Bugtraq mailing list archives

trojans on ftp sites

From: cklaus () shadow net (Christopher Klaus)
Date: Fri, 13 May 94 12:58:12 EDT


An idea that could be a possible solution for trojan files on ftp archives. 

Modify archie to do checksums for files on their sites that they are keeping
updates with. 
                                                                                  
Maybe if the checksum changes for the same file from archives from place to
place, it would indicate possible trojan.  I dont see how a cracker/intruder
could install trojans on all the ftp sites that contain that file.  I think
more people would use archie's with this feature over the old one, if they
knew they were definitely getting files that havent been tampered with. 

I do not know who is updating and working on archie, but maybe this can be
forwarded to them for adding to their Todo list. 



-- 
Christopher William Klaus  <cklaus () shadow net>  <iss () shadow net>
Internet Security Systems, Inc.   
2209 Summit Place Drive,Dunwoody 
GA 30350-2430. (404)998-5871.

Current thread:

Re: [8lgm]-Advisory-7.UNIX.passwd.11-May-1994 Howie Kaye (May 13)
- Re: [8lgm]-Advisory-7.UNIX.passwd.11-May-1994 Casper Dik (May 13)
- trojans on ftp sites Christopher Klaus (May 13)
- Re: [8lgm]-Advisory-7.UNIX.passwd.11-May-1994 John Hawkinson (May 13)
- <Possible follow-ups>
- Re: [8lgm]-Advisory-7.UNIX.passwd.11-May-1994 Gene Spafford (May 15)