Re: [Full-Disclosure] The 'good worm' from HP

[stephane nasdrovisky <stephane.nasdrovisky@xxxxxxxxxxxxx>]

The Central Scroutinizer wrote:

> Would it not be better to have a standard secure backdoor provided by 
> a security package that could downloaded or installed by disk and 
> works hand in hand with port scanning software, if this is really 
> necassary. I am supprised Microsoft have not released such a peice of 
> software; maybe a third party have.

There is a known backdoor on every modern system: the 
administrator/root/whatever account.
Systeminternals(and others) have a tool which allows remote execution on 
windows nt/2k/xp (*)... could be a solution (we used it to install ie 6 
and thunderbird x.y.z), ssh or even rsh exists for most unix variants.
We once used symantec's av remote management console (named: ???, the 
current version is not smart enough for this) to install things like 
netscape browser and making sure some registry & files were as we 
wanted...it's again a windows nt/2k/xp 'feature', for unixes, ssh or rsh 
(or is it rexec ?) are still available.
*: one such a tool adds a scheduled task and make sure the task 
scheduler is running.

> > Even if it is a controlled worm that moves around in the internal
> > network patching computers, it sounds like a very stupid idea.
>
> I hope it is a bad choice of words. He is a VP, should I say more?


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html