Re: slapper countermeasures

To: debian-security@lists.debian.org
Subject: Re: slapper countermeasures
From: Jean Christophe ANDRÃ? <jean-christophe.andre@auf.org>
Date: Wed, 18 Sep 2002 02:43:36 +0700
Message-id: <[🔎] 20020917194336.GB23576@virus.home>
In-reply-to: <[🔎] 3D877FA4.81324766@mesos.de>
References: <[🔎] 3D8775CF.70200@dylanic.de> <[🔎] 3D877FA4.81324766@mesos.de>

Ralf Dreibrodt écrivait :
> you want to use a backdoor to get access a server, on which you are not
> allowed to get access. after that you want to modify the server (killing
> processes, deleting files) and you use the server without permission (for
> sending mail).
> 
> well, IANAL, but you should ask a lawyer before doing stuff like this.
> i already made some bad hedrivings a few years ago with something like
> this...

You may note that the server administrator will have *a lot* of difficulties
to find you since commands will not come directly from your "virus cleaner
machine" but from any one of the other machines in the whole pool of
infected ones...

Another idea is to install a honey-pot with an old openssl and a modified
and precompiled "/tmp/.bugtraq" that would catch the pool of infected
machines from the one trying to install itself on yours, and then send
direct e-mail to them, one by one... Not as good as the virus-against-virus
one but it should be safe against the laws!

J.C.

Reply to:

References:
- slapper countermeasures
  - From: Michael Renzmann <mrenzmann@dylanic.de>
- Re: slapper countermeasures
  - From: Ralf Dreibrodt <rd@mesos.de>

Prev by Date: Re: slapper countermeasures
Next by Date: Re: slapper countermeasures
Previous by thread: Re: slapper countermeasures
Next by thread: Re: slapper countermeasures
Index(es):
- Date
- Thread