Worm bait?

Jeff Kinz jkinz at kinz.org
Wed Aug 20 11:40:46 EDT 2003 

On Wed, Aug 20, 2003 at 10:55:04AM -0400, J. Hunter Heinlen wrote:
> > None of the specifics you give here conflict with the general definition
> > I gave above.  In fact your first line is a simple re-statement of
> > exactly what I said. Your merely describe more of what "might" be done by a
> > trojan or how a trojan might be created.  Backdoors are another function
> > frequently generated by worms/virii.
> 
> Your definition implied that a trojan horse must also be a virus or worm.
> I do not believe that is correct. 

You're right.  My bad - I did not mean to imply that a trojan has to
be either a worm or a virus.  I was guilty of letting the previous train
of discussion (worms and virii) drive my thinking. Just the kind of
thing I was warning others not to do! :-)  (Mine behind hast been bit by
mine own verbiage! oucheth... :-) )

> Both viruses and worms try to propagate
> themselves, trojans do not have to.  I also do not believe that they require
> an attempt at escalating privileged, as others have claimed, or that
> they necessarily are trying to trick privileged users.  
> 
> > When/if that happens, malware producers will return to
> > using the more subtle methods pioneered for attacks on UNIX-Like systems,
> 
> I do not think malware developers that can use such techniques ever stopped.
> Those that can (not) or will not learn (or, at least, haven't yet) to use such
> techniques develop email and macro malware.  And each step down the IQ
> food chain in an order of magnitude larger....

Yes..  too true.  I guess the question then is how soon (if ever) will 
Outlook style vulnerabilities become so few that scripts are published
to attack in more sophisticated fashions? 

If I may:
Derek's Law "As long as Outlook is used on the internet, We will all be
adversely affected by virii."  

Can anyone re-write this in a more elegant, less awkward way? (please!)

(If it's not Derek's Law It was at least inspired by his comments so he
should get credit for it)

-- 
Jeff Kinz, Open-PC, Emergent Research,  Hudson, MA.  jkinz at kinz.org
copyright 2003.  Use is restricted. Any use is an 
acceptance of the offer at http://www.kinz.org/policy.html.
Don't forget to change your password often.

More information about the Discuss mailing list