| |||||||||||||
|
| |||||||||||||
Security tools considered harmfulSecurity tools considered harmfulPosted Feb 16, 2006 13:13 UTC (Thu) by The_Flatlander (guest, #19245)In reply to: Security tools considered harmful by nix Parent article: Cracking Passwords with John the Ripper
>> I can't see *any* definition of 'virus' which would include john (or libcrack, say); they're not malware at all. <<
I agree with you, but it is possible that a copy of of John could turn a small security lapse into a large one quite rapidly, so other than your sysadmins, you probably don't want anyone else having a copy of that. Moreover, if the anti-virus tool were scanning the stream, rather than just blocking the site, it seems quite likely, (to the point of certainty), that some actual trojans or other malware programs contain some of the same routines. (It isn't a great leap to figure that malware writers might have mis-appropriated such code to their own nefarious purposes.)
The Flatlander
(Log in to post comments)
Security tools considered harmful Posted Feb 16, 2006 23:33 UTC (Thu) by xorbe (subscriber, #3165) [Link] And we all know that someone that knows how to download JohnTR and compile it and use it successfully, will be completely stumped by a proxy filter...
Security tools considered harmful Posted Feb 18, 2006 19:39 UTC (Sat) by erwbgy (subscriber, #4104) [Link] Indeed. Adding a few question marks on to the end of the URL often foolsthem.
|
|
||||||||||||