I believe that in the wild solaris and linux have been the most common
systems exploited, and solaris is the #1 platform that has been seen to be
compromised and used to DOS other systems, thus the solaris binaries...
Thanks,
Ron DuFresne
On Wed, 5 Jan 2000 sedwards_at_sedwards.com wrote:
> On Tue, 4 Jan 2000, James Triplett wrote:
>
> > > Where to find the software:
> > >
> > > The host-based tool from NIPC may be found at:
> > > http://www.fbi.gov/nipc/trinoo.htm
> >
> > I suppose this is legit. However, they are asking us to run
> > AS ROOT, some unknown executable on all our important systems.
> > Goes against the most basic security procedures!
> >
> > No source provided, no way to ensure that this isn't just another trojan...
> > (even the fbi.gov site could be hacked, and anyway how do they know what
> > is in the executable?)
> >
> > James
>
> Running strings on the executable prints out stuff that looks a lot like
> the attack client/server. Did they use the source to create their tool?
>
> This made me anxious enough to wait for a while to see if somebody posted
> a warning...
>
> Also, why no i386 executables or even a mention that the executables they
> provided were only for SPARC?
>
>
> Thanks in advance,
> ------------------------------------------------------------------------
> Steve Edwards sedwards_at_sedwards.com Voice: +1-760-723-2727 PST
> Newline Pager: +1-888-478-5085 Fax: +1-760-731-3000
>
--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
admin & senior consultant: darkstar.sysinfo.com
http://darkstar.sysinfo.com
"Cutting the space budget really restores my faith in humanity. It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation."
-- Johnny Hart
testing, only testing, and damn good at it too!
Received on Jan 06 2000
Intro
