| TIP: Click on subject to list as thread! | ANSI |
| echo: | |
|---|---|
| to: | |
| from: | |
| date: | |
| subject: | Re: Trojan 55808 |
From: "Syscotek"
Gee Rich...he posted this in linuxhelp. I didn't mis-read the
"windows" reference in the article and I doubt that anyone who
frequents this newsgroup did either (well...maybe the one person who I've
kill-filed).
(BTW, I wish you'd turn off the HTML in your news reader and avoid the
excessive quotebacks in your msgs - but feel free to ignore my wishes).
Cheers!
"Rich" wrote in message news:3ef32ec1{at}w3.nls.net...
You forgot to include the following from the article
The Trojan currently attacks Linux-based systems, Ingevaldson says, but it
could easily be ported to other operating-system platforms. Many businesses
use Linux as the operating system for their Web servers.
Note the error in the reference to "its Windows size". This is
the TCP window size and nothing to do with Windows. See
http://www.gcn.com/vol1_no1/daily-updates/22371-1.html.
Rich
"Joe Barr" wrote in message
news:pan.2003.06.20.15.30.25.997885{at}austin.rr.com...
http://www.informationweek.com/story/showArticle.jhtml?articleID=10700645
There's a new security threat out on the Internet, but it's not clear how
much of a threat it really is. Security researchers at Internet Security
Systems say they've captured the code for a sneaky new Trojan application
that has installed itself on an unknown number of Internet-connected
servers and is attempting to scan and map networks connected to the
Internet and send that information back to its controller.
Dan Ingevaldson, team leader for Internet Security Systems' X-Force R&D
unit, says researchers are studying the Trojan--currently dubbed 55808 for
its Windows size--which has been causing confusion for about a month in
security circles. Security experts managed to capture their first copy of
the Trojan on Wednesday, and they're still working to determine exactly
what the Trojan is trying to accomplish.
One thing is clear: Trojan 55808 is sneakier than previous Trojan horses.
It doesn't self-propagate, like a virus or a worm, and requires the
attacker to plant it on systems. But it does transmit a lot of network
noise designed to throw off cybersleuths attempting to find the IP
addresses of infected systems, as well as the address of the Trojan's
writer or controller.
--
--- BBBS/NT v4.01 Flag-4
* Origin: Barktopia BBS Site http://HarborWebs.com:8081 (1:379/45)SEEN-BY: 633/267 270 @PATH: 379/45 1 106/1 2000 633/267 |
|
| SOURCE: echomail via fidonet.ozzmosis.com | |
Email questions or comments to sysop@ipingthereforeiam.com
All parts of this website painstakingly hand-crafted in the U.S.A.!
IPTIA BBS/MUD/Terminal/Game Server List, © 2025 IPTIA Consulting™.