Edwards, David (JTS) writes: > Hi, > >> -----Original Message----- >> From: Nick FitzGerald [mailto:nick@virus-l.demon.co.uk] >> If they don't, you clearly need to revise your site's judgments about >> who is worthy of having admin (equivalent) passwords. > > Hmmm, who rattled your chain.. Are you saying that the > only way this incident could have happened is if one of > our administrators stuffed up? An educated guess would be someone with admin-rights surfing warez & p0rn-sites and "infecting" himself through the automatic installation of said trojan via a IE-feature or vulnerability (or social engineering). People in Germany are often plagued by this, but here, the programs change the default ISP-number in Windoze to a number that is subject to varying arbitrary charges and thus resulting in horrendous phone bills. cheers, Rainer -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Rainer Duffner Munich rainer@ultra-secure.de Germany http://www.i-duffner.de Freising ======================================== When shall we three meet again In thunder, lightning, or in rain? ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Wed May 08 2002 - 09:17:38 PDT