Security Incidents mailing list archives
ADMROCKS
From: chris () NS2 CO UK (McNab, Chris)
Date: Mon, 3 Jan 2000 16:20:01 +0000
Hi, I just got on the Incidents list today and saw this fuss about ADMROCKS.. heh. ADMROCKS is a directory created by t666.c when it breaks chroot. It's been public for some time, available from ADM, I've attached it here. It's all in the shellcode (0x41,0x44,0x4d,0x52,0x4f,0x43,0x4b,0x53 == ADMROCKS). This is all old news. Upgrade your BIND and remember to restart it! Chris McNab Network Security Analyst <HR NOSHADE> <UL> <LI>application/x-unknown-content-type-c_auto_file attachment: t666.c </UL>
Current thread:
- Re: traceroute ICMP packets, (continued)
- Re: traceroute ICMP packets M J (Jan 04)
- Re: traceroute ICMP packets Larry Canup (Jan 18)
- Re: ICMP time exceed in-transit packets Dave Dittrich (Jan 01)
- Re: ICMP time exceed in-transit packets Paul Cardon (Jan 02)
- Y2K bug in Shadow IDS Patrick Oonk (Jan 02)
- Port Scan on 371... M. Edward Wilborne III (Jan 02)
- Re: Port Scan on 371... Etaoin Shrdlu (Jan 02)
- Re: Port Scan on 371... Christopher Wilson (Jan 02)
- correlation between porscans and local activity Thomas Molina (Jan 02)
- Re: correlation between porscans and local activity Sean Sosik-Hamor (Jan 03)
- ADMROCKS McNab, Chris (Jan 03)
- R: correlation between porscans and local activity Raistlin (Jan 04)
- Re: R: correlation between porscans and local activity Michael Babcock (Jan 12)
- Re: correlation between porscans and local activity R a v e N (Jan 04)