LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for February 16, 2012

Book review: Open Advice

Linux support for ARM big.LITTLE

LWN.net Weekly Edition for February 9, 2012

XBMC 11 "Eden"

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Security tools considered harmful

Security tools considered harmful

Posted Feb 16, 2006 4:04 UTC (Thu) by xoddam (subscriber, #2322)
In reply to: Cracking Passwords with John the Ripper by primorec
Parent article: Cracking Passwords with John the Ripper

It's not you, it's your virus-scanning ftp proxy. Someone thinks
security tools are bad for you. Do you have the same problem when you
use http instead? If not, or if you can simply use ftp without the
proxy, fine. If you can't go around it (your firewall blocks or diverts
all outgoing ftp transactions), you'll have to bring it in from
elsewhere.

(Log in to post comments)

Security tools considered harmful

Posted Feb 16, 2006 4:41 UTC (Thu) by primorec (guest, #2740) [Link]

It's not you, it's your virus-scanning ftp proxy.

Very likely.. yes... I was behind the company firewall (and all other thingies)

Someone thinks security tools are bad for you.

;-)

Do you have the same problem when you use http instead?

yes

If not, or if you can simply use ftp without the
proxy, fine. If you can't go around it (your firewall blocks or diverts
all outgoing ftp transactions), you'll have to bring it in from
elsewhere.

You were righ! I've DL the file at home without a problem.

Thanks for the hint

Security tools considered harmful

Posted Feb 16, 2006 11:42 UTC (Thu) by nix (subscriber, #2304) [Link]

It's a nice example of how the word 'virus' is being bleached of any useful meaning, too. I can't see *any* definition of 'virus' which would include john (or libcrack, say); they're not malware at all.

If 'virus' equals 'security tool', then antivirus products are viruses! :)

Security tools considered harmful

Posted Feb 16, 2006 13:13 UTC (Thu) by The_Flatlander (guest, #19245) [Link]

>> I can't see *any* definition of 'virus' which would include john (or libcrack, say); they're not malware at all. <<

I agree with you, but it is possible that a copy of of John could turn a small security lapse into a large one quite rapidly, so other than your sysadmins, you probably don't want anyone else having a copy of that. Moreover, if the anti-virus tool were scanning the stream, rather than just blocking the site, it seems quite likely, (to the point of certainty), that some actual trojans or other malware programs contain some of the same routines. (It isn't a great leap to figure that malware writers might have mis-appropriated such code to their own nefarious purposes.)

The Flatlander

Security tools considered harmful

Posted Feb 16, 2006 23:33 UTC (Thu) by xorbe (subscriber, #3165) [Link]

And we all know that someone that knows how to download JohnTR and compile it and use it successfully, will be completely stumped by a proxy filter...

Security tools considered harmful

Posted Feb 18, 2006 19:39 UTC (Sat) by erwbgy (subscriber, #4104) [Link]

Indeed. Adding a few question marks on to the end of the URL often fools
them.

Copyright © 2012, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds