Full Disclosure mailing list archives
Rootkit
From: David Hane <dlhane () sbcglobal net>
Date: Fri, 26 Sep 2003 13:57:14 -0700
Hi all, I recently had a machine get hacked before I could finish installing all the damn remote-root exploit patches that have been released in the last week. I've done the forensics and I know how they got in and what they did but I would like to know what rootkit they used. Can anyone recommend a good scanner or info site where I can compare some of the binaries I saved (the machine has been wiped)? Also, am I the only one who is totally exhausted from trying to keep up with the last couple of week's patch frenzy? I would have had my last server patched before the attack but things like, sleep, food, and bathroom time got in the way :-) Thanks for the help, Dave _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Rootkit David Hane (Sep 26)
- RE: Rootkit Conrado Zelaya (Sep 26)
- Re: Rootkit B3r3n (Sep 26)
- Re: Rootkit David Hane (Sep 26)
- Re: Rootkit Danny Pansters (Sep 26)
- Re: Rootkit David Hane (Sep 26)
- Re: Rootkit Bruce Ediger (Sep 26)
- Re: Rootkit Paul Schmehl (Sep 26)
- Re: Rootkit Nate Hill (Sep 26)
- Re: Rootkit Soren Jacobsen (Sep 26)
- Re: Rootkit Paul Schmehl (Sep 26)
- Re: Rootkit Nate Hill (Sep 27)
(Thread continues...)