PDT