Date: Wed, 14 Nov 2001 18:20:15 +0100 (CET) From: Krzysztof Zaraska <kzaraska@student.uci.agh.edu.pl> To: Rob Hurle <rob@coombs.anu.edu.au> Cc: Stefan Probst <stefan.probst@opticom.v-nam.net>, freebsd-security@FreeBSD.ORG Subject: Re: Adore worm Message-ID: <Pine.BSF.4.21.0111141810210.671-100000@lhotse.zaraska.dhs.org> In-Reply-To: <20011114100516.L432-100000@freebsd.connect-a.com.au>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 14 Nov 2001, Rob Hurle wrote: > People advise ssh, but I notice that this particular attack also has a new > version of ssh to install, so I don't know about that. This may be done for two reasons: 1. To install a version of sshd that is not vulnerable to CRC attack 2. To install a trojaned version of sshd that contains a backdoor allowing remote root access, e.g. based on username. The second possibility looks more probable to me. My PLN 0.02 Regards, Krzysztof To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0111141810210.671-100000>