Security Basics mailing list archives
RE: Why attacker install irc after hacking?
From: "Goran Pizent" <goran.pizent () ekobit hr>
Date: Fri, 21 Apr 2006 09:05:07 +0200
After they (intruders) install their tools (Trojans, Rootkits etc) on hacked box, then the usual way to create a Botnet (where your hacked box is just one in thousands) is through IRC. Every Bot notifies its Master of its existance through password protected IRC channel. On the same IRC channel every bot recieves its orders, e.g. Distributed Denial of Service Attack on victim, or execute any kind of attack through owned box/boxes. Goran -----Original Message----- From: Monty Ree [mailto:chulmin2 () hotmail com] Sent: Thursday, April 20, 2006 6:56 AM To: security-basics () securityfocus com Subject: Why attacker install irc after hacking? Hello, all. I have operated linux server for a long time. and I have found that some irc(psybnc etc) related program was installed after scan or hacking. I can't understand Why attackers installed and executed irc program? Why attackers use irc after hacking? Just chatting is not...I guess.. Thanks in advance. _________________________________________________________________ 전세계인이 함께하는 웹 메일 서비스인 MSN Hotmail을 만나 보세요. http://loginnet.passport.com/login.srf?id=2&svc=mail&cbid=24325&msppjph=1&lc =1042 ------------------------------------------------------------------------- This List Sponsored by: Webroot Don't leave your confidential company and customer records un-protected. Try Webroot's Spy Sweeper Enterprise(TM) for 30 days for FREE with no obligation. See why so many companies trust Spy Sweeper Enterprise to eradicate spyware from their networks. FREE 30-Day Trial of Spy Sweeper Enterprise http://www.webroot.com/forms/enterprise_lead.php -------------------------------------------------------------------------- ------------------------------------------------------------------------- This List Sponsored by: Webroot Don't leave your confidential company and customer records un-protected. Try Webroot's Spy Sweeper Enterprise(TM) for 30 days for FREE with no obligation. See why so many companies trust Spy Sweeper Enterprise to eradicate spyware from their networks. FREE 30-Day Trial of Spy Sweeper Enterprise http://www.webroot.com/forms/enterprise_lead.php --------------------------------------------------------------------------
Current thread:
- Re: Why attacker install irc after hacking?, (continued)
- Re: Why attacker install irc after hacking? Mario Platt (Apr 21)
- Re: Why attacker install irc after hacking? Frynge Customer Support (Apr 24)
- Re: Why attacker install irc after hacking? Mario Platt (Apr 21)
- Re: Why attacker install irc after hacking? Gregory Boyce (Apr 21)
- Re: Why attacker install irc after hacking? Brian Beck (Apr 21)
- Re: Why attacker install irc after hacking? Philippe De Ryck (Apr 21)
- RE: Why attacker install irc after hacking? Network Security (Apr 21)
- Message not available
- Fwd: Why attacker install irc after hacking? Ben Alexander (Apr 21)
- Re: Why attacker install irc after hacking? Michal Mlotek (Apr 21)
- RE: Why attacker install irc after hacking? Murad Talukdar (Apr 21)
- Re: Why attacker install irc after hacking? KarMax (Apr 21)
- RE: Why attacker install irc after hacking? Goran Pizent (Apr 21)
- Re: Why attacker install irc after hacking? xun dong (Apr 21)
- Re: Why attacker install irc after hacking? kalpin (Apr 24)
- Re: Why attacker install irc after hacking? jacco (Apr 21)
- Re: Re: Why attacker install irc after hacking? oldgrue (Apr 21)
- RE: Why attacker install irc after hacking? Jordan.Dallas (Apr 21)