Ethical Hacking Training at InfoSec Institute

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Computer Forensics Computer-Forensics
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Ever seen a dead-man switch?

from [Skip Carter] Network Security [Permanent Link]
Subject: Re: Ever seen a dead-man switch?
Date: Tue, 19 Oct 2004 08:24:39 -0700 


Out of curiosity, has anyone *ever* seen one (a dead man switch) in the
field?  I know its something that can be done, and a risk, but I can't
say I've ever heard a report of finding one.  Just curious.  Seems like
every time your DSL or cable modem flaked out, your hard drive would get
formatted :)  Considering my local service, that would mean a lot of OS
re-installs.


Yes, I encountered one on a compromised unix server that I was asked to
investigate.  A normal shutdown would have wiped the system (the real
shutdown program was trojaned so that it would run an external program
that did the work).



Skip


-- 
 Dr. Everett (Skip) Carter      Phone: 831-641-0645 FAX:  831-641-0647
 Taygeta Scientific Inc.        INTERNET: skip@taygeta.com
 1340 Munras Ave., Suite 314    WWW: http://www.taygeta.com
 Monterey, CA. 93940            














-----------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com
[More with this subject...]


<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Ever seen a dead-man switch?, Erik Fichtner
Next by Date:  Re: Ever seen a dead-man switch?, Stephen J. Smoogen
Previous by Thread:  Ever seen a dead-man switch?, Lachniet, Mark
Next by Thread:  Re: Ever seen a dead-man switch?, Stephen J. Smoogen
Indexes:  [Date] [Thread] [Top] [All Lists]