Security Incidents mailing list archives

Re: Compromised FBSD/Apache

From: Jose Nazario <jose () monkey org>
Date: Mon, 25 Nov 2002 12:39:26 -0500 (EST)

On Fri, 22 Nov 2002, Thomas C. Meggs wrote:

Out of curiosity what is the Linux and Solaris equivalents for doing
this? I did a quick check under Linux and didn't see any similarly named
programs, and the UNIX Rosetta Stone wasn't much help either. Thanks!


almost every UNIX:      lsof, a third party application
IRIX 6.5 and later:     sockwatch, freely available

___________________________
jose nazario, ph.d.                     jose () monkey org
                                        http://www.monkey.org/~jose/


----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com

Current thread:

Compromised FBSD/Apache Greg S. Wirth (Nov 17)
- Re: Compromised FBSD/Apache Benjamin Krueger (Nov 19)
- Re: Compromised FBSD/Apache Greg A. Woods (Nov 19)
  - Re: Compromised FBSD/Apache Jay D. Dyson (Nov 21)
  - Re: Compromised FBSD/Apache Micheal Patterson (Nov 22)
    - Re: Compromised FBSD/Apache Thomas C. Meggs (Nov 25)
    - Re: Compromised FBSD/Apache Jose Nazario (Nov 25)
    - Re: [CERT] Re: Compromised FBSD/Apache ePAc (Nov 25)
    - Re: Compromised FBSD/Apache Adam Sampson (Nov 25)
    - Re: Compromised FBSD/Apache Skip Carter (Nov 25)
    - Re: Compromised FBSD/Apache Charles Blackburn (Nov 25)
- <Possible follow-ups>
- Re: Compromised FBSD/Apache Hernan Otero (Nov 20)
  - Re: Compromised FBSD/Apache D.C. van Moolenbroek (Nov 21)
  - increased attacks on port 2599 Esler, Joel -- Sytex Contractor (Nov 22)
    - Re: increased attacks on port 2599 H C (Nov 25)
    - RE: increased attacks on port 2599 Esler, Joel -- Sytex Contractor (Nov 25)
    - RE: increased attacks on port 2599 H C (Nov 25)

(Thread continues...)