Re: Hey the crackers have a new twist 8-(.

Eric Murray (ericm@microunity.com)
Sat, 26 Mar 94 11:32:42 PST

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Icarus Sparry: "Re: Hey the crackers have a new twist 8-(."
Previous message: Brent Chapman: "Re: Hey the crackers have a new twist 8-(."
In reply to: Sean McLinden: "Re: Hey the crackers have a new twist 8-(."
Next in thread: Icarus Sparry: "Re: Hey the crackers have a new twist 8-(."

Sean McLinden wrote:
> 
> 
>[Description of mailing a script to a shell on sendmail-based systems deleted.]

I like the built-in socks part.  Cute.

Perhaps the next version of socks should provide some sort of
encrypted token exchange to allow only 'approved' clients to connect, even
from inside your bastion host...

> This "sort of attack" was the basis for the Morris Internet Worm which
> attracted (inter)national attention a few years back (I always preferred
> the term "Trojan Horse")

Um, I thought the sendmail hole the the Morris worm used was
the infamous 'wizard' mode, where you telnetted into the sendmail port
and typed 'wizard'.  Then sendmail just asked for a password
and if you provided it, dropped you in to a root shell.

--
     ericm         ericm@microunity.com

Next message: Icarus Sparry: "Re: Hey the crackers have a new twist 8-(."
Previous message: Brent Chapman: "Re: Hey the crackers have a new twist 8-(."
In reply to: Sean McLinden: "Re: Hey the crackers have a new twist 8-(."
Next in thread: Icarus Sparry: "Re: Hey the crackers have a new twist 8-(."