Security Incidents mailing list archives
Re: AMDROCKS
From: aflores () PCR RECIFE PE GOV BR (Alejandro)
Date: Fri, 26 May 2000 09:06:09 -0300
Hi, Recently I discovered a folder called ADMROCKS located on my server inside /var/named, and I can't figure it out, how it was made, if I was hacked, or if my machine is compromissed... Other strange thing was that I discovered a line on /etc/inetd.conf invoking an interactive shell owned by root. Im using linux redhat 6.1. Thanks a lot, Alejandro
Hi, I have a Cobalt RaQ3 that some jerk messed up with AMDROCKS. Can anyone tell me about it? Has Cobalt done anything about this security weakness? Thanks, Jim
Current thread:
- Re: Attacks on port 25, (continued)
- Re: Attacks on port 25 RayW (May 29)
- invalid icmp in linux? Eric LeBlanc (May 27)
- Re: invalid icmp in linux? Jose Nazario (May 28)
- weird scan pattern Joe H (May 28)
- Re: weird scan pattern Russell Fulton (May 29)
- IDS: Scan of the week Lance Spitzner (May 30)
- 5 scans of 12345 in a couple of hours. AUSCERT#36349 Russell Fulton (May 31)
- Taiwan server compromise Claudiu Costin (May 26)
- Re: Taiwan server compromise Vortex (May 26)
- port 44767 activity Nathan Fain (May 28)
- Re: AMDROCKS Alejandro (May 26)
- Re: AMDROCKS J. S. Townsley (May 26)
- Re: AMDROCKS Lance Spitzner (May 26)
- Re: AMDROCKS Matthew F. Caldwell (May 26)
- CERT's Handbook for Computer Security Incident Response Teams (CSIRTs) Elias Levy (May 26)