On Sun, 21 Jun 1998 13:43:24 +0100, Chris Burton wrote:
>
>In August (!) PCPlus
>Alan Solomon (of anti-virus fame) writes
>
>"the first generic ISP Trojan is out. If you run it, it e-mails the file on
>your hard disk that contains your ISP username & password to the person
>gleefully waiting to log on as you....
Have you actually seen the article?
I am not sure that my ISP configuration resides in any one particular
file. The password certainly lives in the windows' password list
(.pwl). The user id resides in DUN.
For a trojan to e-mail the file, it will have to get the information
from different places, compose an e-mail message, dial up if you are
off line when you opened it, connect to your SMTP server (in my case,
e.g., the SMTP server is different from my ISP's) and send the message
to someone who is not in your address book. That is, of course, if
your virus check does not stop it in the process. Tall order I would've
thought but I could be wrong. I need to be convinced of the mechanism
first :-)
Ahmad
________________________________________
Dr Ahmad Risk
http://mednetics.org
home: +44 1273 748198
work: +44 1737 240022
fax: +44 1737 244660
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
|