ISS: Unsecured Server Raises Trojan Concerns from Honeypot Approach

Nick submits ISS intentionally offered students the chance to download software designed to "Prevent your computer from contributing to the spread of worms/trojans to other computer systems" from a server left purposely unsecured, on which any software offered for . . . This email address is being protected from spambots. You need JavaScript enabled to view it. submits ISS intentionally offered students the chance to download software designed to "Prevent your computer from contributing to the spread of worms/trojans to other computer systems" from a server left purposely unsecured, on which any software offered for download could have itself been trojaned? That is unless you believe the other possible explanation - the server was not actually a honeypot, well at least not until it was hacked on the 5th of March. A statement given to ZDNet's correspondent Patric Grey, by an ISS spokeswomen initially downplayed the attack "pointing out that no customer data was stored on the target machine", and that "It's [the defaced web-server] not connected to our [main] servers here in the U.S." failing to mention the servers role as a honeypot.

The link for this article located at rootsecure is no longer available.