Security Incidents mailing list archives

ADMROCKS

From: chris () NS2 CO UK (McNab, Chris)
Date: Mon, 3 Jan 2000 16:20:01 +0000


Hi,

I just got on the Incidents list today and saw this fuss about
ADMROCKS.. heh.

ADMROCKS is a directory created by t666.c when it breaks chroot. It's
been public for some time, available from ADM, I've attached it here.
It's all in the shellcode (0x41,0x44,0x4d,0x52,0x4f,0x43,0x4b,0x53 ==
ADMROCKS).

This is all old news. Upgrade your BIND and remember to restart it!

Chris McNab
Network Security Analyst

<HR NOSHADE>
<UL>
<LI>application/x-unknown-content-type-c_auto_file attachment: t666.c
</UL>

Current thread:

Re: traceroute ICMP packets, (continued)
- - - Re: traceroute ICMP packets M J (Jan 04)
    - Re: traceroute ICMP packets Larry Canup (Jan 18)
  - Re: ICMP time exceed in-transit packets Dave Dittrich (Jan 01)
    - Re: ICMP time exceed in-transit packets Paul Cardon (Jan 02)
  - Y2K bug in Shadow IDS Patrick Oonk (Jan 02)
  - Port Scan on 371... M. Edward Wilborne III (Jan 02)
    - Re: Port Scan on 371... Etaoin Shrdlu (Jan 02)
    - Re: Port Scan on 371... Christopher Wilson (Jan 02)
    - correlation between porscans and local activity Thomas Molina (Jan 02)
    - Re: correlation between porscans and local activity Sean Sosik-Hamor (Jan 03)
    - ADMROCKS McNab, Chris (Jan 03)
    - R: correlation between porscans and local activity Raistlin (Jan 04)
    - Re: R: correlation between porscans and local activity Michael Babcock (Jan 12)
    - Re: correlation between porscans and local activity R a v e N (Jan 04)