Security Incidents mailing list archives
Re: DoS Tool Identification
From: spaceork <spaceork () dhp com>
Date: Wed, 25 Feb 2004 22:22:17 -0500 (EST)
On Wed, 25 Feb 2004, Martin wrote:
Can't execve shell! /bin/sh $HOMEDIRHOMEDIR Can't fork subshell, there is no way... Can't open a tty, all in use ? /dev/null Done, pid=%d F**K: Can't fork child (%d) F**K: Can't bind udp socket (%d) F**K: Can't allocate udp socket (%d) /usr/local/apache/bin/httpd FUCK: Can't allocate raw socket (%d) using old... /usr/sbin/named BD_Init: Starting backdoor daemon... Seems like a backdoor daemon running on an UDP port.
Looks like a modified (or newer) version of backdoor.c from the Suckit
rootkit.
-interface
"They have computers, and they may have other weapons of mass destruction."
---------------------------------------------------------------------------
spaceork () dhp com
http://www.dhp.com/~spaceork
---------------------------------------------------------------------------
----------------------------------------------------------------------------
Current thread:
- DoS Tool Identification Seth Milder (Feb 25)
- Re: DoS Tool Identification Martin (Feb 25)
- Re: DoS Tool Identification spaceork (Feb 26)
- Re: DoS Tool Identification Martin (Feb 25)