Re: Possible remote vulnerability in SSH-1.2.27

[Alexandru Balan <jay () iNES RO>]

> Bottom line, just have a tripwire installed/configured and you'll "have" them by dinner. Maybe they think "hey its so 
> simple that they wont even see it or bother to remove it", who knows..

Assuming you have 'em. What then ? Sue them ? afaik they have to be
caught _in the act_ .A few days ago i saw a policeman searching a
windows machine for logs regarding Credit Card fraud. He searched in "My
Documents" and that was that. Well, i ask you gents.. how would that man
tell the difference between a "l33t h3x0r" DDOS-ing and a peaceful
BitchX user ? (both sittin' next to one another with putty sessions
open). 
About tripwire... i don't have the patience to setup tripwire on a P1
90Mhz 16Mb RAM. A guy gave a better idea on another list. Simply mv
wget,ftp,lynx and all regular progs used by skiddies sumplace else and
that would discourage them a bit (i find the situation rather amusing
myself). 

--
Jay (need fresh coffee) 



----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com