Re: eri?

[admin () SUPERDUPS COM (Bill Gilpatric)]

> While doing a postmortem analysis of a compromised non-root account
> on a linux machine, we found a program named "eri" in the accounting
> logs.  It appeared immediately after gcc was run, so I assume it was
> a compiled program.  Of course, "eri" could have been named at the
> cracker's whim, but I am wondering if it is a known cracking tool.
> Has anyone ever heard of it?
I havent. It would be a lot easier to identify it if you posted the
output of running strings on it.

-Bill