Date: Thu, 7 Dec 2000 17:41:10 +0200 (IST) From: Roman Shterenzon <roman@xpert.com> To: Marc Rassbach <marc@milestonerdl.com> Cc: <freebsd-security@FreeBSD.ORG> Subject: Re: Move along, nothing to see here. Re: Important!! Vulnerabili ty in standard ftpd Message-ID: <Pine.LNX.4.30.0012071738320.14010-100000@jamus.xpert.com> In-Reply-To: <Pine.BSF.4.21.0012020856030.16738-100000@tandem.milestonerdl.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, 2 Dec 2000, Marc Rassbach wrote: > After the linux boxen were used to portscan other boxes, did I get to > scrub the BSD box :-) The Linux boxes....they were all re-installed from > scratch. They couldn't find ALL the trojans with the linux box. From > the BSD side.... make world and the script kiddies were gone. The book "Practical UNIX And Internet Security" from O'reilly describes a real case when the backdoor was implemented in the binary of the compiler; Then, the compiler produced with the backdored compiler produced a backdored /bin/login (or whatever it was) and the backdoor wasn't in source of any of the above (anymore). And, of course the /bin/login created with the backdoored compiler contained the backdoor. Clever trick, huh? --Roman Shterenzon, UNIX System Administrator and Consultant [ Xpert UNIX Systems Ltd., Herzlia, Israel. Tel: +972-9-9522361 ] To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.LNX.4.30.0012071738320.14010-100000>