Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Morpheous detection

From: Bob Van Cleef <vancleef () microunity com>
Date: Thu, 7 Feb 2002 08:50:48 -0800 (PST)

In one report I saw this quote:
----------------------------------------------------------------------
Some might see this merely as a cautionary tale for Morpheus users: when
sharing files, they should realize that they are opening up their
computer--if only a few files on it--to strangers. They must take
responsibility for what they are doing.

Unfortunately, the problem strikes more deeply than that. If the
compromised machine is part of an organization's network, that machine
becomes a stepping-stone to compromising the entire network. This feature
thus can endanger an entire network. Sysadmins must ensure that user
machines have the appropriate sharing safeguards. This may be difficult
with systems that share everything as the default. In the long run, it's
the compromised networks that pay the price for free music.
----------------------------------------------------------------------

Is there a signature that would alert me if someone was running
Morpheus or an equivalent program on one of our systems?

Bob
-- 

<>  ><>  ><>  ><>  ><>  ><>  ><>  ><>  ><>  ><>  ><>  ><>  ><>

Bob Van Cleef, Systems Administrator             (408) 734-8100
MicroUnity, Inc.                             FAX (408) 734-8136
376 Martin Ave., Santa Clara, CA 95050  vancleef () microunity com


_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: