Well then again... if you have the source, have the capability to perform a security code audit for due diligence, and understand how to implement a standard encryption algorithm that has undergone several years of peer review (or AES :P)...
Afterall.. source to Back Orifice is available, and there is support for 3DES over tcp or udp! I say put things into perspective; no one in their right mind would simply download a trojan executable and use it to administer an enterprise environment with sensitive information (at least I hope not).. but if you got the source and the know how -- it's all fair game. ---------------------------------- John Daniele Technical Security & Intelligence Toronto, ON Voice: (416) 605-2041 Email: [EMAIL PROTECTED] Web: http://www.tsintel.com ---------------------------------- On Thu, 17 Jan 2002, Levi Pugh wrote: > First of all I would like to say thanks for all the replies. > > I agree it would be very unethical to use a Trojan to control a > network. And under no circumstances would I endanger any network with such > an idea even. As Security Professionals we have to be aware of all aspects > of Security. So with this in mind we have to take certain steps to testing > in an controlled environments. *security by obscurity* or even *security > through obscurity* is detrimental to all in the computer field. There are > certain steps that need to be followed to make security by obscurity from > software companies/writers non-existent. They maybe already in the works or > there is already a standard that's in place. > This is just my opinion and the following statement earlier was a quick > question I wanted to see other Security Professionals view points on this > subject. Also if you have any resources that you would like to share or > opinion's don't hesitate. But be considerate... > Thanks > > > Hello Fellow Subscribers, > > The Question I have is: What is your opinion on using a Trojan like > SubSeven to manage your network or even any other Remote Management type of > Program? And if you were how would you go about and testing the Prog for > Backdoors. And also could you suggest any remote management Software that > you have found useful and free is the key word here. > > > > Levi M Pugh > PC TECH III > Fortune 800, Inc > 5200 Golden Foothill Parkway > EL Dorado Hills, CA 95762 > (916)605-0185 > www.Fortune800.com > > >
