Security Incidents mailing list archives
Re: Remote Shell Trojan: Threat, Origin and the Solution
From: Patrick Andry <pandry () wolverinefreight ca>
Date: Mon, 10 Sep 2001 13:38:40 -0400
Kevin Gagel wrote:
The best I can tell, it isn't reading in any weird strings. The most it looks like it's doing is removing parts of the file in 4k chunks.Has any expert c programers examined the c code to see if it actually does what the remarks say? I am suspicious of anything that is posted anonymously no matter howwell it's documented. I don't know C well enough to tell if the documentation is accuratelyportraying what the code is really doing. If it's not then this a one very well crafted "socially engineered" virus...
Can anyone else verify this? ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service.For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Current thread:
- Remote Shell Trojan: Threat, Origin and the Solution kai takashi (Sep 10)
- Re: Remote Shell Trojan: Threat, Origin and the Solution Nick FitzGerald (Sep 10)
- Re: Remote Shell Trojan: Threat, Origin and the Solution Kevin Gagel (Sep 10)
- Re: Remote Shell Trojan: Threat, Origin and the Solution Patrick Andry (Sep 10)
- <Possible follow-ups>
- RE: Remote Shell Trojan: Threat, Origin and the Solution John Stauffacher (Sep 10)
- RE: Remote Shell Trojan: Threat, Origin and the Solution Matt Block (Sep 10)
- RE: Remote Shell Trojan: Threat, Origin and the Solution Jonathan Rickman (Sep 10)
- RE: Remote Shell Trojan: Threat, Origin and the Solution Matt Block (Sep 10)