Eggheads: vulnerability

Derek Kuliñski takeda at eggheads.w.pl
Wed Dec 14 17:42:43 CST 2005 

Hello David,

Wednesday, December 14, 2005, 8:01:22 AM, you wrote:

>> As far as I know it only shares the name...
> What its done is attempt to use the good name of Eggdrop to further
> its own eveil purposes. That thing is a back door. Eggdrop is
> categorically NOT any kind of back door. Its in our FAQ.

Yes, I know it, you know it, and everyone on this list (I hope) know
it. But other people think it's a trojan. And I believe we're
powerless to do much about that :(((

>> You forgetting that this is a trojan, even if it's bassed on winegg
>> it's violating many other things (including DMCA).
> From the Windrop FAQ "There is very little difference between the code
> or the operation of Eggdrops and Windrops!"

I'm not sure if you know that. But indeed windrop is a name that is
often used for eggdrop that was compiled under windows (using cygwin
tools).

But the trojan is called WinEggDrop.

> So what ever they've done, steal the code or just steal the
> name/identity and good will the name eggdrop should have generated,
> the besmirching of the Eggdrop name needs to stop.

I think they only steal the name... I wonder if it was on purpose or
coincident...

>> Hehe, but do you know who is it's author? :)))
> Even a nick or alias is a start ... and aren't the FBI also looking
> for these people/persons? I also saw a reference to China somewhere in
> reading about this thing as well.

I doubt FBI is carrying about this much. Perhaps only if some US
company would get some loses because their computer were trojaned. But
even after that they would probably go after person ho infected those
computers not after author of that program...

>> I don't think this makes any difference... If somebody knows eggdrop
>> well enough to know about www.eggheads.org then already knows that
>> eggdrop isn't a hacking tool
> Its not the people who know us I'm worried about, its the ones who do
> not. The moment you say bot to some of these IT professionals (mostly
> Windows trained) they instantly think virus, evil, nothing good done
> with it and eggdrop is automatically dumped into this category in
> their mind. I have nearly gotten into some heated arguments on the
> subject of eggdrop and the difference between the nasty trojan type
> bot and eggdrop. I sat in one Windows Administration class at a
> university where the professor said categorically that eggdrop was a
> trojan.

Yes, that's true I'm even little afraid to tell others that I'm an
eggdrop contributor...

>> Maybe we should notify antivirus firms to ask them to call this
>> product differently? Although I belive they still would put that name
>> in the list of aliases...
> It may have to remain as an alias but there should also have a duty to
>  publish a disclaimer  differentiating it from the legitimate eggdrop
> irc bot which is entirely benign and meant for useful purposes.

Perhaps someone that is heading eggheads.org (guppy?) should do
that...

> If the Anti-virus people don't have a *nix background and/or know irc
> well, they may not even know what eggdrop is. I talk to many people
> who use irc quite regualarly who have no idea what eggdrop is and live
> in the deluded world where Kahled Mardam Bey created mIRC ... meaning
> IRC itself.
> It seems to be a belief system all of its own and difficult to dispell
> the dellusion that there is only mIRC.

Yeah, I even heard about mIRC network =)))

-- 
Best regards,
 Derek                            mailto:takeda at eggheads.w.pl
CCNA, SCSA, SCNA, LPIC, MCP certified
http://www.takeda.tk

-- (A)bort, (R)etry, (T)ake down entire network?

More information about the Eggheads mailing list