bjork@NISC.SRI.COM (Steve Bjork) (09/26/90)
In the cshell world, type the control z. If you suspend the hacker's program, you of course know it's a trojan. Make sure you know whose account it is (whoami). In general, start every login sequence with your system's "abort program" command. This might catch something fishy someday. Argh, how I'd hate to have to be so paranoid in my life. This is equivalent to "shoot first, ask questions later." Sigh. --Steven
I.G.Batten@fulcrum.bt.co.uk (Ian G Batten) (09/26/90)
bjork@NISC.SRI.COM (Steve Bjork) writes: > In the cshell world, type the control z. If you suspend the hacker's > In general, start every login sequence with your system's "abort program" Bzzt! Thanks for playing! Any login simulator will trap all those events. ian
subbarao@phoenix.Princeton.EDU (Kartik Subbarao) (09/26/90)
In article <21456@fs2.NISC.SRI.COM> bjork@NISC.SRI.COM (Steve Bjork) writes: > >In the cshell world, type the control z. If you suspend the hacker's >program, you of course know it's a trojan. Make sure you know whose >account it is (whoami). > And you don't think that the "hacker" in question is smart enough to exec his program? >In general, start every login sequence with your system's "abort program" >command. This might catch something fishy someday. >Argh, how I'd hate to have to be so paranoid in my life. >This is equivalent to "shoot first, ask questions later." Well - not exactly "shoot" first, but sort of like -- "let me call you back to make sure you are REALLY who you are"...but anyway, I agree that it would be really sad if a person would have to do such a thing all the time. >Sigh. Likewise. -Kartik (I need a new .signature -- any suggestions?) subbarao@{phoenix or gauguin}.Princeton.EDU -|Internet kartik@silvertone.Princeton.EDU (NeXT mail) -| subbarao@PUCC.BITNET - Bitnet
guy@auspex.auspex.com (Guy Harris) (09/27/90)
>In the cshell world, type the control z. If you suspend the hacker's >program, you of course know it's a trojan. Assuming the trojan-horse writer doesn't know how to get around this problem, of course....