Security Incidents mailing list archives
Re: The origins of t0rnkit ?
From: David Masten <davemasten () YAHOO COM>
Date: Wed, 20 Sep 2000 20:28:56 -0700
I just dont understand why so much noise about more one script kiddie in our lives. Tornkit is just a rootkit made by a script kiddie to ease his "owning-nights". If we were analyze each rootkit made by script kiddies we would take all our whole lifes, since they can vary and change for each architecture. So if we made a good security routine before the attack I am sure you wouldnt even have been noticed that there was a rtk called "t0rnkit". I think you are making a tempest in a water cup... (just my opinion ;)
I wish I could agree with you. There are many reasons why the security community wants/needs to see each rootkit. Security is NEVER 100%. Signatures can be better determined for IDS use, there is a better chance to find the rootkit if it is there, and the best reason of all, curiosity. Dave __________________________________________________ Do You Yahoo!? Talk to your friends online with Yahoo! Messenger. http://im.yahoo.com
Current thread:
- The origins of t0rnkit ? Masial (Sep 18)
- Re: The origins of t0rnkit ? techno (Sep 19)
- Re: The origins of t0rnkit ? Gerrie (Sep 20)
- <Possible follow-ups>
- Re: The origins of t0rnkit ? Guilherme Mesquita (Sep 20)
- Re: The origins of t0rnkit ? David Masten (Sep 21)
- Re: The origins of t0rnkit ? Fredrik Ostergren (Sep 25)
- Re: The origins of t0rnkit ? techno (Sep 19)