> > You don't have to be doing something stupid to trigger a trojon.
> What would be a non-stupid way for an admin to trigger a trojan on his
> server?
DNS poisioning when you downloaded the patch file, for instance.
On UNIX boxes, a local attacker could have altered an alias for a common
command to fetch, compile and insert a Nasty kernel module and then waited
for you to run that command.
--
Tom Chiverton
Advanced ColdFusion Programmer
Tel: +44(0)1749 834997
email: [EMAIL PROTECTED]
BlueFinger Limited
Underwood Business Park
Wookey Hole Road, WELLS. BA5 1AF
Tel: +44 (0)1749 834900
Fax: +44 (0)1749 834901
web: www.bluefinger.com
Company Reg No: 4209395 Registered Office: 2 Temple Back East, Temple
Quay, BRISTOL. BS1 6EG.
*** This E-mail contains confidential information for the addressee
only. If you are not the intended recipient, please notify us
immediately. You should not use, disclose, distribute or copy this
communication if received in error. No binding contract will result from
this e-mail until such time as a written document is signed on behalf of
the company. BlueFinger Limited cannot accept responsibility for the
completeness or accuracy of this message as it has been transmitted over
public networks.***
[Todays Threads] [This Message] [Subscription] [Fast Unsubscribe] [User Settings]
