Re: Trojans and Trojan-scanner

From: Moe Trin (ibuprofin_at_painkiller.example.tld)
Date: 10/31/04


Date: Sun, 31 Oct 2004 16:06:59 -0600

In article <4183b37b$0$65124$c5fe704e@news6.xs4all.nl>, erik wrote:

>Bzzzzzzzzzt. Wrong answer. Trojans _are_ a big topic on linux. Have a
>look at chkrootkit and why it is so popular.

Oh, that's simple. The windoze wankers who discovered how l33t it is
to run a *nix are used to having a program to run to see how badly they
are infected. chkrootkit was written to fill that need. That the dumb
fucks could have avoided the problem in Linux, just as easily as they
could have avoided being infected in windoze is an education problem.
They don't want to learn, and actively resist clue. chkrootkit has
the same drawback that all of the windoze virus/trojan/spyware hunter
programs have - if the bad guy does even one thing differently, then
the hunter program doesn't find it - or it misidentifies things, and
the luser doesn't know what to do. But he doesn't worry, because he
has a r00tkit detector and like two crossed sticks, that will keep the
vampires away.

>Last time I heard somebody say that there environment was safe I found
>that all 70 servers were severely infected...

Windoze wanker admins trained (conditioned) by microsoft

>Bzzzzzzzt, wrong answer again. Run an updated version of chkrootkit
>regurarly. iptables will NOT stop trojans or infections on normally
>opened ports. Have a look at snort-inline to stop malicious traffic at
>your gateway. Keep the Net safe please...

Two crossed sticks _supplemented_ by a wreath of braided garlic bulbs.
Maybe also a bucket of blessed water (hey, it worked on the Wicked
Witch of the West, didn't it?) Yeah, that ought to do it.

        Old guy