PA>> I'd say it's more because trojans aren't that widespread (due to the
PA>> lack of beeing able to reproduce). They'd typically only show up on
PA>> a view systems.
KW>any given virus isn't as widespread, this is true, but they're easier
KW>for wouldbe attackers to create so that trojans in general have the
KW>potential to be a lot wider spread than they are...
That is if you place them manually (have a chance/victim for them)
KW>however, most of the people who might be interested in developing such
KW>software tend to look down their noses at "trojans" because there's no
KW>challenge in making them...
Is there a bigger challenge in creating viri ? I don't know, since I
never created a virus nor a trojan (yet ;>). But in my opinion there
should also be enough challenge in creating a _good_ trojan, that is
hiding that thing as well as possible.
PA>> to a MS system  (that is if you were able to upload it afterall) ?
PA>> Formatting your C: ? Big deal ... very satisfyieng indeed.
KW>you can do a lot more than that, assuming you know what you're doing and
KW>not limiting yourself to a batch file...
Of course you can, but destroing data is the worst thing you can do to
a DOS machine (IMHO). DOS tends (as lame95) to be installed on stand-
alone computers. They both aren't server systems. And you must admit
that servers are the best targets for trojans.
KW> But under
PA>> Unix there are the real possibilities :
PA>> - re-routing mail
KW>were you to route mail on a dos machine you'd be able to reroute with a
KW>trojan...
And that is the point ;). DOS normally doesn't do very much except giving
you a simple userinterface to the Hardware. So if a DOS system routed
mail, ok, you could re-route it (assuming you know how this routing
is done), but which DOS system does that kind of thing ? So it is quite
useless to write a DOS trojan which does anything more than destroying
data.
PA>> - locking out root
KW>even better, you can make a trojan that will cause a dos machine to
KW>simply not boot anymore (effectively the same as locking out the root
KW>user)...
I don't think so. First if you lock out root (or any other user you don't
like ;>) the system won't refuse to boot/run it just won't be konfigure-
able any longer. Second a DOS system not willing to boot any longer can
be repaired quite easily, in most cases just boot the computer from
a clean floppy and use the SYS command (otherwise reinstall the system).
Under Unix it isn't that simple (assuming you are using a PC and Linux
in the simpelest case). Many Unix systems are big (internet-)servers.
Shutting them down is quite an annoing taks (besides it hurts your
uptime ;) ). Just think of you beeing a moderate big ISP, and you would
have to shut your dial-in Server down !
PA>> - leaving backdoors to the system
KW>there are trojans that do this on dos based bbses...
Aktually I don't know many bbses running under DOS. In my area here most
sysops use OS/2. However I don't think DOS is an ideal plattform for
bbs soft. Besides I can't see any good reason, why I should need a
backdoor to any bbs. It doesn't make much sense since most bbs systems
I know are private bbses -> no big company behind them that wants to
see money for every service offered to me. And if I wanted to read
other peoples Fidomail I could just set up my system as a Fido Host,
HUB,...
PA>> - stealing data out of /home
KW>also possible on dos machines (though not practical because really
KW>valuable data tends to be stored on unix machines)...
I see you got the picture ;). The problem with DOS in this point of
view is (if you can consider it to be a problem at all ;) ) that even
if there was vital data on that machine, it would be quite difficult
to find/obtain it. Under Unix you would just order your trojan to
grab anything in a specific users home dir, but where would you find
that info on a DOS system ?
PA>> - ok, crashing the system is possible as well ;)
KW>but there are so many ways to crash a system... circular partitions,
KW>encrypting key areas of the drive (or overwriting them), corrupting
KW>cmos, diddling data (eventually it'll diddle something important), and
KW>the list goes on...
I didn't say it was impossible to crash the system, but it's kind of
boring. I mean what good would it be for me if I crashed a system like
let's say sunsite ? I would accomplish nearly nothing be that (besides
perhabs the satisfaction that I actually did it). But if I was able
to install a backdoor (via a trojan) to let's say www.adults.com (or
any other ftp server) -> JACKPOT !!!
--- CrossPoint v3.02
---------------