Security Incidents mailing list archives
Re: A rise
From: Ryan Russell <ryan () SECURITYFOCUS COM>
Date: Sun, 18 Feb 2001 19:38:11 -0700
On Sun, 18 Feb 2001, Jeff Stutzman wrote:
I read on Friday that Ramen had been modified by adding the knark rootkit, BIND exploit, and rpc exploit to the initial code. This might explain the newfound interest in RPC scanning.
Indeed, I assume that the rise is due to a new worm, either the Ramen variant mentioned, or another one. Based on the descriptions of the Ramen worms so far, I have been expecting to be able to connect to a couple of different download/backdoor ports, and have so far been unsuccessful in finding one that matches the descriptions given. Does someone have a copy of the Ramen variant I can have? Ryan
Current thread:
- A rise John (Feb 17)
- Re: A rise Jon Lewis (Feb 17)
- Re: A rise Ryan Russell (Feb 17)
- Re: A rise Jeff Stutzman (Feb 18)
- Re: A rise Ryan Russell (Feb 19)
- Re: A rise Ryan Russell (Feb 19)
- Re: A rise Glenn Forbes Fleming Larratt (Feb 19)
- Re: A rise Jeff Stutzman (Feb 18)
- <Possible follow-ups>
- Re: A rise Leon Rosenstein (Feb 19)