Vulnerability Development mailing list archives
Re: Another new worm???
From: jlegate () SITESMITH COM (Jason Legate)
Date: Thu, 22 Jun 2000 16:39:44 -0700
*nod* However, the trojan idea could still work against a "trusted user". If you send them something over their AOL public IP, and they accept it, then the trojan would capture them using the TOD server, giving you perhaps the phone number, and how to interact with it. If you were a real professional, you could even snag the key from the Defender key, and the "secret code" to unlock it. *comes down from his pipe dream* -j On Thu, Jun 22, 2000 at 06:24:18PM -0500, David Knaack wrote:
From: Jason Legate <jlegate () sitesmith com>AFAIK, the TODs are not signed, but after speaking with an ex-aol employee, she has said that they use a private lan, with a backdoor phone number.Such a setup would probably require a fairly involved effort to compromise. Professional black hat stuff I guess. A more likely senerio would be to attack groups of users by routing their traffic to server that understands AOLP and delivers the TOD after the inital connection, then forces them to disconnect. Subsequent connections would be to the real AOL server. DK
-- /--------------------------/ Jason Legate \------------------------\ | jlegate () sitesmith com | SiteSmith, Inc. | | 24x7 Call Center | http://www.sitesmith.com | | 888.898.7667 | PGP Key ID - 0xE29C48B | +---------------------------------+--------------------------------+ | Fingerprint - 769E 8DB4 C4DB C555 2697 51C6 3181 7D6E E299 C48B | \------------------------------------------------------------------/ <HR NOSHADE> <UL> <LI>application/pgp-signature attachment: stored </UL>
Current thread:
- Re: Another new worm???, (continued)
- Re: Another new worm??? Blue Boar (Jun 21)
- Re: Another new worm??? Crispin Cowan (Jun 22)
- Re: Another new worm??? Blue Boar (Jun 21)
- Re: Another new worm??? Harmer, Mike (Jun 21)
- Re: Another new worm??? Frank Town (Jun 21)
- Re: Another new worm??? Justin Lintz (Jun 21)
- Re: Another new worm??? Steve Mosher (Jun 22)
- Re: Another new worm??? Michael S Hines (Jun 23)
- Re: Another new worm??? David Knaack (Jun 22)
- Re: Another new worm??? Jason Legate (Jun 22)
- Re: Another new worm??? David Knaack (Jun 22)
- Re: Another new worm??? Jason Legate (Jun 22)
- Red Hat 6.2's ftp segmentation fault Paulo Ribeiro (Jun 22)
- Re: Red Hat 6.2's ftp segmentation fault Osvaldo J. Filho (Jun 23)
- Re: Red Hat 6.2's ftp segmentation fault Michal Zalewski (Jun 23)
- Re: Red Hat 6.2's ftp segmentation fault Jeff Bachtel (Jun 23)
- Re: Red Hat 6.2's ftp segmentation fault Philip Rowlands (Jun 23)
- Re: Red Hat 6.2's ftp segmentation fault Bluefish (Jun 24)
- Re: Red Hat 6.2's ftp segmentation fault Jim Kinney (Jun 24)
- Re: Red Hat 6.2's ftp segmentation fault Blue Boar (Jun 24)
- Different attack vector - PXE-2.0 protocol Ollie Whitehouse (Jun 25)
- Spoofed FTP connections John Scimone (Jun 25)
- Re: Another new worm??? Justin Lintz (Jun 21)