|
<<
^
>>
Date: 1999-03-03
Netbus-Kontroverse: Waffe oder Tool?
-.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.-
q/depesche 99.3.3/3
Netbus-Kontroverse: Waffe oder Tool?
Was ist Netbus jetzt wirklich? Ein gefährlicher Trojaner für
Nachwuchshacker oder ein nützliches Netzwerk/tool, das gut
geschrieben & unter moderaten Shareware/conditiones
erhältlich ist? Die Antivirus/community ist sich darüber gar
nicht einig.
-.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.-
Lee Kimber
03/02/99, 7:46 p.m.
....
The latest version of NetBus has split network-security
experts because its author said it was not a Trojan as it
remained visible.
But crackers reportedly rewrote it to make it invisible within
days of its launch.
Data Fellows and Sophos said their anti-virus products would
not disable the recently launched remote-control Trojan
NetBus 2 Pro because its Swedish author Carl-Fredrik
Neikter was a professional who now charged $12 for a
legitimate shareware product.
"NetBus 2.0 Pro is not detected as it is now commercial
software," according to a spokesman for Data Fellows'
European office in Finland. "NetBus 1.x up to 1.7 was
detected by anti-virus scanner F-Secure but not NetBus 2.0"
.....
NetBus lets crackers to take remote control of networked
PCs, but publicity over its spread has been eclipsed by the
Back Orifice remote-control Trojan written by hacker group
Cult of the Dead Cow.
But unlike Back Orifice, NetBus can infect Windows NT
machines and is more easily configured. And Neikter
described it himself as a "remote administration and spy
tool."
...
"It is a commercial product and it looks extremely
professionally written. You can use these products for lawful
or unlawful purposes," said Jan Hruska, Sophos technical
director.
....
But rival vendor Network Associates said it believed NetBus
was aimed at young crackers and joined with other vendors
to commit to detecting and removing the Trojan in Dr
Solomon's and McAfee anti-virus products.
"We're carrying on detecting it," said the company's anti-virus
consultant Jack Clark.
....
And asked if Symantec would update its software to detect
the Trojan, Symantec technical manager Kevin Street replied:
"Absolutely. We've already got it sorted out, so why would
we remove it?"
Full Text
http://www.networkweek.com/
relayed by
mea culpa <jericho@dimensional.com> via InfoSec News
<isn@repsec.com>
-.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.-
- -.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.-
edited by Harkank
published on: 1999-03-03
comments to office@quintessenz.at
subscribe Newsletter
- -.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.-
<<
^
>>
|
|
|
|