Security Incidents mailing list archives
Re: Machine compromised, rootkit and DDoS tools installed.
From: Ben Belchak <bbelchak () IBASESYSTEMS COM>
Date: Mon, 25 Sep 2000 11:48:53 -0600
The AUP/Member Conduct page for Hotmail can be found at http://lc5.law5.hotmail.passport.com/cgi-bin/dasp/hminfo_shell.asp?_lang=EN&content=nospam&id=2&ct=969903757 Sections B, D, E, and F seem particularly relevant to this type of question. On Mon, 25 Sep 2000, Incidents Mailing List wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 At 04:56 PM 9/21/00 -0500, Jeremy L. Gaddis wrote:Oh, one last bit, a file named "shitc.tgz" was found on the filesystem. I also noticed a message in sendmail's logs from root to "shitc () altavista com."Interesting. I had the displeasure of dealing with the "shitc" (??) rootkit. I'm still poking around the various bins, and i don't have a Linux box handy to test it all on, but at first glance i did not see any TFN daemons in my copy. I noticed alot of "script-kids" are getting hotmail & yahoo accounts for "reconnissance". I wonder what their AUP says about that? Regards, Chris -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 6.5.3 for non-commercial use <http://www.pgp.com> iQA/AwUBOc+0lCEx0akmf5vwEQITWgCgvdiHASOgNnvcgazoGqXluRREw4MAoIe/ yIZC6SpkaYlE7d4FIjfM6vgf =xcwW -----END PGP SIGNATURE-----
-- Ben Belchak Consultant, UNIX Systems Administration iBase Systems bbelchak () ibasesystems com ------------------------- Every Horse has an Infinite Number of Legs (proof by intimidation): Horses have an even number of legs. Behind they have two legs, and in front they have fore-legs. This makes six legs, which is certainly an odd number of legs for a horse. But the only number that is both even and odd is infinity. Therefore, horses have an infinite number of legs. Now to show this for the general case, suppose that somewhere, there is a horse that has a finite number of legs. But that is a horse of another color, and by the lemma ["All horses are the same color"], that does not exist.
Current thread:
- Machine compromised, rootkit and DDoS tools installed. Jeremy L. Gaddis (Sep 22)
- Re: Machine compromised, rootkit and DDoS tools installed. Chris Keladis (Sep 25)
- Re: Machine compromised, rootkit and DDoS tools installed. Ben Belchak (Sep 25)
- <Possible follow-ups>
- Re: Machine compromised, rootkit and DDoS tools installed. H Carvey (Sep 24)
- Re: Machine compromised, rootkit and DDoS tools installed. Jeremy L. Gaddis (Sep 24)
- Re: Machine compromised, rootkit and DDoS tools installed. Chris Keladis (Sep 25)