Full Disclosure mailing list archives
Re: Devil Linux has NO irc bots onboard
From: Victor Grishchenko <gritzko () plotinka ru>
Date: Fri, 20 Oct 2006 20:47:04 +0600
Hi!
Just to confirm that we found traces of the actual intrusion. There
are no IRC bot in Devil Linux 1.2.10 distro. Sorry for my previous
mail. It was just a coincidence of coincidences both of technical and
human nature.
Namely, there was an intrusion to a DL host not exposed to the
internet (low-probability event) made in a short timeframe from
reboot to the moment the bot was discovered (l-p event). The
intrusion was made via a chain of DMZ/intranet hosts (lpe). Also, our
proxy cached a zero-size page for devil-linux.org for unknown reason
(lpe). There were also other low-probability events.
Devil Linux is OK, we are going to use it in production after
performing all the necessary exorcism procedures.
Victor
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Devil Linux 1.2.10 has an IRC bot onboard Victor Grishchenko (Oct 19)
- Message not available
- Re: Devil Linux 1.2.10 has an IRC bot onboard Victor Grishchenko (Oct 20)
- Re: Devil Linux has NO irc bots onboard Victor Grishchenko (Oct 20)
- Re: Devil Linux 1.2.10 has an IRC bot onboard Victor Grishchenko (Oct 20)
- Message not available
- <Possible follow-ups>
- Re: Devil Linux 1.2.10 has an IRC bot onboard Heiko Zuerker (Oct 19)