Security Incidents mailing list archives
Re: msamba
From: noconflic <nocon () texas-shooters com>
Date: Tue, 22 Apr 2003 09:48:34 -0500
[change () dmzs com] Tue, Apr 22, 2003 at 05:20:00AM -0000 wrote:
Just in case anyone gets the great idea of downloading this tar.gz and check it out for themselves, beware! These binaries are infected with a variant of the linux.jac virus. If these binaries executed on your machine with root privs, you are hosed for 'plenty' of other reasons than just being rooted. Remember to always AV scan binaries obtained in the wild, and never examine binaries in an environment that you can't throw away(or reboot). use FIRE... http://fire.dmzs.com W
Another Tool that might help: http://packetstormsecurity.nl/trojans/vaccine.c - nocon ---------------------------------------------------------------------------- Attend Black Hat Briefings & Training Europe, May 12-15 in Amsterdam, the world's premier event for IT and network security experts. The two-day Training features 6 hand-on courses on May 12-13 taught by professionals. The two-day Briefings on May 14-15 features 24 top speakers with no vendor sales pitches. Deadline for the best rates is April 25. Register today to ensure your place. http://www.securityfocus.com/BlackHat-incidents ----------------------------------------------------------------------------
Current thread:
- msamba Steve Bromwich (Apr 21)
- Re: msamba Paulo Abrantes (Apr 21)
- Re: msamba William Salusky (Apr 22)
- Re: msamba noconflic (Apr 22)
- Re: msamba Nikola Pepelishev (Apr 22)
- Re: msamba Steve Bromwich (Apr 22)
- Re: msamba noconflic (Apr 23)
- Re: msamba Tobias Klein (Apr 25)
- Re: msamba noconflic (Apr 23)