RE: Re[2]: Solaris telnet vulnberability - how many on your netw

看板Bugtraq作者ttevans.時間19年前 (2007/02/16 06:47)推噓0(0推 0噓 0→)

留言0則, 0人參與討論串2/3 (看更多)

For some commentary on this issue, this is one man's thoughts. http://www.schneier.com/crypto-gram-0602.html#16 Tom Hawk Corporation ttevans@hawkcorp.net 440-528-4045 Direct 440-498-2276 x 4045 Cell: 440-669-2526 Fax: 917-464-7241 -----Original Message----- From: Darren Reed [mailto:avalon@caligula.anu.edu.au]=20 Sent: Thursday, February 15, 2007 1:49 AM To: Thierry@Zoller.lu Cc: bugtraq@securityfocus.com Subject: Re: Re[2]: Solaris telnet vulnberability - how many on your network? In some mail from Thierry Zoller, sie said: >=20 > CDSC> real back doors are better > I like that tautologie, "real backdoors", what makes a backdoor more > real than another one ? Is it the coolness, the stealth ? Or is it > simply the fact that it gives back door access ? How about putting a backdoor into your C compiler such that it generates "special code" when it recognises it is compiling /bin/login that allows special access? That doesn't show up in any code audit of /bin/login... so you think about auditting the code that makes up the compiler.. where does the executable for that come from... and so on back.

‣ 返回看板[ Bugtraq ] 臭蟲

‣ 更多 ttevans. 的文章

文章代碼(AID): #15rEBf00 (Bugtraq)