Security News > 2003 > September > Re: Intrusion detection team denies Trojan claim
Forwarded from: Kurt Seifried If you are worried about back doors in Snort: Snort is OpenSource. Snort source archives going back several years (at multiple locations) are available as well as vendor supplied packages/etc containing the original source code in signed packages (such as source rpm's) Snort CVS logs are available at public archives of mailing lists/etc. Using diff and CVS logs to look for strange changes is not hard (time consuming, but not hard). Auditing the current code is also possible, probably harder then reading just the diffs, but certainly within the realm of possibility. Kurt Seifried, kurt () seifried org A15B BEE5 B391 B9AD B0EF AEB0 AD63 0B4E AD56 E574 http://seifried.org/security/ - ISN is currently hosted by Attrition.org To unsubscribe email majordomo () attrition org with 'unsubscribe isn' in the BODY of the mail.