Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Linux Slapper Worm code (removal)

From: dotslash () snosoft com (KF)
Date: Tue, 17 Sep 2002 10:15:44 -0400
Ray Slakinski wrote:


Ok now that I have it, :( whats the best way to remove it....

Ray



Until someone modifys and recompiles the beast this should remove a 
default infection.

[root@frodev tmp]# fuser -n udp 2002
2002/udp:             3042
[root@frodev tmp]# ps -ef | grep 3042
root      3042     1  0 10:06 pts/1    00:00:00 .bugtraq 10.102.28.15
[root@frodev tmp]# kill -9 3042
[root@frodev tmp]# rm /tmp/.uubugtraq /tmp/.bugtraq.c /tmp/.bugtraq
-KF
Previous By Date Next
Previous By Thread Next

Current thread: