Full Disclosure mailing list archives
Re: Barracuda backdoor
From: "corpus.defero" <corpus.defero () idnet com>
Date: Thu, 28 Apr 2011 17:05:16 +0100
On Thu, 2011-04-28 at 08:29 -0700, ichib0d crane wrote: (snipped)
but that doesn't change the fact that Barracuda has done something likely bad here. A vendor should make it explicitly clear when they have the capability to disable remote products that have already been purchased. Maybe their ToS allows it, maybe not. Either way it is highly unethical.
They can't. All they can do is disable updating of the virus and spam definitions. It will still work without a subscription to 'energize updates'. There was once an obvious and open back door on these units redirecting port 25 (naturally open on a firewall) to a listening SSH daemon for IP's belonging to Barracuda. It was not very sophisticated, just an IPTABLES rule. Here is the rub with Barracuda - and forgive me for being rude but my observations of them over the last few years has made them a bit of chew toy. The majority of their core team are either clueless retards or high on drugs. Honestly, just tug apart some of the code in one of these boxes and it is seriously lame to the point anyone who has progressed past schoolboy BASIC will usually cry laughing. Seriously, anyone who pays $£40k for one of these really needs to be put into an institution as it is money very poorly spent. That's the end of my contribution and now I must sleep until I see that name spring up again somewhere else. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Barracuda backdoor Tõnu Samuel (Apr 28)
- Re: Barracuda backdoor Benji (Apr 28)
- Re: Barracuda backdoor Tõnu Samuel (Apr 28)
- Re: Barracuda backdoor Christian Sciberras (Apr 28)
- Re: Barracuda backdoor Tõnu Samuel (Apr 28)
- Re: Barracuda backdoor Marsh Ray (Apr 28)
- Re: Barracuda backdoor Tõnu Samuel (Apr 29)
- Re: Barracuda backdoor Tõnu Samuel (Apr 28)
- Re: Barracuda backdoor Benji (Apr 28)
- Re: Barracuda backdoor corpus.defero (Apr 28)
- Re: Barracuda backdoor Tõnu Samuel (Apr 29)
- Re: Barracuda backdoor Tõnu Samuel (Apr 29)
- Re: Barracuda backdoor Valdis . Kletnieks (Apr 28)
- Re: Barracuda backdoor Cal Leeming (Apr 29)
- Re: Barracuda backdoor Hartley, Christopher J. (Apr 29)
- Re: Barracuda backdoor Cal Leeming (Apr 29)
- Re: Barracuda backdoor bk (Apr 28)
- Re: Barracuda backdoor Cal Leeming (Apr 29)