Qualys Inc wrote:
>
>executable programs. On Linux systems, the Remote Shell Trojan
>typically begins its replication activities in the current working
>directory and in the /bin directory.
>
[ . . .]
>Mitigating Factors:
>-------------------
>The replication process of the Remote Shell Program can only effect
>binary files within the access privileges of the user who launched
>the originally infected program.
>
I think that this point should be emphasized a bit more, unless you are
simply out for dramatization. A properly configured machine won't have
the root user running untrusted binaries.
-b
--
#===================================================================#
# More dead people have written in support of Microsoft against the #
# DOJ than any other single group, leading UMSA (United MS Shills #
# of America) President Steve Barkto to lodge a formal complaint. #
#===================================================================#
----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com
Received on Sep 05 2001
Intro
