Qualys Inc wrote: > >executable programs. On Linux systems, the Remote Shell Trojan >typically begins its replication activities in the current working >directory and in the /bin directory. > [ . . .] >Mitigating Factors: >------------------- >The replication process of the Remote Shell Program can only effect >binary files within the access privileges of the user who launched >the originally infected program. > I think that this point should be emphasized a bit more, unless you are simply out for dramatization. A properly configured machine won't have the root user running untrusted binaries. -b -- #===================================================================# # More dead people have written in support of Microsoft against the # # DOJ than any other single group, leading UMSA (United MS Shills # # of America) President Steve Barkto to lodge a formal complaint. # #===================================================================# ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Wed Sep 05 2001 - 14:04:04 PDT