Firewall Wizards mailing list archives
Re: [Fwd: SANS Flash Alert For Solaris]
From: "R. DuFresne" <dufresne () sysinfo com>
Date: Thu, 6 Jan 2000 12:15:08 -0600 (CST)
I believe that in the wild solaris and linux have been the most common systems exploited, and solaris is the #1 platform that has been seen to be compromised and used to DOS other systems, thus the solaris binaries... Thanks, Ron DuFresne On Wed, 5 Jan 2000 sedwards () sedwards com wrote:
On Tue, 4 Jan 2000, James Triplett wrote:Where to find the software: The host-based tool from NIPC may be found at: http://www.fbi.gov/nipc/trinoo.htmI suppose this is legit. However, they are asking us to run AS ROOT, some unknown executable on all our important systems. Goes against the most basic security procedures! No source provided, no way to ensure that this isn't just another trojan... (even the fbi.gov site could be hacked, and anyway how do they know what is in the executable?) JamesRunning strings on the executable prints out stuff that looks a lot like the attack client/server. Did they use the source to create their tool? This made me anxious enough to wait for a while to see if somebody posted a warning... Also, why no i386 executables or even a mention that the executables they provided were only for SPARC? Thanks in advance, ------------------------------------------------------------------------ Steve Edwards sedwards () sedwards com Voice: +1-760-723-2727 PST Newline Pager: +1-888-478-5085 Fax: +1-760-731-3000
-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ admin & senior consultant: darkstar.sysinfo.com http://darkstar.sysinfo.com "Cutting the space budget really restores my faith in humanity. It eliminates dreams, goals, and ideals and lets us get straight to the business of hate, debauchery, and self-annihilation." -- Johnny Hart testing, only testing, and damn good at it too!
Current thread:
- [Fwd: SANS Flash Alert For Solaris] Peter J Dinauer (Jan 04)
- Re: [Fwd: SANS Flash Alert For Solaris] James Triplett (Jan 05)
- Re: [Fwd: SANS Flash Alert For Solaris] R. DuFresne (Jan 06)
- Re: [Fwd: SANS Flash Alert For Solaris] sedwards (Jan 06)
- Re: [Fwd: SANS Flash Alert For Solaris] R. DuFresne (Jan 06)
- Re: [Fwd: SANS Flash Alert For Solaris] spiff (Jan 06)
- Re: [Fwd: SANS Flash Alert For Solaris] James Triplett (Jan 05)