Full Disclosure mailing list archives
Re: Devil Linux has NO irc bots onboard
From: Victor Grishchenko <gritzko () plotinka ru>
Date: Fri, 20 Oct 2006 20:47:04 +0600
Hi! Just to confirm that we found traces of the actual intrusion. There are no IRC bot in Devil Linux 1.2.10 distro. Sorry for my previous mail. It was just a coincidence of coincidences both of technical and human nature. Namely, there was an intrusion to a DL host not exposed to the internet (low-probability event) made in a short timeframe from reboot to the moment the bot was discovered (l-p event). The intrusion was made via a chain of DMZ/intranet hosts (lpe). Also, our proxy cached a zero-size page for devil-linux.org for unknown reason (lpe). There were also other low-probability events. Devil Linux is OK, we are going to use it in production after performing all the necessary exorcism procedures. Victor _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Devil Linux 1.2.10 has an IRC bot onboard Victor Grishchenko (Oct 19)
- Message not available
- Re: Devil Linux 1.2.10 has an IRC bot onboard Victor Grishchenko (Oct 20)
- Re: Devil Linux has NO irc bots onboard Victor Grishchenko (Oct 20)
- Re: Devil Linux 1.2.10 has an IRC bot onboard Victor Grishchenko (Oct 20)
- Message not available
- <Possible follow-ups>
- Re: Devil Linux 1.2.10 has an IRC bot onboard Heiko Zuerker (Oct 19)