[etni] Re: Trojan Horses, etc.

• From: ask@xxxxxxxx
• To: etni@xxxxxxxxxxxxx
• Date: Mon, 30 May 2005 11:55:46 -0700

**** ETNI archives - www.freelists.org/archives/etni/ ****


Jimmy wrote:
> 1. Can Trojan Horses be passed to 
> a local computer via a Web-based 
> email program (e.g., Yahoo)?

Yes, although not as easily as through Outlook Express. 
If you receive a message  written in rich text/html -> html code which
installs the trojan horse can be hidden in the email message. In
Outlook Express, if you have not updated the security patches for your
program through the Microsoft web site, this code can activate itself.
Through web mail, you will usually have to click on some link in the
email message in order to activate it.
 
> 2. Can Trojan Horses be passed to a local 
> computer via a LISTSERV or majordomo?

Yes, if the proper precautions are not taken by the list managers. In
order to remove - as much as possible - any danger of trojan horses
being passed through list mail, only "plain text" messages (and no
attached files) should be allowed to come through to the list. This is
the case with ETNI mail - and that is why all specially formatted text
is stripped away from messages to the list.

> 3. According to the experts on TV, there's 
> not much that an average user can do about 
> protecting against Trojan Horses. Is this really 
> true or do we have to wait until the Good-Guys 
> catch up with the Bad-Guys in Cyberspace?

Unless a hacker has a real reason to specifically target your computer,
they will usually infect those computers which contain the most obvious
security holes. Thus, the harder you make it for someone to install a
trojan horse on your system, the greater the chance that you won't be
infected. But - as past evidence has shown - if someone really wants to
break into your system, they will find a way to do it. And I am not
talking just about the average user - this includes companies,
institutions, etc.

I was once given valuable advice by a security expert in the early
nineties - when I first started fighting hackers - advice that is still
very relevant today:
 
"It is not a question as to whether or not somebody will break into your
system - it is a question of whether you can recognize the signs once
they are inside, then block them and get rid of them."

David


#####  To send a message to the ETNI list email: etni@xxxxxxxxxxxxx   #####
#####  Send queries and questions to: ask@xxxxxxxx    #####

• » Related posts
• » Previous by Date
• » Next by Date
• » This Month's Archive
• » Main Archive Page

• » View list details
• » Manage your subscription