Subject: | |
From: | |
Reply To: | |
Date: | Wed, 20 Jan 1999 17:11:16 -0500 |
Content-Type: | text/plain |
Parts/Attachments: |
|
|
dirk manion hoag wrote:
>
> If you're talking about a PC simultaneously having connections to the
> internet and the HP3000, then yes, it is theoretically possible to
> have an attack get through. There are hacks out there wherein one
> PC basically "takes over" another via the internet, so from there,
> it could affect the HP.
If you mean "takes over" the established connection, that you be at
least in the same subnet as the user or host, if not outrightly sharing
the same media. This can be done with ICMP redirects and a little
suitable other work. Otherwise you'd it would only be possible "along
the way". On some routers/hosts you can have redirects configured to
be ignored which is a little safer, but can cause trouble if you really
have multiple gateways/paths.
> The case I'm thinking of involves a file downloaded by the victim (in
> the guise of a screen saver, say), but the possibity does exist.
Something you download and execute/launch can most certainly do this!
There was an exploit late last year called Net-(something or another)
which created a nearly-invisible background process, one of those that
only appears in Task Manager but not anywhere else. It was a
PC-Anywhere type trojan - the attacker could then connect to the vitim
machine and either watch the screen/keystrokes or actually gain control
of it. A local community college started discovering these things on
their student lab machines - attacker installs the exploit, then goes to
another machine and waits for the next victim.
But this is just one case. The possibilities are endless when you
download/browse/receive untrusted code/attachments and execute it/launch
the associated application.
Jeff Kell <[log in to unmask]>
|
|
|