that internet security scanner
smb at research.att.com
smb at research.att.com
Fri Oct 8 04:59:24 PDT 1993
anyone actually seen that thing? (to refresh: CERT posted some warning
about a security scanner for Internet systems that might be the evil
work of themthere hackers so you just better delete it, etc etc.)
CERT isn't that stupid. What they said was that ISS has been posted,
and that it was likely that some folks would try to use it to break
into various systems. Do you disagree with that statement? They also
said that you should consider running it yourself, so that you can
close the holes first. They even gave the pointer to the directory on
UUNET where it's stored. What good would it possibly do to delete it
on your own machine, when many thousands of other machines around the
world have copies? Again -- CERT isn't stupid.
--Steve Bellovin
More information about the Testlist
mailing list