RE: Checking for backdoors in software products
From: Rob Shein (shoten_at_starpower.net)
Date: 06/06/03
- Previous message: Ueli Kistler: "Re: IDS CENTER QUESTION"
- In reply to: Angel Todorov: "Re: Checking for backdoors in software products"
- Next in thread: Angel Todorov: "Re: Checking for backdoors in software products"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: "'Angel Todorov'" <atodorov@acm.org>, <focus-ids@securityfocus.com> Date: Thu, 5 Jun 2003 19:53:16 -0400
Chkrootkit does nothing to detect backdoors in software; it looks for known
rootkits on unix systems, which are something entirely different. What he's
looking for are backdoor access capabilities deliberately put in place by
the authors of the software (like when id Software put that backdoor in
their Doom multiplayer server all those years ago).
> -----Original Message-----
> From: Angel Todorov [mailto:atodorov@acm.org]
> Sent: Thursday, June 05, 2003 7:44 AM
> To: focus-ids@securityfocus.com
> Subject: Re: Checking for backdoors in software products
>
>
>
> Hello Bojidar,
>
> you can use chkrootkit if that software is written for
> unix, and, if in some way it (possibly) modifies the system
> executables.
>
>
>
> On 4 Jun 2003 14:22:29 -0000
> "Bojidar Tzendov" <bojidar_tzendov@mtel.net> wrote:
>
> >
> >
> > Dear All,
> >
> > A few software companies want we to distribute their
> products abrpad.
> > Do you know a system, software or methodology for checking that
> > software products for possible backdoors?
> >
> > regards,
> > Bojidar
> >
> >
> ----------------------------------------------------------------------
> > ---------
> > INTRUSION PREVENTION: READY FOR PRIME TIME?
> >
> > IntruShield now offers unprecedented Intrusion IntelligenceTM
> > capabilities
> > - including intrusion identification, relevancy, direction,
> impact and analysis
> > - enabling a path to prevention.
> >
> > Download the latest white paper "Intrusion Prevention: Myths,
> > Challenges, and Requirements" at:
> > http://www.securityfocus.com/IntruVert-focus-ids2
> >
> --------------------------------------------------------------
> -----------------
> >
>
> --------------------------------------------------------------
> -----------------
> INTRUSION PREVENTION: READY FOR PRIME TIME?
>
> IntruShield now offers unprecedented Intrusion IntelligenceTM
> capabilities
> - including intrusion identification, relevancy, direction,
> impact and analysis
> - enabling a path to prevention.
>
> Download the latest white paper "Intrusion Prevention: Myths,
> Challenges, and Requirements" at:
> http://www.securityfocus.com/IntruVert-focus-ids2
> --------------------------------------------------------------
> -----------------
>
>
-------------------------------------------------------------------------------
INTRUSION PREVENTION: READY FOR PRIME TIME?
IntruShield now offers unprecedented Intrusion IntelligenceTM capabilities
- including intrusion identification, relevancy, direction, impact and analysis
- enabling a path to prevention.
Download the latest white paper "Intrusion Prevention: Myths, Challenges, and Requirements" at:
http://www.securityfocus.com/IntruVert-focus-ids2
-------------------------------------------------------------------------------
- Previous message: Ueli Kistler: "Re: IDS CENTER QUESTION"
- In reply to: Angel Todorov: "Re: Checking for backdoors in software products"
- Next in thread: Angel Todorov: "Re: Checking for backdoors in software products"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
