Executive Summary of The-Binary


Friday, May 31, 2002
Christopher Gragsone <chris.gragsone@eds.com>


What is the-binary?

The-binary is a relay, passing information from an attacker to a third party. The-binary renames its process name to [mingetty] and uses ip protocols other than tcp, udp, or icmp, to avoid detection.



Who can run this binary?

The-binary needs priveledged access in order to connect to the network. This would require a system administrator, or an attacker to compromise and/or esculate to priveledged access to execute the binary.



What is the impact of this binary?
This binary does not modify files, disrupt services, gain privledges, or disclouse information of Honeynet Univerty or third party systems.